Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Browser-compatible API for interacting with JIIT (Jaypee Institute of Information Technology) WebPortal. Bypasses CAPTCHA :)
Because manually checking attendance is so 2010. Let's automate that anxiety!
A JavaScript wrapper that lets you programmatically interact with JIIT's web portal. Think of it as your personal assistant who actually enjoys dealing with the portal (weird, right?).
First, import our little miracle worker:
import { WebPortal } from './src/wrapper.js';
Then, let the magic begin:
// Create your portal buddy
const portal = new WebPortal();
// Login (fingers crossed!)
await portal.student_login('your_username', 'your_password');
// Check grades (maybe don't)
const gradeCardSems = await portal.get_semesters_for_grade_card();
const latestSem = gradeCardSems[0];
const grades = await portal.get_grade_card(latestSem);
// Check SGPA & CGPA
const sgpaCgpa = await w.get_sgpa_cgpa();
// Download marks for a semester
const marksSems = await w.get_semesters_for_marks();
const previousSem = marksSems[1];
const marks = await w.download_marks(previousSem);
// Get registered subjects & faculties for a semester
const registerdSems = await w.get_registered_semesters();
const latestSem = registerdSems[0];
const registeredSubjects = await w.get_registered_subjects_and_faculties(latestSem);
// Get Exam Schedule & Venue
const examSems = await w.get_semesters_for_exam_events();
const latestSem = examSems[0];
const examEvents = await w.get_exam_events(latestSem);
const examSchedule = await w.get_exam_schedule(examEvents[0]);
// Get Personal info like name, address ...
const personalInfo = await w.get_personal_info();
// Get attendance (prepare for disappointment)
const meta = await portal.get_attendance_meta();
const sem = meta.latestSemester();
const header = meta.latestHeader();
const attendance = await portal.get_attendance(header, sem);
// Get attendace for every class of a subject
const subjectIndex = 1;
let subjectid = attendance["studentattendancelist"][subjectIndex]["subjectid"];
let individualsubjectcode = attendance["studentattendancelist"][subjectIndex]["individualsubjectcode"];
const possibleComponentCodes = ["Lsubjectcomponentid", "Psubjectcomponentid", "Tsubjectcomponentid"]
let subjectcomponentids = [];
for (let possibleComponentCode of possibleComponentCodes) {
if (attendance["studentattendancelist"][subjectIndex][possibleComponentCode]) {
subjectcomponentids.push(attendance["studentattendancelist"][subjectIndex][possibleComponentCode]);
}
}
let subjectAttendance = await w.get_subject_daily_attendance(sem, subjectid, individualsubjectcode, subjectcomponentids);
FAQs
Browser-compatible API for interacting with JIIT (Jaypee Institute of Information Technology) WebPortal. Bypasses CAPTCHA :)
The npm package jsjiit receives a total of 12 weekly downloads. As such, jsjiit popularity was classified as not popular.
We found that jsjiit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.