reiven
commented
4 years ago pro tip: If you start any shell command with and space, it will not be saved in history
Open CarlBeek opened 4 years ago
reiven
commented
4 years ago pro tip: If you start any shell command with and space, it will not be saved in history
Description
The deposit CLI tool allows passwords to be supplied as command-line arguments, enabling password leakage through operating systems, such as terminal shell history and execution of ps or similar commands.
The tool allows specification of a password through command-line arguments:
However, while accessing the shell history in a terminal window, the password is leaked in plaintext:
Exploit Scenario
Alice uses the Deposit-CLI to generate secret keys on her machine with a command line argument --password='12345'. An attacker, Eve gains access to Alice’s machine and looks through previously run commands on the terminal and finds the password used to secure the BLS signing key. In combination with #98, Eve also has access to the sensitive keys stored in the files.
Recommendation
Short term, do not allow users to use the command line argument to specify passwords. Long term, minimize the usage of sensitive information and ensure secrets are not exposed via operating system logs.