Electron Applications

Electron Applications¶

https://www.electronjs.org/docs/latest/tutorial/security
https://www.youtube.com/watch?v=Olq6XnZ4Pwo

Debugging¶

You can use the --remote-debugging-port=1234 and open up localhost:1234 in chrome to get a websocket debugger to the electron application.

Extract the Election Application¶

Finding the asar file:

[gen0@gen0-test Temps-linux-x64]$ pwd
/tmp/Temps-linux-x64
[gen0@gen0-test Temps-linux-x64]$ ls resources/
app.asar  electron.asar

Extracting the asar file:

[gen0@gen0-test Temps-linux-x64]$ mkdir deompiled
[gen0@gen0-test Temps-linux-x64]$ asar e resources/app.asar deompiled/
[gen0@gen0-test Temps-linux-x64]$ ls deompiled/
assets  LICENSE  node_modules  package.json  README.md  src

XSS to RCE¶

Payload:

top.require('child_process').exec('calc')

Discord Desktop - Remote Code Execution¶

https://blog.electrovolt.io/posts/discord-rce/

Browser Isolation¶

Disable nodeIntegration
Disable nodeIntegrationInWorker
Enable contextIsolation
Enable sandbox
Enable websecurity
Disable allowRunningInsecureContent
Disable allowpopups in webviews

Limit navagation outside a specific domain

Validate the sender of IPC Messages

Electron Applications