BrowserBackdoor v1.15 is an Electron application that uses a JavaScript WebSocket Backdoor to connect to the listener.

pak-tani / June 11, 2016 / Comments Off / Browser, Penetration Test

BrowserBackdoor is an Electron application that uses a JavaScript WebSocket Backdoor to connect to the listener.
BrowserBackdoorServer is a WebSocket server that listens for incoming WebSocket connections and creates a command-line interface for sending commands to the remote system.
The JavaScript backdoor in BrowserBackdoor can be used on all browsers that support WebSockets. It will not have access to the Electron API of the host computer unless the BrowserBackdoor Client application is used.

Latest Change v1.15 11/6/2016:
+ Ignore enter in readline history.
+ Add execCommand module.
+ Add writeClipboard module.

Requirements:
+ NodeJS and NPM

Usage:

git clone https://github.com/IMcPwn/browser-backdoor && cd browser-backdoor
cd client npm install
npm start

Building executables for all platforms:
cd client
npm install electron-packager -g
electron-packager . --all

install and run BrowserBackdoorServer:
cd server
gem install bundler
bundle install
# Configure config.yml before the next command
ruby bbsconsole.rb

git clone https://github.com/IMcPwn/browser-backdoor && cd browser-backdoor

cd client npm install

npm start

Building executables for all platforms:

cd client

npm install electron-packager -g

electron-packager . --all

install and run BrowserBackdoorServer:

cd server

gem install bundler

bundle install

# Configure config.yml before the next command

ruby bbsconsole.rb

Download: v1.15.zip | v1.15.tar.gz
Source: https://github.com/IMcPwn

Tags: Backdoor, firefox, google chrome, IE Internet Explorer, Node.JS, package.json

Archives

BrowserBackdoor v1.15 is an Electron application that uses a JavaScript WebSocket Backdoor to connect to the listener.