Security Pills - Issue 42

The case for improving crypto wallet security, How to avoid the aCropalypse, Taking over any DNSSEC name on ENS

Release Date: 10th April 2023 | Issue: 42 | Subscribe

The Security Pills newsletter is a hand curated zine (delivered once per week) that highlights security related-news. 10+ hours of reading and analysis condensed into a 5-minute summary every Monday morning.

SponsorToo Many Developers With Production Access?

Consider an attacker who obtained one of your developer’s credentials; what access would they have? By making permanent access temporary, you can significantly reduce the attack surface for many security-breach scenarios. That’s where just-in-time access comes in.

Hey there 👋,Hope you all had a great weekend!Enjoy today's newsletter!

  • 🔖Articles

    • 🛠 Appsec: 

      • Opaque IDs: The Ultimate Protection Against Enumeration Attacks | Argument Injection Vectors | Introducing the Columbus Project | WebSockets are a Pain.

    • ⛓ Blockchain: 

      • The case for improving crypto wallet security | How to Ensure Web3 Users are Safe from Zero Transfer Attacks | Reentrancy Guard 2.0 | How to Consume Chainlink Price Feeds Safely | How to use Phalcon Debug to dive into a transaction | How Does Tornado Cash Work.

    • 🗳 Large Language Model: 

      • LLM Sandboxing: Early Lessons Learned | An Enterprise Guide to Large Language Models | We put GPT-4 in Semgrep to point out false positives and fix code.

  • 🐛 Vulnerabilities and Bug Bounties

    • 🛠 Appsec: 

      • Pre-Auth RCE in Pentaho Business Analytics Server | How to avoid the aCropalypse | The Uninvited Guest: IDORs, Garage Doors and Stolen Secrets.

    • ⛓ Blockchain: 

      • Denial-of-Service Attacks in DeFi: The Balancer-Synthetix Case | Post Mortem: mev-boost relay incident and related timing issue | How to almost take over any DNSSEC name on ENS | Uniswap Vulnerability Disclosure | How Was Sentiment Exploited?.

  • 🔖 Resources

    • ⌨️ Repositories/Tools: 

      • certwatcher | huff-puzzles | medusa.

    • 🎥Videos:

      • Safe, Smart Contract Wallets & Account Abstraction | Circuit Safety and an Introduction to Noir

    • 🎙Podcasts: 

      • Darknet Diaries Ep. 132: Sam the vendor.

🛠 Appsec

Opaque IDs: The Ultimate Protection Against Enumeration AttacksRicardo Ivan from Exact Realty, writes about IDs and discusses two types of attacks (timing and enumeration attacks) that can affect them and result in the disclosure of sensitive information when accessing resources. Ricardo also explores various mitigation techniques and shares a npm package that uses AES-GCM to produce opaque, unforgeable, and stable IDs.

Argument Injection VectorsThe SonarSource R&D team has curated a list of program options to exploit argument injection bugs. The payloads are divided into four different categories (command, file write, file read, and library load), and include remediation tips to avoid this type of bug.

Introducing the Columbus ProjectDániel Görbe has introduced the Columbus Project, an open source append only database of known subdomains.

WebSockets are a PainAndy Gill deep dives into WebSockets, how they work, and some of the implementations that can be used to quickly get data in and out of an environment..

⛓ Blockchain

The case for improving crypto wallet securityDoyensec's Viktor Chuchurski highlights the shortcomings of today's crypto wallet implementations and suggests ideas for improving them. One suggestion relates to the connection and transaction signing process, which can be used to show user-readable information about the domain/Dapp being accessed. Viktor has created a proof-of-concept, which uses public information, such as domain registration records, TLS certificate information, and other data available via Etherscan's API, to simplify access to Ethereum Dapps.

Screenshot 2023-04-05 at 9 32 15 AM

How to Ensure Web3 Users Are Safe from Zero Transfer AttacksOpenZeppelin has published research that aims to highlight a behavior in the implementation of the ERC-20 token standard recently exploited through address poisoning attacks, causing a loss of $19 million in victim funds from various wallet providers in just 5 months. The research details a phishing attack where attackers follow three steps.

1. Execute a zero-value transaction from a wallet containing tokens, or vice-versa, to an attacker’s wallet that is similar to one that the victim’s wallet regularly interacts with.

2. The user would accidentally copy/paste the address from the last wallet that interacted with theirs (in this case, the attacker’s). Sometimes, their wallet may wrongly suggest the attacker’s wallet, as it was the last one they interacted with on-chain.

3. Funds would be irreversibly sent to the attacker’s wallet.

How to Consume Chainlink Price Feeds SafelyAbhishek Vispute explains how to implement circuit breakers with Chainlink Price Feeds safely.

Reentrancy Guard 2.0Ariel Tempelhof from SphereX Technologies discusses limitations in the traditional reentrancy guard that prevent it from providing perfect prevention against reentrant calls. Ariel suggests a different approach that incorporates the reentrancy guard in the proxy contract rather than in the contract's implementation. Despite some caveats with the current implementation, the code is publicly available for use.

