Abusing url handling in iTerm2 and Hyper for code execution

&gt; This is of course a harmless PoC and you can try it out using docker pull vin01&#x2F;escape-seq-test:latest --platform darwin&#x2F;arm64 or docker run --rm vin01&#x2F;escape-seq-test and you should see the injected link as shown below.<p>Wow, I wouldn&#x27;t have expected `docker pull` in particular to allow arbitrary content injection. Does anyone know of any tools which scan images being pulled before passing them over to `docker` for processing?

Slightly off-topic, but...<p>&gt; Hyper is an Electron-based terminal<p>Why!?

Would it help if SSH clients don&#x27;t pass TERM variable to identify that current terminal is capable of handling &quot;\e]8&quot; ? I assume TERM is how the remote application know that this exploit is available.<p>I also assume that this vulnerability is meant for remote apps accessed via SSH or similar, since a compromised app that is executed locally probably have easier exploits (they might just run calculator or whatever directly without going through escape sequences, for example).

&gt;<i>Any links using those schemes when clicked, would open the MacOS terminal to perform the corresponding action.</i><p>I&#x27;m unclear which of these are being described:<p>1: when printed and clicked, they may be handled by the terminal, and the terminal&#x27;s handling allows more behaviors than it should, allowing code execution<p>2: when printed, these urls are <i>automatically</i> executed by the shell, allowing code execution<p>Neither are good of course, but they&#x27;re different levels of badness, and I feel like I must be missing a single critical word somewhere to be able to figure out which it is.<p>---<p>That said, oh boy I do not want this:<p>&gt;<i>Most terminal emulators these days allow using Osc 8 to directly generate hyperlinks from arbitrary text.</i><p>Is there a standard way to disable it? That sounds awful, terminals don&#x27;t have even a small fraction of browsers&#x27; malicious-link-defense mechanisms (as demonstrated). I <i>always</i> want to see the full url in a terminal.

I stopped using iTerm2 as soon as I learned it will open arbitrary URLs.

At the very end of the article,<p>&gt; Upgrade to iTerm2 3.5.0<p>I had just gotten the upgrade notification for 3.5.0 a few minutes ago. I scrolled through the release notes a bit and got to the &quot;AI&quot; section and I would like very much to get off this ride. I am grumpy and a terminal should be a terminal.<p>Features of iTerm2 I don&#x27;t use and don&#x27;t think belong in a terminal emulator:<p><pre><code> - tmux integration - shell integration - ssh integration - password manager integration - hooks - syntax highlighting *that&#x27;s baked into the terminal* - installing its own python runtimes (?!) - ~blindly~ opening URLs when rendering a certain escape sequence [0] </code></pre> [0] <a href="https:&#x2F;&#x2F;gitlab.com&#x2F;gnachman&#x2F;iterm2&#x2F;-&#x2F;issues&#x2F;10994" rel="nofollow">https:&#x2F;&#x2F;gitlab.com&#x2F;gnachman&#x2F;iterm2&#x2F;-&#x2F;issues&#x2F;10994</a> the discussion in there makes it seem like it&#x27;s okay because many schemes that aren&#x27;t http[s] cause the browser to open a dialog box<p>Features of iTerm2 I use:<p><pre><code> - fullscreen without using MacOS&#x27;s spaces implementation of fullscreen </code></pre> .... This got away from me and went from grumpy muttering to a snarky rant. I like iTerm2, it&#x27;s just starting to feel like somebody else&#x27;s terminal, that&#x27;s all.<p><i>Edit: tried to cross out &quot;blindly&quot; above, it does ask you whether you want to open the URL, though it offers to always allow it for that host which seems like it might be iffy, but at least if I never click &quot;always allow&quot;, I&#x27;ll be notified if anything tries to inject this OSC sequence.</i>