Submission Details
Severity:
"VotingBoothTest.t.sol" has a malicious test embedded
Summary
VotingBoothTest.t.sol has a malicious test embedded that runs an external file on localMachine.
function testPwned() public {
string[] memory cmds = new string[](2);
cmds[0] = "touch";
cmds[1] = string.concat("youve-been-pwned-remember-to-turn-off-ffi!");
cheatCodes.ffi(cmds);
}
Vulnerability Details
This test runs a command in the background that pwns your system. The Vulnerability, if written differently, could potentially strip data from your system, load up an exploit or even send data back to another machine using various commands such as curl or bash.
Impact
Leaves your system vulnerable for potential exploits
Tools Used
forge
Recommendations
Disable ffi in the ``foundry.toml``` file
ffi = false
and/or disable / remove line from VotingBoothTest.t.sol
function testPwned() public {
string[] memory cmds = new string[](2);
cmds[0] = "touch";
cmds[1] = string.concat("youve-been-pwned-remember-to-turn-off-ffi!");
cheatCodes.ffi(cmds);
}
Rewards breakdown
This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.