First Flight #14: AirDropper
First Flight #14
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Malicious test with FFI leads to remote code execution

n0kto

Description

The foundry.toml configuration file has the ffi option set to true, which allows for arbitrary code execution during the forge test or forge coverage commands. This can be exploited by a malicious developer to execute harmful code on the machines of other users running these commands, potentially leading to unauthorized actions or compromising the system's security.

This is a critical vulnerability in this project because there is a malicious test:

function testPwned() public {
string[] memory cmds = new string[](2);
cmds[0] = "touch";
cmds[1] = string.concat("youve-been-pwned");
cheatCodes.ffi(cmds);
}

Risk

Likelyhood: High

  • Executes at every forge test or forge coverage

Impact: High

  • System compromise, data leaks, etc

Recommended Mitigation

To fix this vulnerability, the ffi option should be set to false in the foundry.toml configuration file.
By disabling the execution of arbitrary code, the risk of unauthorized actions and compromising the system's security can be mitigated.
Moreover, FFI is not useful in any other tests.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Out of scope
Assigned finding tags:

ffi

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.