-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Cursed
Cursed Chrome/electron post-exploitation tool kit introduced in Sliver vTBD, which integrates with CursedChrome. It can automatically find existing Chrome Extensions with the required permissions for CursedChrome and remotely inject it onto the target system.
The cursed chrome command can be used to restart a remote system's Chrome browser with remote debugging enabled. If no payload is specified using --payload the command will simply restart Chrome with remote debugging enabled, you can then use cursed console to interact with any debug target.
If a payload is specified, the command will restart Chrome with remote debugging, enumerate installed browser extensions, determine if any extension has the required permissions for CursedChrome and inject the payload into the extension's execution context.
The cursed console command can be used to start an interactive REPL with any cursed process. You will need to start a cursed process using cursed chrome or cursed electron before using cursed console. You can list cursed processes using the cursed command.
"Bred as living shields, these slivers have proven unruly—they know they cannot be caught."