“Only an Electron Away from Code Execution”

Article supporting my talk at the NorthSec 2018 in Montreal about how a simple XSS in Electron apps can escalate into code execution and my experiences in exploring that.

Over the decades, various security techniques to mitigate desktop specific vulnerabilities have been developed which makes it difficult to successfully exploit traditional desktop applications. With the rise of the Electron framework, it became possible to develop multi-platform desktop applications by using web technologies. Developed by the Github team, Electron has already become amazingly popular, bringing adventurous web app developers to explore the desktop environment.

In this talk, I will discuss the Electron framework and the related security issues, its wonderful “features” getting me a bunch of CVE’s, possible attack vectors and the developers in the dark about these issues. And as Electron apps do not like to play in the sandbox, this talk will demo Electron applications found to be vulnerable, gaining code execution from XSS.

Slide deck can be found from: here

Writeups

Course slides: Modern Binary Exploitation by RPISEC
Course materials in Github: https://github.com/RPISEC/MBE

"The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linux-based userland binary exploitation. It will then transition into protections found on modern systems (Canaries, DEP, ASLR, RELRO, Fortify Source, etc) and the techniques used to defeat them."

Level 1:

Level 2:

Level 3:

Reminders/notes/random stuff