Skip to content

Instantly share code, notes, and snippets.

@leggomuhgreggo
Last active February 29, 2020 18:34
Show Gist options
  • Save leggomuhgreggo/22940516c45b821e42d34bc0277fe169 to your computer and use it in GitHub Desktop.
Save leggomuhgreggo/22940516c45b821e42d34bc0277fe169 to your computer and use it in GitHub Desktop.
Command to grep spoofed package names from hacktask npm user
find . -name "package.json" -exec grep -nwE 'babelcli|crossenv|cross-env.js|d3.js|fabric-js|ffmepg|gruntcli|http-proxy.js|jquery.js|mariadb|mongose|mssql.js|nodecaffe|nodefabric|node-fabric|nodeffmpeg|nodemailer-js|nodemailer.js|nodemssql|node-opencv|node-opensl|node-openssl|noderequest|nodesass|nodesqlite|node-sqlite|node-tkinter|opencv.js|openssl.js|proxy.js|shadowsock|smb|sqlite.js|sqliter|sqlserver|tkinter' {} +
@basemath
Copy link

basemath commented Aug 3, 2017

For Windows users (regular cmd, non-powershell)

npm ls | find "babelcli crossenv cross-env.js d3.js fabric-js ffmepg gruntcli http-proxy.js jquery.js mariadb mongose mssql.js mssql-node mysqljs nodecaffe nodefabric node-fabric nodeffmpeg nodemailer-js nodemailer.js nodemssql node-opencv node-opensl node-openssl noderequest nodesass nodesqlite node-sqlite node-tkinter opencv.js openssl.js proxy.js shadowsock smb sqlite.js sqliter sqlserver tkinter"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment