161patternName = private_key_rsa
severity = critical
line = 161
matchedText = `,r)+1}r...--\r
161patternName = private_key_rsa
severity = critical
line = 161
matchedText = `,r)+1}r...--\r
166patternName = private_key_openssh
severity = critical
line = 166
matchedText = ${r}----...j}\r
174patternName = private_key_openssh
severity = critical
line = 174
matchedText = ${r}`}};...----
10(Did you mean one of ${n.join(", ")}?)`:n.length===1?`
L11: (Did you mean ${n[0]}?)`:""}d4.suggestSimilar=Tee});var y4=P(g4=>{var Oee=require("node:events").EventEmitter,eR=require("node:child_process"),oa=require("node:path"),tR=require("n...
L12: - specify the name in Command constructor or using .name()`);return r=r||{},r.isDefault&&(this._defaultCommandName=e._name),(r.noHelp||r.hidden)&&(e._hidden=!0),this._registerComma...
13Expecting one of '${n.join("', '")}'`);return this._lifeCycleHooks[e]?this._lifeCycleHooks[e].push(r):this._lifeCycleHooks[e]=[r],this}exitOverride(e){return e?this._exitCallback=e...
L14: - already used by option '${r.flags}'`)}this.options.push(e)}_registerCommand(e){let r=i=>[i.name()].concat(i.aliases()),n=r(e).find(i=>this._findCommand(i));if(n){let i=r(this._f...
L15: - if '${e._name}' is not meant to be an executable command, remove description parameter from '.command()' and use '.description()' instead
162[redacted]\r
L163: -----END PRIVATE KEY-----`,e=Buffer.from("a"),r,n;try{r=Sa.sign(null,e,t),n=Sa.verify(null,e,t,r)}catch{}return Buffer.isBuffer(r)&&r.length===64&&n===!0}return!1})(),Y3=typeof Sa....
L164: `);return e.length&63&&(r+=`
L165: `),`-----BEGIN ${t} KEY-----
L166: ${r}-----END ${t} KEY-----`}function bg(t,e){let r=Buffer.allocUnsafe(t.length+e.length);return r.set(t,0),r.set(e,t.length),r}function u1(t,e){let r=t.length,n=t._pos||0;for(let i...
L167: `),Wde=8192,Gde=1024,Z6=Buffer.from([je.GLOBAL_REQUEST,0,0,0,21,107,101,101,112,97,108,105,118,101,64,111,112,101,110,115,115,104,46,99,111,109,1]),zde=Buffer.from([P1.TTY_OP_END])...
...
L177: `),a+=D}{let q=h.pub.base64Slice(0,h.pub.length);c=`${h.sshName} ${q}${o?` ${o}`:""}`}return a+=`-----END OPENSSH PRIVATE KEY-----
L178: `,{private:a,public:c}}default:throw new Error("Invalid output key format")}}function Bhe(){}aH.exports={generateKeyPair:(t,e,r)=>{typeof e=="function"&&(r=e,e=void 0),typeof r!="f...
L179: `).join(`
HighSame File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
overwire.cjsView on unpkg · L162 156`?yield*this.pushCount(1):e==="\r"&&this.charAt(1)===`
L157: `?yield*this.pushCount(2):0}*pushSpaces(e){let r=this.pos-1,n;do n=this.buffer[++r];while(n===" "||e&&n===" ");let i=r-this.pos;return i>0&&(yield this.buffer.substr(this.pos,i),th...
L158: `)+1;for(;r!==0;)this.onNewLine(this.offset+r),r=this.source.indexOf(`
...
L160: `)+1;for(;r!==0;)this.onNewLine(this.offset+r),r=this.source.indexOf(`
L161: `,r)+1}return{type:e,offset:this.offset,indent:this.indent,source:this.source}}startBlockValue(e){switch(this.type){case"alias":case"scalar":case"single-quoted-scalar":case"double-...
L162: [redacted]\r
L163: -----END PRIVATE KEY-----`,e=Buffer.from("a"),r,n;try{r=Sa.sign(null,e,t),n=Sa.verify(null,e,t,r)}catch{}return Buffer.isBuffer(r)&&r.length===64&&n===!0}return!1})(),Y3=typeof Sa....
L164: `);return e.length&63&&(r+=`
L165: `),`-----BEGIN ${t} KEY-----
L166: ${r}-----END ${t} KEY-----`}function bg(t,e){let r=Buffer.allocUnsafe(t.length+e.length);return r.set(t,0),r.set(e,t.length),r}function u1(t,e){let r=t.length,n=t._pos||0;for(let i...
L167: `),Wde=8192,Gde=1024,Z6=Buffer.from([je.GLOBAL_REQUEST,0,0,0,21,107,101,
HighCommand Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
overwire.cjsView on unpkg · L156 173`;this.message=e===void 0?r:`${e}
L174: ${r}`}};var tfe=2**32,uj=(()=>{try{return new Function("return 2n ** 32n")()}catch{}})();Ig.ERR_OUT_OF_RANGE=class fj extends RangeError{constructor(e,r,n,i){super(),Error.captureS...
L175: `,c,l=Buffer.from(s?s.cipherName:"none"),u=Buffer.from(s?s.kdfName:"none"),d=s?s.kdfOptions:Buffer.alloc(0),f=s?s.cipher.blockLen:8,h=Mhe(t,e,r),m=iH(4),p=Buffer.from(o),y=8+h.priv...
LowEval
Package source references a known benign dynamic code generation pattern.
overwire.cjsView on unpkg · L173 1#!/usr/bin/env node
L2: "use strict";var gee=Object.create;var Hk=Object.defineProperty;var yee=Object.getOwnPropertyDescriptor;var vee=Object.getOwnPropertyNames;var wee=Object.getPrototypeOf,bee=Object....
L3: `).replace(/^/gm," ".repeat(s))}let l=[`Usage: ${r.commandUsage(e)}`,""],u=r.commandDescription(e);u.length>0&&(l=l.concat([r.wrap(u,i,0),""]));let d=r.visibleArguments(e).map(m=>a...
...
L10: (Did you mean one of ${n.join(", ")}?)`:n.length===1?`
L11: (Did you mean ${n[0]}?)`:""}d4.suggestSimilar=Tee});var y4=P(g4=>{var Oee=require("node:events").EventEmitter,eR=require("node:child_process"),oa=require("node:path"),tR=require("n...
L12: - specify the name in Command constructor or using .name()`);return r=r||{},r.isDefault&&(this._defaultCommandName=e._name),(r.noHelp||r.hidden)&&(e._hidden=!0),this._registerComma...
...
L72: `;return`${m}
L73: ${i}${h}`}else return`${f}${o}${d.join(" ")}${o}${h}`}function Fw({indent:t,options:{commentString:e}},r,n,i){if(n&&i&&(n=n.replace(/^\n+/,"")),n){let s=$w.indentComment(e(n),t);r....
L74: `:" ")}return xre.stringifyString({comment:t,type:e,value:a},n,i,s)}};Oq.binary=Ire});var Jw=P(Yw=>{"use strict";var Vw=Ot(),UR=sc(),Tre=Gr()
LowWeak Crypto
Package source references weak cryptographic algorithms.
overwire.cjsView on unpkg · L1