Rails 5.2 Generate Secret Key Base

Posted on  by

RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)

Technical Analysis:

Generate a Rails Secret Key. Have you ever wondered about those secret keys found in config/secrets.yml of your Rails app? The comments generated in that file describe the keys as such: ‘Your secret key is used for verifying the integrity of signed cookies.’ Great but what if they become compromised? Or we need to change them? If your application was not updated to Rails 5.2 defaults, the secretkeybase will be found in the old config/secrets.yml file. Note that changing your secretkeybase will. ApplicationRecord is a new superclass for all app models, analogous to app controllers subclassing ApplicationController instead of ActionController::Base. This gives apps a single spot to configure app-wide model behavior. When upgrading from Rails 4.2 to Rails 5.0.

  • Apr 10, 2017  0 Question Getting 'Missing `secretkeybase` for 'production' environment' when trying to get Unicorn to work with Rails.
  • If the 2nd method is correct, why rails does not generate a secretkeybase in production.rb by default? Is there any other method to do that?' Besides that, it explains why.
  • CVE-2019-5418 - https://github.com/mpgn/CVE-2019-5418
  • CVE-2019-5420 - https://hackerone.com/reports/473888

Security Adivsory:

  • CVE-2019-5418 - https://groups.google.com/forum/#!topic/rubyonrails-security/pFRKI96Sm8Q
  • CVE-2019-5420 - https://groups.google.com/forum/#!searchin/rubyonrails-security/CVE-2019-5420

Rails Generate Model Example

Exploit

Rails 5.2 Generate Secret Key Base
  1. The exploit check if the Rails application is vulnerable to the CVE-2019-5418
  2. Then gets the content of the files: credentials.yml.enc and master.key
  3. Decrypt the credentials.yml.enc and get the secret_key_base value
  4. Craft a request to the ressource /rails/active_storage/disk/:encoded_key/*filename(.:format) => CVE-2019-5420
  5. Send the request to the vulnerable server
  6. The code is executed on the server

Mitigations

That means each block is dependant on the previous block being calculated – hence the “chaining” of blocks. This might not seem like a big deal at first but an attacker will know you used the same key and could use this to work out statistical differences with each block and in turn predict the contents and/or work out the key.For AES, regardless of key size the block size is 128-bits long which if we assume 8-bits per character would mean each block is 16 characters in length. VVklkPrL5fczxmu4vZ93BnfBBpU8BWK1IQhHF6JRKSNZJ7PvpcaE8K/Mkbx1xgHaIf we knew the contents of one of the messages, perhaps lets say from a captured U-Boat, we could work out when a message was addressed to Mr Warrender without ever knowing the key! Enough theory, lets see it in action with OpenSSL in the terminal on Mac OS X!We use a key of secretpassword and use interactive mode which allows Ctrl+D to finish and output the encrypted cipher text in Base64 format. Powershell generate aes 256 key loader. However this exposes a problem: if you have two pieces of data you encrypt using the same key and the first few blocks are the same you’ll find that with the two encrypted pieces of data the beginning of both pieces are the same.

  • You may notice the cache level is disabled on the exploit, but you can use a race condition to retrieve the two files: https://gist.github.com/snyff/04c3463845480632a1fe192308c31439#file-race_condition-sh
Rails 5.2 Generate Secret Key Base

Rails Generate Model Foreign Key

Fix of CVE-2019-5420

Secret Key For Pokemon Platinum

Fix of CVE-2019-5418