marker/guarddog-nexus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
guarddog-nexus/examples/evil-go/main.go
Marker689 11ce9802e9 feat: примеры вредоносных пакетов + E2E-тест + документация 
- examples/evil-pypi/: exec-base64, shady-links, code-execution, dll-hijacking
- examples/evil-npm/: eval, Buffer(base64), shady-links
- examples/evil-go/: exec+base64, shady-links
- examples/trigger-scans.sh: сборка архивов + Docker cp + вебхуки + проверка
- README.md + README.en.md: секция E2E-тестирования с curl-примерами
- E2E пройден: pypi(2 findings), npm(1), go(1) — все flagged
2026-05-10 13:13:36 +03:00

27 lines
509 B
Go
Raw Permalink Blame History

// GuardDog will flag: go-exec-base64, shady-links
package main
import (
"encoding/base64"
"fmt"
"net/http"
"os/exec"
)
func main() {
// base64-encoded execution
encoded := "cHJpbnRmKGlvLmlvdXRsLCJIZWxsbyIp"
decoded, _ := base64.StdEncoding.DecodeString(encoded)
cmd := exec.Command("sh", "-c", string(decoded))
cmd.Run()
// shady-links: suspicious HTTP call
resp, err := http.Get("http://evil.example.com/beacon")
if err == nil {
defer resp.Body.Close()
fmt.Println("beacon sent")
}
}
Reference in New Issue View Git Blame Copy Permalink