multiply-by-two
Multiply By Two
Warning, this module has malicious behaviour. Read first.
This is a demonstration module used in my blog post on malicious node modules. If you import this module, it will return a function which multiplies a number by two. Additionally, it will attempt to hijack express in a manner that adds a malicious payload to every request which intercepts stripe's client side library. See the blog post for more details.
This code is explicitly designed to not be very copy-and-paste portable, and will likely fail when imported into a project that doesn't behave exactly the same as the companion repository for this project.
Although the payload is harmless and will only trigger an alert statement, please do not install this module unless you have evaluated it first and understand its behaviour. This exists on npm solely for research purposes as part of the companion repository, not for malicious usage.
Use this within your firewall
Combine open-source packages with your private code and publish to a private registry behind the firewall. npm ♥ enterprise developers
-
chrisfosterelli published 2017-03-15T19:18:36.053Z
- 1.0.2 is the latest of 3 releases
- github.com/chrisfosterelli/multiply-by-two
-
MIT
®
Collaborators list
Stats
- 0 downloads in the last day
- 0 downloads in the last week
- 4 downloads in the last month
- Have an issue? File it.
Try it out
Keywords
None
Dependencies
None