“Microsoft suggests in the PowerShell Gallery documentation that the Author metadata is provided by the package’s author and is not verified by Microsoft, and only the Owner field is strongly tied to the Gallery account used to publish the package, which makes it more trustworthy than the Author field,” the researchers said. “The Author field is shown by default, while the Owner field is hidden by default, adding to the challenges faced by already confused users.”
Essentially, the only indication that a package might be a rogue copy of a legitimate one would be the subtle name difference and the download count, which would be low for a newly published package. However, the download count could potentially be manipulated too by having automated bots to download the package.
Exposing unlisted packages and their secrets
A third issue identified by the Aqua Security researchers is that it’s possible for an attacker to discover unlisted packages or versions of packages even though the PowerShell Gallery documentation says such packages should not appear in search results on the site or through the API. To be clear, downloading these packages do not require additional authentication or special permissions, but the user would have to know the exact package name and version in order to access them.
The issue is that this encourages package authors to use the unlisting feature if they accidentally publish secret information as part of a version release and they might feel that’s enough protection to correct the mistake. The Aqua Security researchers found a way to enumerate and expose unlisted packages through the API.
“During our research, we enumerated some of the unlisted packages for secrets, and we were surprised to see publishers who by mistake uploaded their .git/config file containing API keys of Github, or a publishing script of the module containing the API key to the Gallery itself,” the researcher said. “One of these secrets belonged to a big technology company which requested to remain anonymous.”
Deleting a package instead of unlisting it can be done on PowerShell Gallery, but this operation needs to be performed by the PSGallery support team, so it’s not an automated process. Therefore, module authors are more likely to simply unlist it than going through the more involved deletion process.
Recommended steps to mitigate the vulnerability
Aqua Security claims to have reported these issues to Microsoft twice since September 2022 and each time they were told changes were made and some fixes were put in place to mitigate the risks. However, as of August 8, 2023 the researchers claimed the issues they found remain reproducible. As a result, they recommended the following mitigation steps:
- First and foremost, the best solution would be for the platform to fix the flaws. This could include implementing a strict package naming policy, verifying authorship, restricting access to unlisted packages, and improving the visibility of package ownership. Of course, as users, we are responsible for what we install, and we need to check the code we download before installing it. However, the platform’s responsibility is to reduce the attack surface as much as possible.
- Given the vulnerabilities identified in the PowerShell Gallery, it’s recommended to enforce a policy that only allows the execution of signed scripts. This ensures that any script or module, including those downloaded from the PowerShell Gallery, must be digitally signed with a trusted certificate before they can be run, providing an additional layer of security against the execution of malicious scripts.
- Use Trusted Private Repository: This can ensure that the repository has limited internet access and user access, where you can manage and consume your private modules while also storing modules from the public PowerShell Gallery in a more secure way.
- Regularly Scan for Sensitive Data: This includes scanning the modules’ source code for secrets and conducting regular security assessments in the repositories that store and manage the module’s code. It’s important to promptly address and rotate any exposed secrets in order to prevent exploitation by attackers.
- Implement a robust continuous monitoring system that tracks activities in real time across your CI/CD pipelines and cloud infrastructure. This proactive approach allows you to detect potential threats and suspicious behavior. It is also capable of detecting any deviations from established normal profiles.