Slow Mist: A Brief Analysis of the MetaMask Wallet Demonic Vulnerability

For users who have used MetaMask versions lower than 10.11.3, if they click Show Secret Recovery Phrase when importing mnemonics, the mnemonics may be leaked.

On June 16, 2022, MetaMask (MM) officially announced a security issue called demon vulnerability discovered by white hats. The version affected by the vulnerability is < 10.11.3. Due to the large number of MM users, and There are also many wallets developed based on MM, so the impact of this vulnerability is quite large, so MM also generously paid a white hat bounty of 50,000 dollars. After the team synced the vulnerability with me, I started to analyze and reproduce the vulnerability.

Vulnerability Analysis

The white hat named this vulnerability as the demon vulnerability. The specific vulnerability description is more complicated. In order to let everyone better understand the problem, I try to explain the problem with simple expressions. When using the MM browser extension wallet to import the mnemonic, if you click the “Show Secret Recovery Phrase” button, the browser will cache the plaintext of the entered complete mnemonic in the local disk, which uses the mechanism of the browser itself, namely The browser will save the Text text in the Tabs page from the memory to the local, so that the state of the page can be saved in time when the browser is used, and the previous page state can be restored when the page is opened next time.

Based on my understanding of this vulnerability, I started to reproduce the vulnerability. Since MM only briefly described this vulnerability and did not disclose the details of the vulnerability, I encountered the following problems during reproduction:

  1. The file path where the cache is logged to disk is unknown
  2. It is unknown when the cache is logged to disk

In order to solve problem 1, I began to analyze and test the cache directory structure of the browser, and found that when using the browser (chrome), the relevant Tabs cache is recorded in the following directory:

Tabs cache path:

/Users/$(whoami)/Library/Application Support/Google/Chrome/Default/Sessions/

Slow Mist: A Brief Analysis of the MetaMask Wallet Demonic Vulnerability

Then continue to solve problem 2: The Sessions directory will record the cache of Tabs. In order to find out the time node when the cache is recorded, I decompose the entire process of importing mnemonics, and then observe the data changes of Sessions after each operation. It is found that after entering the mnemonic data on the following page, you need to wait for 10-20s, then close the browser, and the plaintext mnemonic information will be recorded in the Sessions cache data.

Slow Mist: A Brief Analysis of the MetaMask Wallet Demonic Vulnerability

Analysis conclusion

When users use MM normally, they put the data related to mnemonics into memory for storage, which is generally considered to be relatively safe (in the earlier Hacking Time of SlowMist, I found that when users use MM normally, it is The plaintext mnemonic can be extracted through the hook technology, which can only be used when the user’s computer is controlled by a malicious program), but due to the demonic vulnerability, the mnemonic will be cached to the local disk, so there will be The following new utilization scenarios:

  1. The plaintext mnemonic data is cached on the local disk and can be read by other applications. It is difficult to ensure that other applications do not read the Sessions cache file on the PC.
  2. The plaintext mnemonic data is cached on the local disk. If the disk is not encrypted, the mnemonic can be recovered through physical contact. For example, in scenarios such as computer maintenance, when others physically touch the computer, the mnemonic data can be read from the hard disk.

As an ordinary user, if you have used MetaMask Version < 10.11.3 and clicked Show Secret Recovery Phrase when importing the mnemonic, then your mnemonic may be leaked. You can refer to the MetaMask article to encrypt the disk And replace the wallet to migrate digital assets.

As an extension wallet project party, if you import the mnemonic phrase in the form of Text in the Tabs page to import the wallet, it will be affected by the demonic vulnerability. You can refer to the implementation of MetaMask Version >=10.11.3 to provide each mnemonic phrase Define a separate input box, and the input box type is Password.

Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2022-06-19 09:56
Next 2022-06-19 09:58

Related articles