Stroing passwords as plain text, even in private variables, can make them accessible to anyone through the blockchain.
Summary
In the PasswordStore.sol file owners password is stored in a private variable named s_password. Storing passwords even in private variables can make them easily accessible to anyone to read it through the blockchain.
Vulnerability Details
Storing a password in a private variable gives rise to a potential security vulnerability. An attacker can retrieve the stored password, compromising user's data security.
Impact
Any password saved by the user using this contract would be directly accessible to anyone by reading them from the slots.
POC
Anyone can read the data of s_password variable just by using some functions. Some of the are listed below.
web3.eth.getStorageAt(<contract address>, <slot>)cast storage <contract address> <slot>
Tools Used
VS Code
Recommendations
Do not save password in the plain text format . First hash it and then save it in the s_password variable.
Lead Judging Commences
finding-anyone-can-read-storage
Private functions and state variables are only visible for the contract they are defined in and not in derived contracts. In this case private doesn't mean secret/confidential
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.