This video is an explanation of the vulnerability in GitHub Actions script used by Homebrew repository to automatically merge some commits. The attacker – RyotaK was able to publish code to any ruby file within Casks folder, thus gaining an RCE on anyone using brew casks.
✉️ Sign up for the mailing list ✉️
🖥 Get $100 in credits for Digital Ocean 🖥
Follow me on twitter:
00:21 Auto-updating Homebrew Casks
02:43 Hiding lines from git_diff
05:54 What does ++ mean in Ruby?
06:32 Bypassing regex filename match
06:55 Dealing with undefined variables
07:32 Bypassing Rubocop