First Flight #14: AirDropper
First Flight #14
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Test contain `testPwned` function in which user terminal data can be compromised by running the test

naman1729

Summary

  • testPwned function in which user terminal data can be compromised by running the test. In this test the arbitrary command can be executed by the testPwned function.

Vulnerability Details

  • this function in the test creates a malicious new file(youve-been-pwned) in the root directory of the project.

function testPwned() public {
string[] memory cmds = new string[](2);
cmds[0] = "touch";
cmds[1] = string.concat("youve-been-pwned");
cheatCodes.ffi(cmds);
}

  • This function can be used to execute arbitrary commands on the user's terminal which can be used to compromise the user's data. So, there is no reason to have this function in the test.

Impact

  • creating a malicious file in the root directory of the project.

  • user's terminal data can be compromised by running the test.

Tools Used

  • Manual Review

Recommendations

  • Remove the testPwned function from the test.

- function testPwned() public {
- string[] memory cmds = new string[](2);
- cmds[0] = "touch";
- cmds[1] = string.concat("youve-been-pwned");
- cheatCodes.ffi(cmds);
- }
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Out of scope
Assigned finding tags:

ffi

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.