THREATOPS
THREAT OPSThreat News › Drag and Pwnd: Leverage ASCII characters to exploit VS Code

Drag and Pwnd: Leverage ASCII characters to exploit VS Code

infoportswigger_researchPublished 2025-04-30

Control characters like SOH, STX, EOT and ETX were never meant to run your code - but in the world of modern terminal emulators, they sometimes do. In this post, I'll dive into the forgotten mechanics

Original source: https://portswigger.net/research/drag-and-pwnd-leverage-ascii-characters-to-exploit-vs-code