A newly found assault vector in GitHub Actions artifacts dubbed ArtiPACKED might be exploited to take over repositories and acquire entry to organizations’ cloud environments.
“A combination of misconfigurations and security flaws can make artifacts leak tokens, both of third party cloud services and GitHub tokens, making them available for anyone with read access to the repository to consume,” Palo Alto Networks Unit 42 researcher Yaron Avital mentioned in a report printed this week.
“This allows malicious actors with access to these artifacts the potential of compromising the services to which these secrets grant access.”
The cybersecurity firm mentioned it primarily noticed the leakage of GitHub tokens (e.g., GITHUB_TOKEN and ACTIONS_RUNTIME_TOKEN), which couldn’t solely give malicious actors unauthorized entry to the repositories, but in addition grant them the flexibility to poison the supply code and get it pushed to manufacturing by way of CI/CD workflows.
Artifacts in GitHub enable customers to share knowledge between jobs in a workflow and persist that info after it has been accomplished for 90 days. This will embrace builds, log recordsdata, core dumps, check outputs, and deployment packages.
The safety drawback right here is that these artifacts are publicly accessible for anybody within the case of open-source tasks, making them a helpful useful resource for extracting secrets and techniques like GitHub entry tokens.
Significantly, the artifacts have been discovered to show an undocumented surroundings variable referred to as ACTIONS_RUNTIME_TOKEN, which has a lifespan of about six hours and might be used to substitute an artifact with a malicious model earlier than it expires.
This might then open an assault window for distant code execution when builders instantly obtain and execute the rogue artifact or there exists a subsequent workflow job that is configured to run based mostly on beforehand uploaded artifacts.
Whereas GITHUB_TOKEN expires when the job ends, enhancements made to the artifacts characteristic with model 4 meant that an attacker may exploit race situation eventualities to steal and use the token by downloading an artifact whereas a workflow run is in progress.
The pilfered token might be subsequently used to push malicious code to the repository by creating a brand new department earlier than the pipeline job ends and the token is invalidated. Nevertheless, this assault banks on the workflow having the “contents: write” permission.
Numerous open-source repositories associated to Amazon Internet Companies (AWS), Google, Microsoft, Crimson Hat, and Ubuntu have been discovered prone to the assault. GitHub, for its half, has categorized the problem as informational, requiring that customers take it upon themselves to safe their uploaded artifacts.
“GitHub’s deprecation of Artifacts V3 should prompt organizations using the artifacts mechanism to reevaluate the way they use it,” Avital mentioned. “Overlooked elements like build artifacts often become prime targets for attackers.”
