ArtiPACKED | |
Type of Attack | Exploit Kit |
Date of Initial Activity | 2024 |
Motivation | Financial Gain |
Attack Vectors | Software Vulnerabilities |
Overview
The ArtiPACKED exploit unveils a critical vulnerability within GitHub Actions, a widely utilized continuous integration and continuous deployment (CI/CD) platform that powers many open-source and enterprise-level projects. This exploit leverages a race condition in GitHub Actions artifacts, a mechanism used to persist and share data generated during workflow runs. Insecure handling and misconfigurations in the use of GitHub Actions artifacts can lead to the inadvertent exposure of sensitive tokens—such as GitHub authentication tokens and third-party cloud service credentials—into publicly accessible repositories. This opens a significant attack vector that can be exploited by malicious actors to gain unauthorized access to cloud environments and repositories, potentially compromising critical infrastructure.
Targets
Information
How they operate
At the heart of the ArtiPACKED exploit is the mishandling of two types of GitHub tokens: the GITHUB_TOKEN and the ACTIONS_RUNTIME_TOKEN. The GITHUB_TOKEN is an ephemeral authentication token automatically generated by GitHub for each workflow run, allowing it to perform actions like committing changes or interacting with the repository. By default, this token is stored within the .git directory, which is often uploaded as part of the build artifact. As the artifact is made publicly available, anyone with access to it can extract the token and use it to interact with the repository, potentially executing malicious actions such as pushing unauthorized changes or stealing secrets.
The ACTIONS_RUNTIME_TOKEN is a JSON Web Token (JWT) with a longer expiration period—typically around six hours—compared to the GITHUB_TOKEN, which expires as soon as the workflow job finishes. This token is generated by GitHub for internal use, particularly to manage caching and artifact uploads between jobs in a workflow. Due to its extended validity, the ACTIONS_RUNTIME_TOKEN can be exploited by attackers who download the artifact containing it and use the token to perform malicious actions within the CI/CD pipeline. This includes replacing legitimate artifacts with malicious ones, which could be executed during subsequent workflow jobs, potentially leading to remote code execution (RCE) on the build server.
One of the key aspects of the ArtiPACKED exploit is its reliance on race conditions in the handling of workflow artifacts. Specifically, attackers exploit the fact that GitHub Actions artifacts are only available for download after the entire workflow job has completed. However, since the GITHUB_TOKEN expires by the time the artifact is accessible, the attacker cannot use it directly. Instead, they focus on the ACTIONS_RUNTIME_TOKEN, which remains valid for a window of several hours after the job has finished. By automating the process of downloading the artifact and extracting the ACTIONS_RUNTIME_TOKEN, attackers can manipulate the workflow, replacing artifacts with their own malicious versions, which will then be consumed by future jobs in the workflow.
The attack chain continues by leveraging the compromised tokens to inject malicious code into the repository or trigger actions that could lead to further compromise. Once the attacker controls the artifacts, they can execute arbitrary code on the CI/CD servers or on the workstations of developers who later download and run the compromised artifact. This remote code execution (RCE) risk exposes the software development process to substantial security threats, as attackers gain access to systems that were previously trusted and integral to the software delivery pipeline.
