Electron Applications
Electron Applications¶
Electron Security
ElectroVolt - Pwning Popular Desktop Apps
Debugging¶
You can use the --remote-debugging-port=1234
and open up localhost:1234
in chrome to get a websocket debugger to the electron application.
Extract the Election Application¶
Finding the asar file:
[gen0@gen0-test Temps-linux-x64]$ pwd
/tmp/Temps-linux-x64
[gen0@gen0-test Temps-linux-x64]$ ls resources/
app.asar electron.asar
Extracting the asar file:
[gen0@gen0-test Temps-linux-x64]$ mkdir deompiled
[gen0@gen0-test Temps-linux-x64]$ asar e resources/app.asar deompiled/
[gen0@gen0-test Temps-linux-x64]$ ls deompiled/
assets LICENSE node_modules package.json README.md src
XSS to RCE¶
Payload:
top.require('child_process').exec('calc')
Discord Desktop - Remote Code Execution¶
Discord Desktop - Remote Code Execution
Browser Isolation¶
Disable nodeIntegration
Disable nodeIntegrationInWorker
Enable contextIsolation
Enable sandbox
Enable websecurity
Disable allowRunningInsecureContent
Disable allowpopups
in webviews
Limit navagation outside a specific domain
Validate the sender of IPC Messages