security-gem 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +2 -1
  3. data/Gemfile.lock +1 -1
  4. data/lib/security/gem/builder.rb +4 -4
  5. data/lib/security/gem/version.rb +1 -1
  6. data/lib/security/gem.rb +0 -5
  7. data/lib/security/test.rb +7 -0
  8. data/payloads.txt +1826 -0
  9. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6edb94cc1e01b1cafa41c80efb2757beea865b8b08323294a62b0e173e376eae
4
- data.tar.gz: a541e237ef277663cdbd4983df66b96335e59807581f696600cfbdc6996ceb8b
3
+ metadata.gz: 5a26fb66b43cfdd016ff96a3a4ed93ae3d081415b64b18e71d54af3f34d56846
4
+ data.tar.gz: 6bee7e2b0bcb7f26af85231acb44ebdce7aeab9341b2ab356de1b42dd699b346
5
5
  SHA512:
6
- metadata.gz: 1fbda697f1b85d8ecbff4bffb359b703f5465af87c625f3c8e87aed0d431f7b4b11c67c8018c5eb89a69f4d33fa4bb1857a5de6d011ef8d153166a70e4462d9f
7
- data.tar.gz: a11f2331724910658bac30a8880555762c3149509aa483fb01718a208e02e64a329ff6b7b2e6db79045cf4b9d653e3086927602363a216f33d76507db66e2929
6
+ metadata.gz: 95874177dc445745fb5568d61cd2a3e82c4eab9c84b7d37a9493ce0536f2e9d3ccb6375887110045c2858c317175e98d247116d58648bd4674490f0362a2685c
7
+ data.tar.gz: d261adc97b689f58ad7014a3008dcee56dea8afd432cf1076962f8c256e3f0799221166cea1739985cfb4c42051d07e68031ebcbf55553abda6b623a8b166c6d
data/.gitignore CHANGED
@@ -6,4 +6,5 @@
6
6
  /pkg/
7
7
  /spec/reports/
8
8
  /tmp/
9
- *.gem
9
+ *.gem
10
+ .env
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- security-gem (0.1.1)
4
+ security-gem (0.1.2)
5
5
 
6
6
  GEM
7
7
  remote: https://rubygems.org/
data/lib/security/gem/builder.rb CHANGED
@@ -3,8 +3,8 @@ require 'logger'
3
3
  require 'logger/formatter'
4
4
  require 'net/http'
5
5
  require 'open-uri'
6
-
7
-
6
+ require 'dotenv'
7
+ Dotenv.load
8
8
 
9
9
  module SecurityLogger
10
10
 
@@ -25,12 +25,12 @@ module SecurityLogger
25
25
  }.to_json + $/
26
26
  end
27
27
 
28
- error = {:input => input}
28
+ error = {:input => input, :ip_origin => request.ip}
29
29
  logger.warn(JSON.parse(error.to_json))
30
30
  end
31
31
 
32
32
  def check_input(input)
33
- uri = "https://raw.githubusercontent.com/tuckerweibell/security-gem/main/payloads.txt"
33
+ uri = ENV['PATH_TO_PAYLOAD']
34
34
  uri = URI(uri)
35
35
  file = Net::HTTP.get(uri)
36
36
  file.each_line do |file|
data/lib/security/gem/version.rb CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Security
4
4
  module Gem
5
- VERSION = "0.1.1"
5
+ VERSION = "0.1.2"
6
6
  end
7
7
  end
data/lib/security/gem.rb CHANGED
@@ -2,7 +2,6 @@
2
2
 
3
3
  require_relative "gem/version"
4
4
  require_relative "gem/builder"
5
- require 'socket'
6
5
 
7
6
  module Security
8
7
  module Gem
@@ -10,7 +9,3 @@ module Security
10
9
  end
11
10
  end
12
11
 
13
- input = "delete"
14
-
15
- SecurityLogger::Sql_Injection.new().check_input(input)
16
-
data/lib/security/test.rb ADDED
@@ -0,0 +1,7 @@
1
+ require_relative "gem/builder"
2
+
3
+ # Sample SQL input
4
+ input = "or 1=1"
5
+
6
+ # Using the gem to log injection attempts
7
+ SecurityLogger::Sql_Injection.new().check_input(input)