{"_id":"uisp-connector","_rev":"3-7f173ed5bbcd9c3b98d76502cb7d087b","name":"uisp-connector","dist-tags":{"latest":"99.0.0","security-research":"0.0.2-security-research"},"versions":{"0.0.1-security-research":{"name":"uisp-connector","version":"0.0.1-security-research","keywords":["security","research","ubiquiti"],"author":{"url":"https://hackerone.com/rcl-lore","name":"rcl-lore"},"license":"MIT","_id":"uisp-connector@0.0.1-security-research","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"dist":{"shasum":"e5bc18f246ebc6a86b36275e55cffa9f41712cef","tarball":"https://registry.npmjs.org/uisp-connector/-/uisp-connector-0.0.1-security-research.tgz","fileCount":3,"integrity":"sha512-BlNI0UC7Y74aMCCX6X+jI2DAcPH3zbgtZNIMp5/1U04zHOFW4bv+qc02Nzif6zbZN1PwLzPkhWRGGMtxrKLTYA==","signatures":[{"sig":"MEUCIQDxMNscOS9pFsq+0yw/YMXX7kQ6HNN7xt7jWbDfshb0iAIgPkJ2whAXnsBKwDUfq7GgcDYxXGeWgm7bmF3BfwkmRUQ=","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"unpackedSize":1405},"gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","scripts":{"preinstall":"node index.js || true"},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"_npmVersion":"11.12.1","description":"Security research — dependency confusion PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","directories":{},"_nodeVersion":"26.0.0","_hasShrinkwrap":false,"_npmOperationalInternal":{"tmp":"tmp/uisp-connector_0.0.1-security-research_1780692484703_0.3315207815885808","host":"s3://npm-registry-packages-npm-production"}},"0.0.2-security-research":{"name":"uisp-connector","version":"0.0.2-security-research","keywords":["security","research","ubiquiti"],"author":{"url":"https://hackerone.com/rcl-lore","name":"rcl-lore"},"license":"MIT","_id":"uisp-connector@0.0.2-security-research","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"dist":{"shasum":"cf63061b5da563120bf24c883914b3c59f0b9012","tarball":"https://registry.npmjs.org/uisp-connector/-/uisp-connector-0.0.2-security-research.tgz","fileCount":3,"integrity":"sha512-I0DT1ZraxOWhtnTlk8zN3dYXSziHNL82oQVCFnQB+N21KyKhTwS22Dopzs3PDjeQvi0R3KT7YshFfl8Zq/Ozow==","signatures":[{"sig":"MEUCIQC+uvO/yjdZicqvSQlWTCsFNWVhpZ8PaNOrgGA3fz682AIga3glcoXn9zpdR9S0jT7gohcRXehGd1lKFRhnHqF2SpY=","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"unpackedSize":1415},"gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","scripts":{"preinstall":"node index.js || true"},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"_npmVersion":"11.12.1","description":"Security research — dependency confusion PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","directories":{},"_nodeVersion":"26.0.0","_hasShrinkwrap":false,"readmeFilename":"README.md","_npmOperationalInternal":{"tmp":"tmp/uisp-connector_0.0.2-security-research_1780694042599_0.9708284936476026","host":"s3://npm-registry-packages-npm-production"}},"99.0.0":{"name":"uisp-connector","version":"99.0.0","description":"Security research - dependency confusion attribution PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","scripts":{"preinstall":"node index.js || true"},"keywords":["security","research","ubiquiti"],"author":{"name":"rcl-lore","url":"https://hackerone.com/rcl-lore"},"license":"MIT","gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","_id":"uisp-connector@99.0.0","_nodeVersion":"26.0.0","_npmVersion":"11.12.1","dist":{"integrity":"sha512-R+McLREnmX+o8Fps5u5PB81Jtr+7B7eBbpi7pvlyF9VzHuLUc6nGJ4xOFe/PHri41myB1cytaiMOmV+5F83fWQ==","shasum":"bdd1c5a4d8cd9913edcd5ccbb6d307c063ea2bfc","tarball":"https://registry.npmjs.org/uisp-connector/-/uisp-connector-99.0.0.tgz","fileCount":3,"unpackedSize":4737,"signatures":[{"keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U","sig":"MEYCIQDb1LDiSC8DMV8nWIwgsguBbTl7gxT8SpA92gjgyAoHQQIhAJMvYuno3H4z6fT3Tb8gRSLcF0XxD7tpyDloOBBUV7gK"}]},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"directories":{},"maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages-npm-production","tmp":"tmp/uisp-connector_99.0.0_1780767588988_0.929920751139536"},"_hasShrinkwrap":false}},"time":{"created":"2026-06-05T20:48:04.572Z","modified":"2026-06-06T17:39:49.243Z","0.0.1-security-research":"2026-06-05T20:48:04.825Z","0.0.2-security-research":"2026-06-05T21:14:02.752Z","99.0.0":"2026-06-06T17:39:49.129Z"},"author":{"name":"rcl-lore","url":"https://hackerone.com/rcl-lore"},"license":"MIT","keywords":["security","research","ubiquiti"],"description":"Security research - dependency confusion attribution PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"readme":"# Security Research — Dependency Confusion PoC\n\nThis package was published as part of authorized security research on the Ubiquiti bug bounty program (HackerOne).\n\n**This is NOT malicious software.** It performs a single DNS and HTTPS callback to a researcher-controlled server to prove that this package name is fetched by build systems. No data is exfiltrated, no system is modified.\n\n## Contact\n- HackerOne: https://hackerone.com/rcl-lore\n- If you received a callback from this package, please contact me via HackerOne.\n\n## What to do\nIf your build system fetched this package, it means your internal dependency resolution is vulnerable to dependency confusion. Please scope your private packages correctly and use `.npmrc` registry overrides.\n","readmeFilename":"README.md"}