We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
ElectroVolt: Pwning Popular Desktop Apps While Uncovering New Attack Surface on Electron
Learn how to maximize security in Electron-based apps by identifying potential attack surfaces, including compromised renderer processes, design layer flaws, and prototype pollution, and explore solutions to minimize exposure to vulnerabilities.
- Always enable node integration in subframes and context isolation to minimize attack surface.
- Electron’s internal code can be exploited by a compromised renderer process.
- Design layer flaws can enable bypassing security settings and accessing node primitives.
- Use of V8 exploit and prototype pollution can lead to remote code execution.
- Electron’s IPC module can be leveraged to access main process and Node.js primitives.
- Context isolation can be bypassed, exposing preload scripts and Node.js primitives to the renderer process.
- Sandboxing can be bypassed by disabling context isolation and enabling node integration.
- Same site origin spoofing can be used to circumvent security features.
- Electron apps are vulnerable to open URL redirection, which can lead to code execution.
- Node primitives are not exposed to the renderer process by default, but can be exposed through node integration in subframes.
- Electron’s internal code is written in JavaScript and can be exploited.
- Prototype pollution gadgets can be used to leak IPC modules and invoke misconfigured IPC channels.
- Electron’s code patch level fix addressed previous vulnerabilities, but new ones may still exist.
- Node integration in workers and node integration in subframes are enabled by default, but can be used to expose Node.js primitives to the renderer process.