Weaponize your package

@naugtur, The Hack Summit 2024

Who's that guy?

https://naugtur.pl

# 📺 Previously on #### supply chain security --- ### vulnerable dependencies - audit scanners - false positives - security culture 📦npm-audit-resolver --- ### malicious install scripts - postinstall turns tsc evil - `--ignore-scripts` 📦@lavamoat/allow-scripts 📦can-i-ignore-scripts --- ### defending from malicious packages - Hardened Javascript 📦lavamoat --- ### defensive coding workshop - AppSec Village DEFCON 2023 - NodeConfEU 2023 - Confidence 2024 📦ses 📦lavamoat --- Talks available at [naugtur.pl](https://naugtur.pl)

📦👌

_{^{So you want to attack someone with a malicious package}}

### Let's get the "how" <br>out of the way - dependency confusion - typo squatting - package takeover - blog/stackoverflow post - AI suggests it - personal recommendation - infiltration/insider

_{^{In general, disguise it as one of these}}

# 🙈 ### BTW ### Don't publish malware to NPM please --- In a legal engagement, prove you can typosquat with a non-malicious package and host your evil package on your own [verdaccio](https://verdaccio.org/) and configure .npmrc ``` .npmrc @typosquat-emulator:registry=https://mypentesthosting.com/ //mypentesthosting.com/:_authToken=YOUR_AUTH_TOKEN ``` ``` npm install @typosquat-emulator/pentest-package ``` You get to keep your exploits to yourself and not violate npm's Terms of Service --- # 💣 ## Now we make it dangerous --- # 😴 ## Boring - postinstall calls home - postinstall steals env vars - postinstall downloads more malware - postinstall exfiltrates over DNS - postinstall mines crypto - obfuscated script in main --- # 🥱 ## Slightly less boring - postinstall drops payload in sources - postinstall turns tsc evil --- ### Install scripts - surprisingly, still popular - easy to spot - tools detect them - quick to get deleted by npm etc. - easy to block: - `--ignore-scripts` - 📦@lavamoat/allow-scripts --- # 🧐 ## Malicious source - requires more skill - harder to detect - attacks the app at runtime - more interesting targets --- > In fact, 97% of the code in a modern web application comes from npm. An individual developer is responsible only for the final 3% that makes their application unique and useful. > > https://blog.npmjs.org/post/180868064080/this-year-in-javascript-2018-in-review-and-npms --- # 🤏 But I can only control a useless little package that doesn't do anything important --- # 👻 ### Time to learn about lateral movement in JavaScript applications

## Prototype poisoning # 🧪🍏 ![]() ```js const a = {}; Object.prototype.toString = ()=>'👻'; console.log(`scary object: ${a}`); ``` ``` scary object: 👻 ```

### JS can be tweaked and it's no accident - designed in 10 days - humbly assuming there's room for improvement

## polyfills #### and ## prototype poisoning #### are the same thing #### with different intentions

# ⚔️ ## a weapon ```js Object.defineProperty(Object.prototype, "Authorization", { set(value) { console.log(`stolen: ${value}`); }, }); ``` ```js const headers = {}; if( authorized ) { headers.Authorization = `Bearer ${token}`; } ```

## attack examples [repo](https://github.com/naugtur/js-training-examples/tree/master/websec101/attacking)

<br> <br> # 📦🛡️📦 <br> <br> <br> _{^{Let's put my blue hat back on}} ---  ## Hardened Javascript --- ## lockdown - a part of Hardened Javascript - locks down the environment by hardening prototypes of language internals - prevents prototype poisoning Intrinsics Let's see that demo again --- ### There's more  #### Tell your devteam if you want to make your work harder --- ### We have a webpack plugin in beta You can practice pentesting it if you want.

@naugtur   naugtur.pl

naugtur.pl/training