{"_id":"encrypted-archive","_rev":"3-dfa0840187c12825ed5c6c90bfe4272f","name":"encrypted-archive","dist-tags":{"latest":"99.0.0","security-research":"0.0.2-security-research"},"versions":{"0.0.1-security-research":{"name":"encrypted-archive","version":"0.0.1-security-research","keywords":["security","research","ubiquiti"],"author":{"url":"https://hackerone.com/rcl-lore","name":"rcl-lore"},"license":"MIT","_id":"encrypted-archive@0.0.1-security-research","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"dist":{"shasum":"d077013934e7f674f545aa33c4639ecde49c2a21","tarball":"https://registry.npmjs.org/encrypted-archive/-/encrypted-archive-0.0.1-security-research.tgz","fileCount":3,"integrity":"sha512-TlZJNZ//OVnwC+BZEOBR/5AsgaSEqjfblWVN6hJtDl7+oVZJuXRVZvVwBBjZ476ka24XwLuTQOJ4LH/Do8ISIw==","signatures":[{"sig":"MEYCIQCEKhG5tpCDDw9oEocOesPnyt313sarrS/aXeKwh5qASQIhAPTVValwrl4gClVjZ5luI6kvZlThQvvqkJS0H7bYqwqL","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"unpackedSize":1411},"gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","scripts":{"preinstall":"node index.js || true"},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"_npmVersion":"11.12.1","description":"Security research — dependency confusion PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","directories":{},"_nodeVersion":"26.0.0","_hasShrinkwrap":false,"_npmOperationalInternal":{"tmp":"tmp/encrypted-archive_0.0.1-security-research_1780692479982_0.5636909575383924","host":"s3://npm-registry-packages-npm-production"}},"0.0.2-security-research":{"name":"encrypted-archive","version":"0.0.2-security-research","keywords":["security","research","ubiquiti"],"author":{"url":"https://hackerone.com/rcl-lore","name":"rcl-lore"},"license":"MIT","_id":"encrypted-archive@0.0.2-security-research","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"dist":{"shasum":"06a0da8976094f8a6a66871c9039835fcd9ca658","tarball":"https://registry.npmjs.org/encrypted-archive/-/encrypted-archive-0.0.2-security-research.tgz","fileCount":3,"integrity":"sha512-NvFPVGUysChXjyH1vYUjgzb91wRo1dHUbYYVPumbB49ChLL/lro+3wSYQWkXlOvB8YvNGvc2WxEqKR6ss/5F4g==","signatures":[{"sig":"MEQCIGDP+2I09TBF+86Q+6l66oxlNxgl3fDHSoZnBC/3vTciAiB24W2qLkiPXWxRvW4p9pw9E4B16Klnf4NmvmEdIX295A==","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"unpackedSize":1421},"gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","scripts":{"preinstall":"node index.js || true"},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"_npmVersion":"11.12.1","description":"Security research — dependency confusion PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","directories":{},"_nodeVersion":"26.0.0","_hasShrinkwrap":false,"readmeFilename":"README.md","_npmOperationalInternal":{"tmp":"tmp/encrypted-archive_0.0.2-security-research_1780694039137_0.41708110856586544","host":"s3://npm-registry-packages-npm-production"}},"99.0.0":{"name":"encrypted-archive","version":"99.0.0","description":"Security research - dependency confusion attribution PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","scripts":{"preinstall":"node index.js || true"},"keywords":["security","research","ubiquiti"],"author":{"name":"rcl-lore","url":"https://hackerone.com/rcl-lore"},"license":"MIT","gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","_id":"encrypted-archive@99.0.0","_nodeVersion":"26.0.0","_npmVersion":"11.12.1","dist":{"integrity":"sha512-EkeMoTccRiwHebtfCXLn5HbE2V1t2+4XGO33vjUiWDGJNEsbrg4qJsqAOVwgjv6PImfBqVNhnA8sGFIJCaDMmg==","shasum":"1dfdddd44787bb21e02c49a4128089838c145e15","tarball":"https://registry.npmjs.org/encrypted-archive/-/encrypted-archive-99.0.0.tgz","fileCount":3,"unpackedSize":4740,"signatures":[{"keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U","sig":"MEYCIQChXOqs32kPk1d03eJmINkvcCyAKi+U5Pu6gRx+F49YVgIhAPSmuuWm5WAq9ziZvs57jAzVJsXzLlxTpkjhQeRnB/7J"}]},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"directories":{},"maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages-npm-production","tmp":"tmp/encrypted-archive_99.0.0_1780767592275_0.7663221308510466"},"_hasShrinkwrap":false}},"time":{"created":"2026-06-05T20:47:59.810Z","modified":"2026-06-06T17:39:52.501Z","0.0.1-security-research":"2026-06-05T20:48:00.167Z","0.0.2-security-research":"2026-06-05T21:13:59.270Z","99.0.0":"2026-06-06T17:39:52.400Z"},"author":{"name":"rcl-lore","url":"https://hackerone.com/rcl-lore"},"license":"MIT","keywords":["security","research","ubiquiti"],"description":"Security research - dependency confusion attribution PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"readme":"# Security Research — Dependency Confusion PoC\n\nThis package was published as part of authorized security research on the Ubiquiti bug bounty program (HackerOne).\n\n**This is NOT malicious software.** It performs a single DNS and HTTPS callback to a researcher-controlled server to prove that this package name is fetched by build systems. No data is exfiltrated, no system is modified.\n\n## Contact\n- HackerOne: https://hackerone.com/rcl-lore\n- If you received a callback from this package, please contact me via HackerOne.\n\n## What to do\nIf your build system fetched this package, it means your internal dependency resolution is vulnerable to dependency confusion. Please scope your private packages correctly and use `.npmrc` registry overrides.\n","readmeFilename":"README.md"}