# Proof of Concept for VS Code Remote WSL Remote Code Execution - CVE-2021-43907
See the blog at


## Building

1. `npm install`.
2. Store `vsda.node` for your architecture in `/routes/vsda.node`.
3. Run `npm start` or use `ctrl+shift+b` in VS Code.
4. Open `http://localhost:3000` and follow the instructions.

### Where is vsda.node?

* Windows: `C:\Program Files\Microsoft VS Code\resources\app\node_modules.asar.unpacked\vsda\build\Release\vsda.node`.
* Server (WSL): `~/.vscode-server/bin/{commit}/node_modules/vsda/build/Release/vsda.node`.

### Using the Node Inspector Instance and Popping Calc
This probably only works locally because we need to connect directly to the
Inspector instance.

1. Edit `/public/javascripts/nem.js` and search for `ZZZ`.
2. Uncomment the next two lines (see below).

// in nem.js - uncomment the two lines after ZZZ`
// ZZZ
// const res = await (await postJSON('/inspect',;
// showMessage(bufferToString(res));

1. Edit `/routes/sign.js` and search for `ZZZ`.
2. Modify the IP address in `popCalc`.

// ZZZ Change the IP address here.
popCalc('', port);