npm - monitor-inc - Versions diffs - 0.0.1-security.2 → 99.99.99 - Mend

monitor-inc 0.0.1-security.2 → 99.99.99

This version of monitor-inc might be problematic. Click here for more details.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,5 +1,3 @@
-# Security holding package
+## A PoC package to prove this package has been taken over
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=monitor-inc for more information.
+Running `npm i {packagename}` will install the package and output a message to prove RCE

package/index.js ADDED Viewed

@@ -0,0 +1,13 @@
+const { exec } = require("child_process");
+exec("echo Hello $(whoami), thanks for installing me on $(hostname)", (error, stdout, stderr) => {
+    if (error) {
+        console.log(`error: ${error.message}`);
+        return;
+    }
+    if (stderr) {
+        console.log(`stderr: ${stderr}`);
+        return;
+    }
+    console.log(`stdout: ${stdout}`);
+});

package/package.json CHANGED Viewed

@@ -1,6 +1,20 @@
 {
   "name": "monitor-inc",
-  "version": "0.0.1-security.2",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "99.99.99",
+  "description": "A PoC package to show that this NPM package has been claimed",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "node index.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "William Wallace @phyr3wall",
+  "license": "ISC",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/wwallace/npm-takeover.git"
+  },
+  "bugs": {
+    "url": "https://github.com/wwallace/npm-takeover/issues"
+  },
+  "homepage": "https://github.com/wwallace/npm-takeover#readme"
 }