swack 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/bin/swack +64 -0
- metadata +46 -0
data/bin/swack
ADDED
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
#!/usr/bin/env ruby
|
|
2
|
+
# swack - the security swiss army knife | @jimio
|
|
3
|
+
# much of this code lifted from docs and examples
|
|
4
|
+
|
|
5
|
+
require 'base64'
|
|
6
|
+
require 'digest'
|
|
7
|
+
require 'net/http'
|
|
8
|
+
require 'net/https'
|
|
9
|
+
|
|
10
|
+
# a few usually-useful strings for security folks
|
|
11
|
+
useful_stuff = "
|
|
12
|
+
<script>alert(document.domain);</script>
|
|
13
|
+
<img src='x' onerror='alert(document.domain);'>
|
|
14
|
+
javascript:alert(document.domain)
|
|
15
|
+
|
|
16
|
+
#{Time.now.utc}
|
|
17
|
+
#{Time.now}
|
|
18
|
+
\n"
|
|
19
|
+
|
|
20
|
+
if ARGV.length == 0
|
|
21
|
+
puts useful_stuff
|
|
22
|
+
abort
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
target = ARGV[0]
|
|
26
|
+
|
|
27
|
+
# dump a whole bunch of helpful encoding-type stuff
|
|
28
|
+
puts "Base64 encode: #{Base64.encode64 target}"
|
|
29
|
+
puts "Base64 decode: #{Base64.decode64 target}"
|
|
30
|
+
puts "MD5: #{Digest::MD5.hexdigest target}"
|
|
31
|
+
puts "SHA1: #{Digest::SHA1.hexdigest target}"
|
|
32
|
+
puts "SHA2: #{Digest::SHA2.hexdigest target}"
|
|
33
|
+
|
|
34
|
+
# if it's a URL, party on
|
|
35
|
+
def fetch(url)
|
|
36
|
+
uri = URI.parse(url)
|
|
37
|
+
if !uri.is_a?(URI::HTTP)
|
|
38
|
+
return
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
http = Net::HTTP.new(uri.host, uri.port)
|
|
42
|
+
http.use_ssl = (http.port == 443)
|
|
43
|
+
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
|
44
|
+
header =
|
|
45
|
+
{'User-Agent' => "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)"}
|
|
46
|
+
|
|
47
|
+
request = Net::HTTP::Get.new(uri.request_uri, header)
|
|
48
|
+
res = http.request(request)
|
|
49
|
+
|
|
50
|
+
case res
|
|
51
|
+
when Net::HTTPSuccess then
|
|
52
|
+
puts "#{res.code}: #{url}"
|
|
53
|
+
when Net::HTTPRedirection then
|
|
54
|
+
redirect = res['location']
|
|
55
|
+
puts "#{res.code}: #{url}"
|
|
56
|
+
fetch redirect
|
|
57
|
+
else
|
|
58
|
+
puts "#{res.code}: #{url}"
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
fetch target
|
|
63
|
+
|
|
64
|
+
exit
|
metadata
ADDED
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: swack
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
prerelease:
|
|
6
|
+
platform: ruby
|
|
7
|
+
authors:
|
|
8
|
+
- jim oleary
|
|
9
|
+
autorequire:
|
|
10
|
+
bindir: bin
|
|
11
|
+
cert_chain: []
|
|
12
|
+
date: 2011-09-09 00:00:00.000000000 Z
|
|
13
|
+
dependencies: []
|
|
14
|
+
description: swack - the security swiss army knife
|
|
15
|
+
email: github@jimio.com
|
|
16
|
+
executables:
|
|
17
|
+
- swack
|
|
18
|
+
extensions: []
|
|
19
|
+
extra_rdoc_files: []
|
|
20
|
+
files:
|
|
21
|
+
- bin/swack
|
|
22
|
+
homepage: http://jimio.com
|
|
23
|
+
licenses: []
|
|
24
|
+
post_install_message:
|
|
25
|
+
rdoc_options: []
|
|
26
|
+
require_paths:
|
|
27
|
+
- lib
|
|
28
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
29
|
+
none: false
|
|
30
|
+
requirements:
|
|
31
|
+
- - ! '>='
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: '0'
|
|
34
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
35
|
+
none: false
|
|
36
|
+
requirements:
|
|
37
|
+
- - ! '>='
|
|
38
|
+
- !ruby/object:Gem::Version
|
|
39
|
+
version: '0'
|
|
40
|
+
requirements: []
|
|
41
|
+
rubyforge_project:
|
|
42
|
+
rubygems_version: 1.8.24
|
|
43
|
+
signing_key:
|
|
44
|
+
specification_version: 3
|
|
45
|
+
summary: swack
|
|
46
|
+
test_files: []
|