electron Archives • Vulndev

04SepSeptember 4, 2021

Command Injection, Prototype Pollution & Kubernetes – Unobtainium @ HackTheBox

This video is about Unobtainium, a 40-point Linux machine on HackTheBox. For user, we download an electron app and proxy it through burp to find some credentials, which we can then use on an API endpoint. Combining a command injection & prototype pollution will then lead to a first shell...

By xctCTFcommand injection, electron, hackthebox, kubernetes, linux, prototype pollution

Electron-Updater RCE – Atom @ HackTheBox

We are going to solve Atom, a 30-point machine on HackTheBox where we'll analyze an electron app and exploit its updater. For root we will enumerate the running Redis instance, find an encrypted kanban password and then decrypt it.

By xctCTFelectron, hackthebox, kanban, windows

Tag - electron