Recently, we discussed various methods of persistence on corporate devices and a colleague of mine mentioned a tool he had written. We weren’t certain if we could use this to our advantage, but we explored the possibility of exploiting Electron applications further.
All the methods proposed in this blog post (DLL Hijacking, Remote Debugging Protocol, Beemka) are not new and have already been extensively documented elsewhere. But as it took me a long time to recompile a current list of possible methods, i wanted to provide one reference point for Electron post-exploitation for persistence. Backdooring Electron Applications
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer