Drag and Pwnd: Leverage ASCII characters to exploit VS Code
ATT&CK techniques detected
T1059.001PowerShell
81%
"##culator \ x0d. txt what the visual studio code terminal sees : ' very very very long name [ ctr + c : ignore line ] open - a calculator [ enter ]. txt ' be aware that when a file is dragged and dropped, the carriage return character [ \ x0d ] automatically executes a command. t…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.006Python
38%
"a shell, trusting that everything downstream will " do the right thing ". that trust breaks when control characters come into play. in visual studio code, you can define custom run configurations under run → add configuration. these configurations often include an args array. dur…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Control characters like SOH, STX, EOT and ETX were never meant to run your code - but in the world of modern terminal emulators, they sometimes do. In this post, I'll dive into the forgotten mechanics