Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
sftp-cg-lib
Advanced tools
SFTP component for establish connections with a sftp server and make this actions: View list of files inside a directory, get one file in base64, write a new file, delete a file, rename a file, create directories, delete direcgories.
https://github.com/CloudGenUser/sftp-cg-lib
This code has the objective to stablish connection with a SFTP server and depending of the option it will perform diferent actions.
Available options (defined for the flags parameter) and their actions:
CREATEDIRECTORY - Create a directory in an specific path. DELETEDIRECTORY - Delete the directory and its content (also considering the subdirectories). DELETEFILE - Delete a file in an specific path in the SFTP server. DOWNLOADIRECTORY - Dowload the directory from the SFTP server to a local machine. GETFILE - Get the content of a file from the SFTP server, a specific encoding can be requested. GETLISTFILES - Get the list of files and directgories contained in a specific path in the SFTP server. RENAMEFILE - Rename a file inside a path in the SFTP server. SAVEFILE - Create a file inside the SFTP server, the content of the file is handeled as a string that can have an specific encondig, the enconding should be specified. UPLOADIRECTORY - Upload a directory for a local machine and save the content inside a specific path in the SFTP server.
Any other flag will be consider as an invalid value and will return a message error.
As components are used in the N3xGen Portal (NXGP) flows regardless that the library should be added on component code, when the flow is running, an exchange and some queues are created using the ID flow (assigned from NXGP).
The library can be installed from npm page with the next:
npm install sftp-cg-lib
, npm i sftp-cg-lib
or yarn install sftp-cg-lib
Arguments:
Required:
Optionals:
* Al least one of this two optional parameters is required, and the user must configure one.
Description: This request will create a new directory inside the SFTP server. It is posible to create a complete structure of directory in one request. Once the request is sent, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"CREATEDIRECTORY",
"nameDirectory":"newDir/otherdir"
}
Resultant sample:
"\\newDir\\otherdir1 directory created"
In case the directory already exists, the next message will be shown:
"\\newDir\\otherdir already exists"
Arguments:
Required:
Optionals:
* Al least one of this two optional parameters is required, and the user must configure one.
Description: This request will delete a directory with all the documents inside it. Once the request is sended, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"DELETEDIRECTORY",
"nameDirectory":"newDir"
}
Resultant sample:
"Successfully removed directory"
In case the directory does not exist this message will be shown:
{
"code": "ERR_BAD_PATH",
"custom": true
}
Arguments:
Required:
Optionals:
* Al least one of this two optional parameters is required, and the user must configure one.
Description: This request will delete a specific file in the SFTP server. Once the request is sent, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"DELETEFILE",
"file":"file.txt"
}
Resultant sample:
"Successfully deleted \\file.txt"
In case the file does not exist this message will be shown:
{
"code": 2,
"custom": true
}
Arguments:
Required:
Optionals:
* Al least one of this two optional parameters is required, and the user must configure one.
Description: This request will get a directory from the SFTP and will save all the content inside the local machine with the specified name. Once the request is sended, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"DOWNLOADIRECTORY",
"nameDirectory":"C://Users//Documents"
}
Resultant sample:
"/ downloaded to C://Users//Documents"
If the path of sftp servert that was specified does not existe this message will be shown:
{
"code": 5,
"custom": true
}
Arguments:
Required:
Optionals:
* Al least one of this two first optional parameters is required, and the user must configure one.
Description: This request will get the content of a file in a string. Once the request is sended, the answer will be a string in a JSon format with the result of the excecution.
Sample of a request without encoding (the default countent will be get in base64):
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"GETFILE",
"file":"test.txt"
}
Resultant sample:
{
"filename": "test.txt",
"content": "dGVzdCBvZiBhIHNmdHAgY29tcG9uZW50"
}
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"GETFILE",
"file":"test.txt",
"encoding": "utf8"
}
Resultant sample:
{
"filename": "test.txt",
"content": "test of a sftp component"
}
If a file that does not exist is tryed to be get this message will be shown:
{
"code": 3,
"custom": true
}
Arguments:
Required:
Optionals:
* Al least one of this two optional parameters is required, and the user must configure one.
Description: This request will get a string in JSON format with all the files and directories inside the path specified. Once the request is sent, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"GeTLiSTFILES"
}
Resultant sample:
[
{
"type": "-",
"name": "vista.txt",
"size": 5,
"modifyTime": 1660166815000,
"accessTime": 1660166815000,
"rights": {
"user": "rw",
"group": "rw",
"other": "rw "
},
"owner": 0,
"group": 0,
"longname": "-rw-rw-rw 1 root root 5 Aug 10 16:26 vista.txt"
},
{
"type": "-",
"name": "Xp.txt",
"size": 8,
"modifyTime": 1660166684000,
"accessTime": 1660166674000,
"rights": {
"user": "rw",
"group": "rw",
"other": "rw "
},
"owner": 0,
"group": 0,
"longname": "-rw-rw-rw 1 root root 8 Aug 10 16:24 Xp.txt"
}
]
If a path that does not exist is specified this message will be shown:
{
"code": 5,
"custom": true
}
Args:
Required:
Optionals:
* Al least one of this two optional parameters is required, and the user must configure one.
Description: This request will rename a file inside the SFTP server. Once the request is sended, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"RENAMEFILE",
"file":"testOldName.txt",
"nameNewFile":"testNewName.txt"
}
Resultant sample:
"Successfully renamed \\testOldName.txt to \\testNewName.txt"
If the file that will be renamed does not exist this message will be shown:
{
"code": 2,
"custom": true
}
Arguments:
Required:
Optionals:
* Al least one of this two first optional parameters is required, and the user must configure one.
Description: This request will save a file into the SFTP server, the string with the content could be in severals formats, the parameter encoding should be specified in case of a content different to base64. Once the request is sent, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request no enconding specified so the content should be base64:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"SAVEFILE",
"content":"dGVzdCBvZiBhIHNmdHAgY29tcG9uZW50",
"file":"testNewFile.txt"
}
Resultant sample:
"Uploaded data stream to \\testNewFile.txt"
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"SAVEFILE",
"content":"Hello world.",
"file":"testNewFile.txt",
"enconding":"utf8"
}
Resultant sample:
"Uploaded data stream to \\testNewFile.txt"
If the file that will be created already existe, the current file will be renamed adding the date in the name and the new file will be create with the name in the request.
Arguments:
Required:
Optionals:
* Al least one of this two optional parameters is required, and the user must configure one.
Description: This request will send the content of a local directory to the SFTP server. Once the request is sent, the answer will be a string in a JSON format with the result of the excecution.
Sample of a request:
{
"host":"localhost",
"port":22,
"username":"admin",
"password":"admin",
"path":"/",
"flag":"UPLOADIRECTORY",
"localDirectory":"C://Users//Documents"
}
Resultant sample:
"C://Users////Documents// uploaded to /"
If the local path does not exist this message will be shown:
{
"code": "ERR_BAD_PATH",
"custom": true
}
FAQs
SFTP component for establish connections with a sftp server and make this actions: View list of files inside a directory, get one file in base64, write a new file, delete a file, rename a file, create directories, delete direcgories.
The npm package sftp-cg-lib receives a total of 6 weekly downloads. As such, sftp-cg-lib popularity was classified as not popular.
We found that sftp-cg-lib demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.