A number of vulnerabilities have been exploited in Microsoft Teams by attackers through the use of GIFs. The attack technique has been named ‘GIFShell’, and allows the attackers to send malicious files, execute commands, and exfiltrate data from their victims. Affected versions of Microsoft Teams include version 1.5.00.11163 and earlier, where the exploited insecure design elements and vulnerabilities are present. However, security researcher Bobbyr who discovered and reported on this flaw on Medium states that these “remain unpatched in the most recent version of Teams” and therefore attackers can still use the GIFShell attack chain in the current version.
This is a reverse shell attack, where the attacker and victim do not have direct communication, instead all communication is with the Microsoft Teams Server. This can be channelled through malicious GIFs that are sent via Teams Messages, or through out of bounds lookups of GIFs by the Microsoft servers themselves. Because the traffic going to the victims is ‘legitimate’ traffic from the Microsoft servers, this attack is harder for security software to detect.
Seven different insecure elements and vulnerabilities are exploited to accomplish this attack:
- Microsoft Teams allows for all external senders to send messages to users within a new tenant by default
- Microsoft Teams messages are stored in plain text in the low-privileged user’s file directory and can be scanned easily by a simple staged payload
- The GIFShell stager can run and scan the Teams plain text log files with no need for elevated or administrator privileges
- Microsoft Teams attempts to render GIFs on the user’s behalf, which allows for Out of Bounds HTTP and DNS requests
- GIFs in Microsoft Teams messages are base64 encoded and not scanned for malicious bytes or content
- Sending of Microsoft Teams messages can be easily automated using the Python requests module which bypasses restrictions from the Microsoft Graph API
- Data can be exfiltrated via Teams Cards embedded with GIFs due to no protections or authentication necessary when sending Teams messages to a public webhook
A further two vulnerabilities caused by a lack of permission enforcement and attachment spoofing can be used by the attackers to drop and execute the GIFShell stager on the victim’s computer, which completes the attack chain. This uses techniques and vulnerabilities detailed in another Medium post by the same security researcher. Although all of the flaws involved in this attack were disclosed to Microsoft in May and June 2022, they were not directly addressed, as Microsoft believed that they did not meet the “bar for immediate servicing”. A workaround to avoid falling victim to this attack is to disable the default external access setting in Microsoft Teams, and monitor unusual requests in the log files, or specifically in the Teams Gif lookup, for long Gif names which could potentially contain exfiltrated data.
Administrators can also adjust the Teams settings to prevent the use of GIFs and stickers by setting Messaging Policies.