Security vulnerability identified while running code on the compiler

nickssarang · December 23, 2022, 9:34pm

Problem description:
Security issue identified while running code on the compiler aka Local File Inclusion (LFI)

Expected behavior:
‘permission denied’ should be the expected behavior as it exposes backend info and an adversary can run OS commands.

Actual behavior:
Displaying sensitive content

Steps to reproduce:
Run the below code and change the file name/path and the file contents will be displayed accordingly.

# Open the file in read mode
with open(‘/proc/self/environ’, ‘r’) as file:

Read the contents of the file*
contents = file.read()*

# Print the contents of the file
print(contents)

Bug appears at this link:

Browser/OS/Device:
Chrome browser/Win 11

IroncladDev · December 23, 2022, 10:30pm

No worries on this, the information you’ve spotted is in the repl’s filesystem and does not pose a security threat.
Thanks for trying to help make replit a safer place!

nickssarang · December 24, 2022, 6:38am

This also includes contents fetched from etc/passwd ?

LuisAFK · December 24, 2022, 9:25am

It’s all good and safe. Only problem would be jailbreaking from the Docker container which is probably not possible. But if you’re still inside your Repl, it’s ok that you can access that stuff.

IroncladDev · December 29, 2022, 2:21pm

Correct, the information accessible from the repl is all safe and good

Security vulnerability identified while running code on the compiler

Read the contents of the file*