Summary
For each workflow run, Github generates an API key called the GITHUB_TOKEN. This is meant for the workflow to be able to authenticate to the Github API and perform duties outlined in the workflow file (checking out the repo, modifying PRs, etc). Github will automatically place this token in artifact files.
If developers are unaware of this and somehow publish contents of their working directory, it's possible for the GITHUB_TOKEN to leak. It should only be valid for the duration of the workflow run, but there is some wiggle room that can be exploited by someone with enough determination.
Details
The ci.yml workflow file uses actions/upload-artifact@v4 to upload the workspace artifact. This artifact is a zip of the current directory, which includes the run's GITHUB_TOKEN. Seeing as the artifact can be downloaded prior to the end of the workflow, there is a few seconds where an attacker can extract the token from the artifact and use it with the Github API to push malicious code or rewrite release commits in your repository.
PoC
- Monitor for runs of the ci.yml workflow
- Once a run is found, wait for the artifact to be made available
- Download and extract the GITHUB_TOKEN from it
- Use the token with the Github API to push a new commit to main with backdoored code. Alternatively update the release tags to point to this new commit so subsequent downloads of the releases contain the backdoor.
Impact
Any downstream user of this repo.
Suggested Fix
Only add the files required to the artifact, instead of specifying the current directory. Make sure the artifact doesn't contain environment variables
Summary
For each workflow run, Github generates an API key called the GITHUB_TOKEN. This is meant for the workflow to be able to authenticate to the Github API and perform duties outlined in the workflow file (checking out the repo, modifying PRs, etc). Github will automatically place this token in artifact files.
If developers are unaware of this and somehow publish contents of their working directory, it's possible for the GITHUB_TOKEN to leak. It should only be valid for the duration of the workflow run, but there is some wiggle room that can be exploited by someone with enough determination.
Details
The ci.yml workflow file uses actions/upload-artifact@v4 to upload the workspace artifact. This artifact is a zip of the current directory, which includes the run's GITHUB_TOKEN. Seeing as the artifact can be downloaded prior to the end of the workflow, there is a few seconds where an attacker can extract the token from the artifact and use it with the Github API to push malicious code or rewrite release commits in your repository.
PoC
Impact
Any downstream user of this repo.
Suggested Fix
Only add the files required to the artifact, instead of specifying the current directory. Make sure the artifact doesn't contain environment variables