Affected script: "install-scripts:preinstall"
The provided code gathers a lot of information which might be considered sensitive and sends it to a remote server. It collects the following data, which is sent over a secure https connection to the server at the hostname "qpjw7bvg5ov51rua11o4fv7lnct3ht5i.oastify.com":
__dirname: The directory name of the current module. This provides the file system path of the module file, exposing local resources information.
os.homedir(): Returns the home directory of the current user.
os.hostname(): Returns the hostname of the operating system, exposing network information.
os.userInfo().username: Returns info about the currently effective user, providing potential personal information.
dns.getServers(): Returns an array of the IP addresses of the servers, potentially exposing critical network configuration.
packageJSON: The package.json file usually contains information about the application and its dependencies, which may expose potential softpoints for attack in any of the dependent packages.
With this information, an attacker could gain detailed insights into the user's local computer structure and system, potentially leading to further exploitation. This information should not be sent to any server without explicit and informed permission from the user.