APPSEC Cali 2018 - MarkDoom: How I Hacked Every Major IDE in 2 Weeks

a-YnG3Mx-Tg/default.jpg

by Matt Austin, Director of Security Research at Contrast Security

Abstract:
JavaScript (and HTML) has completely conquered the Web, and now it’s taking over the Desktop. In order to provide more user-friendly graphical interfaces, today's software applications are being built with embedded browsers. Companies such as GitHub, Apple, Microsoft, Facebook, and Slack all build complex, desktop-like web applications completely in JavaScript. Many other organizations embed entire browsers into their products for rendering content. We call all of this the “Desktop Web,” and it’s full of security problems that have more devastating consequences than your typical JavaScript injection.
I will walk through examples of arbitrary code execution that I discovered in Visual Studio Code, GitHub Atom Editor, Sublime Text, Adobe Brackets Editor, all JetBrains Products (IntelliJ IDEA, PhpStorm, WebStorm, PyCharm, RubyMine, AppCode, CLion, ...) and more. This research resulted in 5 CVEs and $(TBD)k in bounties.
Welcome to the unholy marriage of web application and desktop security. Let’s explore how each editor was implemented, what went wrong, and the controls that can be used to do this more safely.

Matt Austin is the Director of Security Research at Contrast Security focused on runtime security assessment and protection through instrumentation. Prior to Contrast Matt worked as a security consultant at Aspect Security, and is currently active is many of the top Bug Bounty platforms.

Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP...

a-YnG3Mx-Tg/default.jpg
APPSEC Cali 2018 - MarkDoom: How I Hacked Every Major IDE in 2 Weeks APPSEC Cali 2018 - MarkDoom: How I Hacked Every Major IDE in 2 Weeks Reviewed by Anonymous on March 19, 2018 Rating: 5