Backdooring Electron Applications
Recently, we discussed various methods of persistence on corporate devices and a colleague of mine mentioned a tool he had written. We weren't certain if we could use this to our advantage, but we explored the possibility of exploiting Electron applications further.
All the methods proposed in this blog post (DLL Hijacking, Remote Debugging Protocol, Beemka) are not new and have already been extensively documented elsewhere. But as it took me a long time to recompile a current list of possible methods, i wanted to provide one reference point for Electron post-exploitation for persistence.