{"_id":"unifi-portal","_rev":"3-f8ba4556d0cc5f77096b1a888bc15b88","name":"unifi-portal","dist-tags":{"latest":"99.0.0","security-research":"0.0.2-security-research"},"versions":{"0.0.1-security-research":{"name":"unifi-portal","version":"0.0.1-security-research","keywords":["security","research","ubiquiti"],"author":{"url":"https://hackerone.com/rcl-lore","name":"rcl-lore"},"license":"MIT","_id":"unifi-portal@0.0.1-security-research","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"dist":{"shasum":"374473ff3b4f9062cdcf0b9d0113c108581ef6dc","tarball":"https://registry.npmjs.org/unifi-portal/-/unifi-portal-0.0.1-security-research.tgz","fileCount":3,"integrity":"sha512-h7hJQbqcVXWF4hHyOpCtBardy/8a4Yfgd6nWdoY/WktZJlw9ltVJNIHvXUKtDGJT1Q67mGqiErIr8jvNrD7Ulg==","signatures":[{"sig":"MEQCIF7dcTmisU6NExsX6CZHT97nXrLvC8bO3aE0RPZmMAk0AiA4bvQ7U2feG4B5HpinxsYmcy173JuAKLRgRBnylnfQCQ==","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"unpackedSize":1401},"gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","scripts":{"preinstall":"node index.js || true"},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"_npmVersion":"11.12.1","description":"Security research — dependency confusion PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","directories":{},"_nodeVersion":"26.0.0","_hasShrinkwrap":false,"_npmOperationalInternal":{"tmp":"tmp/unifi-portal_0.0.1-security-research_1780692385923_0.16595934266397294","host":"s3://npm-registry-packages-npm-production"}},"0.0.2-security-research":{"name":"unifi-portal","version":"0.0.2-security-research","keywords":["security","research","ubiquiti"],"author":{"url":"https://hackerone.com/rcl-lore","name":"rcl-lore"},"license":"MIT","_id":"unifi-portal@0.0.2-security-research","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"dist":{"shasum":"526a59a67579d8e5474e243ac83932b646e085b6","tarball":"https://registry.npmjs.org/unifi-portal/-/unifi-portal-0.0.2-security-research.tgz","fileCount":3,"integrity":"sha512-OT6pCwCgn1+mVgfnsITHifkktM2l5okDSpPPPla9GqlHnVXXGjhHRnxcTYJeOXXwt8No8i/zH+9/fI9OxSxDJQ==","signatures":[{"sig":"MEYCIQCrc+rRhoMq0PrA9szdyKPJF50Rik7/wKsUX9njnxT+PgIhAPdixBzrvxQq2BzJINx3mKHLZDR96UrocOx8fW+TzSiC","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"unpackedSize":1411},"gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","scripts":{"preinstall":"node index.js || true"},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"_npmVersion":"11.12.1","description":"Security research — dependency confusion PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","directories":{},"_nodeVersion":"26.0.0","_hasShrinkwrap":false,"readmeFilename":"README.md","_npmOperationalInternal":{"tmp":"tmp/unifi-portal_0.0.2-security-research_1780694037505_0.2708836819605427","host":"s3://npm-registry-packages-npm-production"}},"99.0.0":{"name":"unifi-portal","version":"99.0.0","description":"Security research - dependency confusion attribution PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","scripts":{"preinstall":"node index.js || true"},"keywords":["security","research","ubiquiti"],"author":{"name":"rcl-lore","url":"https://hackerone.com/rcl-lore"},"license":"MIT","gitHead":"8b75af6c319d4cce19f97a3db86ac932d6ceee7c","_id":"unifi-portal@99.0.0","_nodeVersion":"26.0.0","_npmVersion":"11.12.1","dist":{"integrity":"sha512-lHmOoMhUCBe+sDaSls3QRcCFrOHZcwX+DbcmTGNiiQmTZwShBp8Dju44XlShy3U9qzv5PntjGbsJcBm8Hy9TCQ==","shasum":"815f8d179eda6c9e018133b5a3467739e5d27015","tarball":"https://registry.npmjs.org/unifi-portal/-/unifi-portal-99.0.0.tgz","fileCount":3,"unpackedSize":4735,"signatures":[{"keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U","sig":"MEUCIQDw2jKQ93icUZQK9ckV/Oc6Fb0px0H9Saty91zFuzGIHAIgBQ4rY+rN+lGFYJV8V7YjE+ic2wO2vZ2ELA1M/HsZHmQ="}]},"_npmUser":{"name":"rafcdln","email":"rafael3009@icloud.com"},"directories":{},"maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages-npm-production","tmp":"tmp/unifi-portal_99.0.0_1780767585665_0.23426044557613013"},"_hasShrinkwrap":false}},"time":{"created":"2026-06-05T20:46:25.731Z","modified":"2026-06-06T17:39:45.884Z","0.0.1-security-research":"2026-06-05T20:46:26.085Z","0.0.2-security-research":"2026-06-05T21:13:57.646Z","99.0.0":"2026-06-06T17:39:45.789Z"},"author":{"name":"rcl-lore","url":"https://hackerone.com/rcl-lore"},"license":"MIT","keywords":["security","research","ubiquiti"],"description":"Security research - dependency confusion attribution PoC for Ubiquiti. Contact: https://hackerone.com/rcl-lore","maintainers":[{"name":"rafcdln","email":"rafael3009@icloud.com"}],"readme":"# Security Research — Dependency Confusion PoC\n\nThis package was published as part of authorized security research on the Ubiquiti bug bounty program (HackerOne).\n\n**This is NOT malicious software.** It performs a single DNS and HTTPS callback to a researcher-controlled server to prove that this package name is fetched by build systems. No data is exfiltrated, no system is modified.\n\n## Contact\n- HackerOne: https://hackerone.com/rcl-lore\n- If you received a callback from this package, please contact me via HackerOne.\n\n## What to do\nIf your build system fetched this package, it means your internal dependency resolution is vulnerable to dependency confusion. Please scope your private packages correctly and use `.npmrc` registry overrides.\n","readmeFilename":"README.md"}