GitHub’s workflow management platform, can give hackers write access to repositories and reveal encrypted secrets.
By Ben Dickson
A design flaw in Actions, GitHub’s workflow management platform, can give hackers write access to repositories and reveal encrypted secrets, Google Project Zero researcher Felix Wilhelm has reported.
An attacker can exploit set-env, one of the commands supported by GitHub Actions, to dump NodeJS commands to the shell output, which are then processed and run by Actions’ runner process.
“As the runner process parses every line printed to STDOUT looking for workflow commands, every GitHub action that prints untrusted content as part of its execution is vulnerable,” Wilhelm writes. Projects that have complex GitHub workflows comprised of multiple steps are especially at risk.
For instance, in the case of Microsoft’s Visual Studio Code GitHub repo, Wilhelm was able to exploit the bug by injecting code in an issue title passed to the project’s new issue workflow.
This caused the platform’s NodeJS interpreter to dump the process environment. “Of course, more complex payloads are possible,” Wilhelm
Another example is Stale, one of GitHub Actions’ own modules for closing stale issues and pull requests. In projects such as RocketChat, which use stale as part of a multi-step workflow, attackers can use the set-env command to stage code injection attacks.
In his research, Wilhelm found similar issues in actions that operate on pull requests. “An external contributor can just create a pull request between two existing branches in the target repo to trigger a privileged workflow run,” Wilhelm writes.
Following Wilhelm’s report, GitHub issued an advisory, confirming the vulnerability and declaring it will disable set-env and another command, add-path, in the future.
“To allow us to address this issue and maintain the ability for you to dynamically set environment variables we have introduced a new set of files to manage environment and path updates in workflows,” GitHub wrote in a blog post following the advisory.
“If you need to log untrusted information such as issue titles, bodies, or commit messages to STDOUT we recommend that you disable command processing prior to doing that.”
Originally published at portswigger