joepie91

Video Downloader professional kmdldgcmokdpmacblnehppgkjphcbpnn background.js

NOTE: This is a fork of the original Gist, with the code made more readable, and additional analysis added.

This is the source of background.js for a now-unpublished Chrome extension called "Video Downloader professional" (ID kmdldgcmokdpmacblnehppgkjphcbpnn, since then replaced with another "Video Downloader professional" (ID bacakpdjpomjaelpkpkabmedhkoongbi). This script is republished here for educational / research purposes. It has initially been extracted from the extension’s archive available as v2.4 on https://www.crx4chrome.com/.

Why is this interesting?

The extension has appeared in malware discussions in the past. Its replacement of Video downloader professional "bacakpdjpomjaelpkpkabmedhkoongbi" seems related t

joepie91

query = select("projects", anyOf([
	where(anyOf([{
		number_one: niceNumbers,
		number_two: niceNumbers
	}, {
		number_three: anyOf([ 42, column("number_one") ]),
		number_four: moreThan(1337)
	}]))
]));

joepie91

"use strict";

const Promise = require("bluebird");
const AWS = require("aws-sdk");
AWS.config.update({ region: "eu-central-1" });

module.exports = function createRDSInstance(identifier) {
  let rds = new AWS.RDS();
  
  return Promise.try(() => {

joepie91

// file: serial.js

const SerialPort = require('serialport')

module.exports = function() {
  const port = SerialPort('path/to/serial/port')
  const e = new events.EventEmitter()

  // listen for incoming serial data
  port.on('data', function (data) {

joepie91

const ChartjsNode = require('chartjs-node');
// 600x600 canvas size
var chartNode = new ChartjsNode(600, 600);
var randomnumber=Math.random();
var imagename = "testimage"+randomnumber+".png"
module.exports = imagename

// each api returns a Promise
chartNode.drawChart({
        type: 'bar',

joepie91

/// Handler for /travel/{url}
module.exports.travel = (event, context, callback) => {
  // Get the url from the resource path.
  // Get the html.
  // Turn it into a successful request.
  // Attach the Node.js callback onto the end.

  return Promise.try(() => {
    return getURLFromPath(event.path);
  }).then((url) => {

joepie91

'use strict';

const _ = require('lodash');

module.exports = (permissions, requiredPermissions) => {
  if (!_.isPlainObject(requiredPermissions)) {
    throw new TypeError('`requiredPermissions` is not an object');
  } else if (!_.isPlainObject(permissions)) {
    throw new TypeError('`permissions` is not an object');
  } else {

joepie91

var resultTemplate = "" +
"    <ul class='searchList'>" +
"        <% _.each(paymentActions,function(paymentActivity){ %>" +
"            <li><span class='amount visible-phone'>-<%= paymentActivity.grossAmount %></span>" +
"            </li>" +
"        <% }); %>" +
"    </ul>";


var template = _.template(resultTemplate, {

joepie91

var Promise = require('bluebird');
var rdb = Promise.promisify(require('rethinkdb'));

module.exports = function(config) {
    return {
        connectToDb: function(){
            return Promise.try(() => {
                return rdb.connect(config);
            });
        }

joepie91

const basename = require('basename');
const Promise = require('bluebird');

const globAsync = Promise.promisify(require('glob'));

const dir = 'a';

function galleryListPromise() {
  return Promise.try( () => {
    return globAsync("gallery/*/", {})