Don't Clone That Repo: Visual Studio Code^2 Execution
source link: https://blog.doyensec.com/2020/03/16/vscode_codeexec.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
This is the story of how I stumbled upon a code execution vulnerability in the Visual Studio Code Python extension, bundled by default within the IDE. It currently has 16.5M+ installs reported in the extension marketplace.
Your browser does not support the video tag.The bug
Some time ago I was reviewing a client’s Python web application when I noticed a warning
Fair enough, I thought, I just need to install pylint
.
To my surprise, after running pip install --user pylint
the warning was still there. Then I noticed venv-test
displayed on the lower-left of the editor window. Did VSCode just automatically select the Python environment from the project folder?! To confirm my hypothesis, I installed pylint
inside that virtualenv and the warning disappeared.
This seemed sketchy, so I added os.exec("/Applications/Calculator.app")
to one of pylint
sources and a calculator spawned. Easiest code execution ever!
VSCode behaviour is dangerous since the virtualenv found in a project folder is activated without user interaction. Adding a malicious folder to the workspace and opening a python file inside the project is sufficient to trigger the vulnerability. Once a virtualenv is found, VSCode saves its path in .vscode/settings.json
. If found in the cloned repo, this value is loaded and trusted without asking the user. In practice, it is possible to hide the virtualenv in any repository.
The behavior is not in VSCode core, but rather in the Python extension which is bundled by default with the editor. We contacted Microsoft on the 2nd October 2019, however the vulnerability is still not patched at the time of writing. Given that the industry-standard 90 days expired and the issue is exposed in a GitHub issue , we have decided to disclose the vulnerability.
PoC || GTFO
You can try for yourself! This innocuous PoC repo opens Calculator.app on macOS:
git clone [email protected]:doyensec/VSCode_PoC_Oct2019.git test.py
This repo contains a “malicious” settings.json which selects the virtualenv in totally_innocuous_folder/no_seriously_nothing_to_see_here
.
In case of a bare-bone repo like this noticing the virtualenv might be easy, but it’s clear to see how one might miss it in a real-life codebase. Moreover, it is certainly undesirable that VSCode executes code from a folder by just opening a Python file in the editor.
Disclosure Timeline
- 2nd Oct 2019 : Issue discovered
- 2nd Oct 2019 : Security advisory sent to Microsoft
- 8th Oct 2019 : Response from Microsoft, issue opened on vscode-python bug tracker #7805
- 7th Jan 2020 : Asked Microsoft for a resolution timeframe
- 8th Jan 2020 : Microsoft replies that the issue should be fixed by mid-April 2020
- 16th Mar 2020 : Doyensec advisory and blog post is published
Recommend
-
11
-
7
ruby invalid option dash colon Or When Ruby Goes Insane in the Brain Mar 24, 2020 This is a short one but a weird one. My main box rebooted today and when I went to create a blog post, I got this madness:...
-
7
More than anyone needs to know about word-break colon break-word.More than anyone needs to know about word-break colon break-word. 17 Jan 2014 (Funny how Jekyll barfs on title: word-break: break-word.)
-
14
Frida Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. Learn more at frida.re. Two ways to install 1. Install from prebuilt binaries
-
4
Copy link Contributor estebank commented
-
4
Multi-repo Support in Visual Studio Taysser August 11th, 2021 Have you ever needed to work on a solution...
-
8
Repairing a corrupt Git repo using a clone 2016-02-24 Quite recently I managed to make myself a corrupt git repository due to a file system failure. See, git stores everything in content addressable blobs - the file na...
-
3
Description Summary An attacker could, through a link or website, take over the computer of a Visual Studio Code user and any computers they were connected to via the
-
6
Sigmoid Colon
-
6
Colon Broom Reviews 2023: Buy it or Skip it?manjubhatia
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK