Intrusion Exploit
Server: LiteSpeed
System: Linux cisadane.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: lenf4658 (1805)
PHP: 8.4.19
Disabled: NONE
$ pwd: /opt/alt/alt-nodejs19/root/lib/node_modules/npm/lib/utils/
Upload Files
File: //opt/alt/alt-nodejs19/root/lib/node_modules/npm/lib/utils/replace-info.js
const { cleanUrl } = require('npm-registry-fetch')
const isString = (v) => typeof v === 'string'

// split on \s|= similar to how nopt parses options
const splitAndReplace = (str) => {
  // stateful regex, don't move out of this scope
  const splitChars = /[\s=]/g

  let match = null
  let result = ''
  let index = 0
  while (match = splitChars.exec(str)) {
    result += cleanUrl(str.slice(index, match.index)) + match[0]
    index = splitChars.lastIndex
  }

  return result + cleanUrl(str.slice(index))
}

// replaces auth info in an array of arguments or in a strings
function replaceInfo (arg) {
  if (isString(arg)) {
    return splitAndReplace(arg)
  } else if (Array.isArray(arg)) {
    return arg.map((a) => isString(a) ? splitAndReplace(a) : a)
  }

  return arg
}

module.exports = replaceInfo
@ Telegram