id: node-integration-enabled

info:
  name: Electron Applications - Cross-Site Scripting & Remote Code Execution
  author: me9187
  severity: critical
  description: |
    Electron Applications is susceptible to remote code execution by way of cross-site scripting via nodeIntegration  by calling require('child_process').exec('COMMAND');.
  reference:
    - https://blog.yeswehack.com/yeswerhackers/exploitation/pentesting-electron-applications/
    - https://book.hacktricks.xyz/pentesting/pentesting-web/xss-to-rce-electron-desktop-apps
  tags: electron,file,nodejs
file:
  - extensions:
      - all
    matchers:
      - type: word
        words:
          - "nodeIntegration: true"

# digest: 4a0a00473045022070caab60eefc323b37e341d70c757d85c7fedf66d0e35b51a425a8aa7ec6c847022100bca4045fc5d68b14d123532d732daa73ffbc5af0e124764325706d859da74e9f:922c64590222798bb761d5b6d8e72950