BEEMKA / Electron Post-Exploitation When The Land Is Dry

BEEMKA / Electron Post-Exploitation When The Land Is Dry

Now that you have a shell, you need to establish persistence. How about this time, you use slack.exe without modifying its signature? Or Skype, WhatsApp, or even Visual Studio Code?

An architecture decision makes backdooring legitimate applications easy, and enables attackers to egress data from both within the application (your stored passwords / application session etc) and from the operating system. And as ElectronJS is cross-platform, the sky’s the limit! Batteries included – yes, there’s a tool for that!

Presented by