Print3M/FileJacking-PoC

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md
_img.png		_img.png
index.html		index.html

Repository files navigation

FileJacking: Proof-of-Concept

FileJacking PoC screenshot

IMPORTANT: If you don't know what this is all about read this article: FileJacking – Initial Access with File System API

This simple PoC shows how to read and overwrite a user-selected file from the browser. This technique can be used in redteaming, for example, to backdoor an LNK file directly from the browser.

How to use:

Open index.html in Chromium-based browser.
Open DevTools -> Console.
Drop "input" file.
Drop "output" file.
Great. Now the output file is overwritten with the content of input file.

To use this in a real-world exercise, remove the "input" file reading feature and replace it with the hard-coded base64 content displayed in the console.

NOTE: The Mark-of-the-Web (MOTW) is attached to the file after editing.

About

PoC of FileJacking technique with File System API.

print3m.github.io/blog/filejacking-initial-access-with-file-system-api

Languages

HTML 100.0%

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Print3M/FileJacking-PoC

Folders and files

Latest commit

History

Repository files navigation

FileJacking: Proof-of-Concept

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Languages