GitHub Vulnerability “ArtiPACKED” Trigger RCE Exploit to Hack Repositories

The research identifies a critical security vulnerability in GitHub Actions artifacts, enabling unauthorized access to tokens and secrets within CI/CD pipelines. 

Misconfigured workflows in major organizations’ public repositories exposed sensitive information, potentially compromising cloud environments and allowing attackers to inject malicious code into production systems. 

By exploiting leaked GitHub tokens, adversaries could manipulate repositories and steal additional secrets, highlighting the urgent need for robust security practices around artifact handling to protect software supply chains. 

A researcher automated the process of downloading and scanning artifacts from popular open-source projects by analyzing the potential for GitHub Actions artifacts to contain sensitive data like secrets. 

The investigation revealed a significant security risk, as artifacts from projects maintained by major tech companies and open-source organizations were found to expose secrets, potentially impacting millions of users. 

Easily analyze emerging malware with ANY.RUN interactive online sandbox - Try 14 Days Free Trial

Abusing Leaked GitHub Tokens

It has been discovered that GitHub tokens, particularly GITHUB_TOKEN and ACTIONS_RUNTIME_TOKEN, were inadvertently included in public artifacts due to common workflow practices. 

The actions/checkout action persists the GITHUB_TOKEN in the .git directory by default, which is often uploaded as an artifact.

Additionally, the super-linter tool previously logged environment variables, including tokens, to a file that was also included in artifacts, which exposed sensitive tokens to unauthorized access. 

They exploited vulnerabilities in GitHub actions to abuse leaked tokens. By targeting the ephemeral GITHUB_TOKEN and the undocumented ACTIONS_RUNTIME_TOKEN, they developed techniques to extract these tokens from workflow artifacts. 

By automating the process of replacing legitimate artifacts with malicious ones, they enable remote code execution on running systems. 

Furthermore, they identified a new attack vector using GitHub’s recently introduced artifact download feature, allowing the extraction and use of GITHUB_TOKEN before its expiration, facilitating unauthorized code pushes to repositories. 

By identifying open-source projects using the deprecated upload-artifact@v3 action and analyzing their workflow permissions, numerous instances of exposed GITHUB_TOKEN secrets were discovered. 

While early attempts were thwarted by token expiration, they successfully exploited a workflow with subsequent steps after artifact upload to steal and utilize a valid token, which allowed them to create a branch in the clair project, demonstrating the potential for unauthorized code pushes to open-source repositories through this vulnerability. 

The attacker optimized a previous attack by developing RepoReaper, a GitHub Actions workflow that monitors target repositories for workflow runs and rapidly downloads and extracts leaked tokens from artifacts upon detection, then exploits them to create malicious branches via the GitHub REST API, compromising the target repository. 

The approach leverages GitHub’s infrastructure for speed and efficiency, bypassing rate limits and certificate verification for maximum impact. 

The researcher at Palo Alto Networks discovered a vulnerability allowing sensitive information leakage through GitHub Actions artifacts, compromising numerous high-profile projects. 

By analyzing artifacts for secrets before upload, a custom action was developed to prevent accidental exposure, highlighting the critical need for artifact scanning and emphasizing the importance of adopting a holistic security approach, including least privilege permissions and careful review of CI/CD pipelines to mitigate risks. 

Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot