HELP ME #199631
Replies: 1 comment
-
|
💬 Your Product Feedback Has Been Submitted 🎉 Thank you for taking the time to share your insights with us! Your feedback is invaluable as we build a better GitHub experience for all our users. Here's what you can expect moving forward ⏩
Where to look to see what's shipping 👀
What you can do in the meantime 💻
As a member of the GitHub community, your participation is essential. While we can't promise that every suggestion will be implemented, we want to emphasize that your feedback is instrumental in guiding our decisions and priorities. Thank you once again for your contribution to making GitHub even better! We're grateful for your ongoing support and collaboration in shaping the future of our platform. ⭐ |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
🏷️ Discussion Type
Bug
💬 Feature/Topic Area
ARC (Actions Runner Controller)
Discussion Details
The script scanned binary files and scripts within the Microsoft VS Code folder for important hooks:
Module Loading: Several captures were found at Module._load within Code.exe (e.g., lines 1,208,581), a technique used to track which libraries or dependencies the program is loading.1
IPC Communication: ipcMain and ipcRenderer (lines 1,117,976) were detected, which are the main channels for transmitting data between the user interface (UI) and the VS backend processing. Code1
Child Process Tracking: Numerous calls to child_process.spawn and _forkChild were found, indicating the execution of fragmented processes to handle tasks such as Extension Host1
The system provides detailed logs of WebSocket connection events via the undici library:
WebSocket Events: On/Off detected and checking the connection status such as undici:websocket:open, ping, pong, and socket_error1
Handshake Analysis: Important headers such as Sec-WebSocket-Key and Sec-WebSocket-Accept are checked to verify the correctness of the connection1
Connection Lifecycle: The functions establishWebSocketConnection and failWebSocketConnection are found. which is used to control the status of connections to external servers1
The information at the end of the Log (from your additional submission) indicates the reason for the incomplete runtime review:
Access Denied: The script attempted to access a file in Microsoft\Edge\User Data\Profile 1 but was denied access1
File Locking: Important files in Service Worker\Database and Session Storage are locked because the Edge browser is open, causing the Select-String script to stop. Pipeline stopped immediately 1
Reparse Points: A complex Junction or folder connection point setting was found in AppData\Local, causing redundant scanning in some locations 1
Docker Desktop: A Docker Desktop.exe process (PID: 38268) was found running in renderer mode and connected via engine.sock1
Execution Aliases: Shortcuts for development tools such as bash.exe, python.exe, ngrok.exe, and pwsh.exe are defined in the system1
Summary: Your script attempts to perform a "Forensic Analysis" to see how VS Code and Docker communicate internally and externally, but the scan is interrupted when it reaches a locked Edge system file.
Would you like me to help analyze the code in the line that detected
Module._loadto see if any script injection is occurring, or would you like me to help optimize your PowerShell script to bypass the errors and complete the program?Beta Was this translation helpful? Give feedback.
All reactions