Link to this headingElectron Applications

Electron Security
ElectroVolt - Pwning Popular Desktop Apps

Link to this headingDebugging

You can use the --remote-debugging-port=1234 and open up localhost:1234 in chrome to get a websocket debugger to the electron application.

Link to this headingExtract the Election Application

Finding the asar file:

[gen0@gen0-test Temps-linux-x64]$ pwd /tmp/Temps-linux-x64 [gen0@gen0-test Temps-linux-x64]$ ls resources/ app.asar electron.asar

Extracting the asar file:

[gen0@gen0-test Temps-linux-x64]$ mkdir deompiled [gen0@gen0-test Temps-linux-x64]$ asar e resources/app.asar deompiled/ [gen0@gen0-test Temps-linux-x64]$ ls deompiled/ assets LICENSE node_modules package.json README.md src

Link to this headingXSS to RCE

Payload:

top.require('child_process').exec('calc')

Link to this headingDiscord Desktop - Remote Code Execution

Discord Desktop - Remote Code Execution

Link to this headingBrowser Isolation

Disable nodeIntegration
Disable nodeIntegrationInWorker
Enable contextIsolation
Enable sandbox
Enable websecurity
Disable allowRunningInsecureContent
Disable allowpopups in webviews

Limit navagation outside a specific domain

Validate the sender of IPC Messages

Link to this headingCSP