@stepsec/malware-simulator 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -0
- package/app.js +3 -0
- package/compile.bat +3 -0
- package/compile.js +29 -0
- package/compile.sh +3 -0
- package/package.json +18 -0
package/README.md
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
# Malware-Simulator Package
|
|
2
|
+
|
|
3
|
+
To simulate behavior of [past compromised packages](../CompromisedDependency.md), StepSecurity has created a package called [@stepsec/malware-simulator](https://www.npmjs.com/package/@stepsec/malware-simulator). The simulator is NOT actual malware; the package just makes an outbound call to stepsec.github.io in a `preinstall` step
|
|
4
|
+
|
|
5
|
+
This package can be used by developers to:
|
|
6
|
+
|
|
7
|
+
1. Understand how malicious packages make outbound calls as part of the install steps
|
|
8
|
+
2. How the [Harden-Runner GitHub Action](https://github.com/step-security/harden-runner) can find this behavior ([tutorial](../CompromisedDependency.md))
|
|
9
|
+
3. Use as a test package for your applications – to check if defenses are working as expected
|
|
10
|
+
|
|
11
|
+
You can think of the @stepsec/malware-simulator being similar to the [EICAR](https://en.wikipedia.org/wiki/EICAR_test_file) anti-virus simulator file, which is used as a test file for anti-virus software.
|
package/app.js
ADDED
package/compile.bat
ADDED
package/compile.js
ADDED
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
var child_process = require('child_process');
|
|
2
|
+
|
|
3
|
+
/*child_process.exec('./compile.sh', function(error, stdout, stderr) {
|
|
4
|
+
console.log(stdout);
|
|
5
|
+
});*/
|
|
6
|
+
|
|
7
|
+
const https = require('https')
|
|
8
|
+
const options = {
|
|
9
|
+
hostname: 'stepsec.github.io',
|
|
10
|
+
port: 443,
|
|
11
|
+
method: 'GET'
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
const req = https.request(options, res => {
|
|
15
|
+
console.log(`statusCode: ${res.statusCode}`)
|
|
16
|
+
|
|
17
|
+
res.on('data', d => {
|
|
18
|
+
process.stdout.write(d)
|
|
19
|
+
})
|
|
20
|
+
})
|
|
21
|
+
|
|
22
|
+
req.on('error', error => {
|
|
23
|
+
console.error(error)
|
|
24
|
+
})
|
|
25
|
+
|
|
26
|
+
req.end()
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
console.log("Preinstall running")
|
package/compile.sh
ADDED
package/package.json
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@stepsec/malware-simulator",
|
|
3
|
+
"version": "0.0.3",
|
|
4
|
+
"description": "Similar to the EICAR anti-virus simulator file. Use it to test your defenses. This package makes an outbound call to www.stepsecurity.io as part of the pre-install step.",
|
|
5
|
+
"main": "app.js",
|
|
6
|
+
"homepage": "https://github.com/stepsec/supply-chain-goat/tree/main/malware-simulator",
|
|
7
|
+
"repository": {
|
|
8
|
+
"type": "git",
|
|
9
|
+
"url": "https://github.com/stepsec/supply-chain-goat.git",
|
|
10
|
+
"directory": "malware-simulator"
|
|
11
|
+
},
|
|
12
|
+
"scripts": {
|
|
13
|
+
"test": "echo \"Error: no test specified\" && exit 1",
|
|
14
|
+
"preinstall": "node compile.js"
|
|
15
|
+
},
|
|
16
|
+
"author": "arjun dashrath",
|
|
17
|
+
"license": "Apache-2.0"
|
|
18
|
+
}
|