How to use Phalcon Debug to dive into a transactionBlocksec writes about one of the features available in Phalcon, the ability to debug a transaction. A powerful feature that can significantly improve the analysis efficiency for complex transactions. Using the transaction made by the Euler exploiter, the article delves into every single step, detailing how to analyze a transaction successfully.

How Does Tornado Cash WorkZellic provides a breakdown of the mathematical principles behind Tornado Cash, the popular coin mixer on the Ethereum network that offers strong anonymity to its users through the use of cryptographic techniques. The article provides a deep dive into its zero-knowledge proof system, Groth16, along with some of the security concerns affecting the solution.

🤖 Large Language Model

LLM Sandboxing: Early Lessons LearnedMatt Hamilton from Forces Unseen reflects on the lessons learnt after launching Doublespeak.chat, a text-based AI (sandbox) escape game. Matt gives a very simple and high-level overview of how LLMs work and discusses some of the challenges experienced with LLM sandboxing.

An Enterprise Guide to Large Language ModelsNvidia has authored a book on LLMs that aims to help enterprises understand what makes LLMs groundbreaking compared to previous solutions and how they can benefit from adoption or developing them.

The first two parts of the book have been released:

We put GPT-4 in Semgrep to point out false positives and fix codeSemgrep's Bence Nagy explains how GPT-4 has been added into Semgrep to reduce noise and auto-fix bugs. Bence provides insights on how these two new features work internally and shares thoughts on what could be the future of SAST tools . If you are interested in trying these new features, the private beta is open for signups.

🛠 Appsec

Pre-Auth RCE in Pentaho Business Analytics ServerHarry Withington from Aura Information Security identified a total of eight vulnerabilities affecting the Pentaho Business Analytics Server, three of which enabled command execution on the residing host. This article explores the technical details of the most interesting issues.

The Uninvited Guest: IDORs, Garage Doors, and Stolen SecretsSam Sabetan has published a series of critical vulnerabilities found in Nexx's smart device product line, which could enabled remote attackers to open and close garage doors, take control of alarms and switch smart plugs on and off for any customer.

How to avoid the aCropalypseHenrik Brodin from Trail of Bits writes on the aCropalypse (CVE-2023-21036) vulnerability and how their PolyTracker tool could have detected it even without specific file format knowledge.

⛓Blockchain

Denial-of-Service Attacks In DeFi: The Balancer-Synthetix CaseChainSecurity explores in this article a type of Denial-of-Service attack affecting internal token balances. The vulnerability affected the internal token balances in the Balancer protocol, making tokens unavailable for users to trade.

How Was Sentiment Exploited?On April 4, 2023, Sentiment Protocol was exploited on the Arbitrum Chain due to a read-only reentrancy vulnerability, resulting in a loss of approximately $1 million.

How to almost take over any DNSSEC name on ENSA critical vulnerability affecting the ENS where an attacker could take over any dns domain on ENS:

The code of the DNSRegistrar contract is not checking that the name parameter supplied to proveAndClaim actually matches the name in the proven DNS record. This means that as long as a user has a valid proof for a legitimate DNS record, they can claim whatever DNS name. The claimed name may not necessarily be associated with the proof. And it's possible to do so for DNS names already claimed by other users.

Post Mortem: mev-boost relay incident and related timing issueOn April 3rd, 2023, a malicious proposer exploited the ultrasound relay through a vulnerability in the open sourced mev-boost-relay implementation maintained by Flashbots to steal ~$20M from multiple sandwich bots. The attack was possible because of a vulnerability in the majority of mev-boost relays (mev-boost-relay, Dreamboat). In following up to this event, a related timing attack was also identified and mitigated.

Uniswap Vulnerability DisclosureA reentrancy vulnerability discovered within Uniswap's Universal Router, in which an attacker could re-enter the router during a swap and drain a user's approved token balance.

 🙏 Support us

Enjoy reading the Security Pills newsletter? Consider sponsoring our next edition.You can also share us with your friends and follow us on Twitter.

⌨️ Repositories/Tools

  • drfabiocastro/certwatcher  — CertWatcher is a tool for capture and tracking certificate transparency logs, using YAML templates based DSL.

  • RareSkills/huff-puzzles — A series of puzzles that go from very easy to more difficult so that you can have a hands-on introduction to the huff language and learn EVM bytecode while doing it.

  • crytic/medusa — A cross-platform go-ethereum-based smart contract fuzzer inspired by Echidna. It provides parallelised fuzz testing of smart contracts through CLI, or its Go API that allows custom user-extended testing methodology.

🎙 Podcasts

🎥 Videos

📧 Wrapping up

If you enjoyed this newsletter and think others would too, It would mean a lot for us if you'd forward this email to other people who may enjoy it as well. You can also follow me on Twitter and let me know your feedback or comments, or simply reply to this email, I'd love to get in touch with you.

Thanks,Sebas@0xroot | @secpillsnews