Two years ago today, our small research team open sourced poutine, a SAST scanner for CI/CD pipelines (very similar to zizmor, but written in Go and customizable using Rego DSL). It finds the vulnerabilities in your build pipelines. As all security engineers know, running SAST and filing a JIRA ticket leads to nowhere.
Some weeks ago TeamPCP came on the scene and most were shocked to see the blast radius starting with Trivy then LiteLLM, KICS, etc. Trivy got pwn'd using textbook "pwn request".
I've been building SmokedMeat for the past 5 months to level the playing field. It's a Red Team framework for CI/CD pipelines. You scan a GitHub org workflows, pick from a menu of exploitable pipelines, you are guided through an exploitation wizard, wait… and you're in post-exploitation. Secrets already exfiltrated from runner process memory are in the Loot stash, ready to pivot into cloud accounts, private repos, and more. Live attack graph in the browser.
Then you target the whooli GitHub org (https://github.com/whooli) a CTF playground to exploit (hint the final flag is in a Google Cloud Storage Bucket)
Happy to answer questions about the ethics, architecture, implant design, or CI/CD attack techniques.
I absolutely second the OP. I used to be a penetration tester and whenever I had low level contributor access to an internal repository I managed to break out into the cloud and in 99% of cases I was an administrator after that. CI/CD is remote code execution as a service and way too often way too misconfigured. When I say low-level contributor access, I mean the level you give an intern who joins your company for a two-week summer internship. They come as an unpaid intern, they leave as an AWS administrator. Pretty good deal in my book ;)
Thank you so much for creating the tool. This might drive the point home just how easy it is to exploit this stuff.
Absolutely not. The same TTPs apply almost 1-to-1 for Insider Threat scenarios. We've built the Deciduous Attack Trees (shout out to Kelly) for insider threats last year. It overlaps. So either you start with Initial Access that's purely public and pivot deeper or you already have a modest foothold (like intern with read only access) and off to the races.
I think this is a killer project that's very needed to accelerate the learning of how to defend against the deluge of nascent CI/CD risks. Kudos Boost team!
Thanks! I got tired of talking about it to defenders. I wanted to talk to Red Teamers too and SOC / detection engineering people. I wanted to build a tool that someone can just have the CISO try it directly.
OP here, mini AMA.
Two years ago today, our small research team open sourced poutine, a SAST scanner for CI/CD pipelines (very similar to zizmor, but written in Go and customizable using Rego DSL). It finds the vulnerabilities in your build pipelines. As all security engineers know, running SAST and filing a JIRA ticket leads to nowhere.
Some weeks ago TeamPCP came on the scene and most were shocked to see the blast radius starting with Trivy then LiteLLM, KICS, etc. Trivy got pwn'd using textbook "pwn request".
I've been building SmokedMeat for the past 5 months to level the playing field. It's a Red Team framework for CI/CD pipelines. You scan a GitHub org workflows, pick from a menu of exploitable pipelines, you are guided through an exploitation wizard, wait… and you're in post-exploitation. Secrets already exfiltrated from runner process memory are in the Loot stash, ready to pivot into cloud accounts, private repos, and more. Live attack graph in the browser.
To try it: git clone https://github.com/boostsecurityio/smokedmeat.git cd smokedmeat make quickstart
Then you target the whooli GitHub org (https://github.com/whooli) a CTF playground to exploit (hint the final flag is in a Google Cloud Storage Bucket)
Happy to answer questions about the ethics, architecture, implant design, or CI/CD attack techniques.
That's pretty useful to get a clear picture of lingering threats that aren't immediately visible from existing scanning tools.
The last year has shown that this vector is getting weaponized for real so it's great to see more tools to help defenders!
Is this something only companies with public repos should be worried about?
I absolutely second the OP. I used to be a penetration tester and whenever I had low level contributor access to an internal repository I managed to break out into the cloud and in 99% of cases I was an administrator after that. CI/CD is remote code execution as a service and way too often way too misconfigured. When I say low-level contributor access, I mean the level you give an intern who joins your company for a two-week summer internship. They come as an unpaid intern, they leave as an AWS administrator. Pretty good deal in my book ;) Thank you so much for creating the tool. This might drive the point home just how easy it is to exploit this stuff.
Absolutely not. The same TTPs apply almost 1-to-1 for Insider Threat scenarios. We've built the Deciduous Attack Trees (shout out to Kelly) for insider threats last year. It overlaps. So either you start with Initial Access that's purely public and pivot deeper or you already have a modest foothold (like intern with read only access) and off to the races.
I think this is a killer project that's very needed to accelerate the learning of how to defend against the deluge of nascent CI/CD risks. Kudos Boost team!
Thanks! I got tired of talking about it to defenders. I wanted to talk to Red Teamers too and SOC / detection engineering people. I wanted to build a tool that someone can just have the CISO try it directly.