#node.js used by #Adobe, #Logitech, #Nvidia and others can be used to #exploite #Windows 😱
Source: https://nitter.eu/Laughing_Mantis/status/1512081814994575377
So what can you do with these and how can they be abused:
You can modify the JSON and JS files mentioned in order to:
- arbitrary download binaries
- ignore download checksums
- execute commands as SYSTEM
- C2 on the behalf of applications
- perform file I/O as SYSTEM
etc.
...
A good generic tool should scan the local appdata and program file folders for instances of NODE.JS or JSON files (Maybe not Microsoft Store instances) and then have templates for trojanizing each vendor's custom #NodeJS and #JSON.
#Microsoft #warning #danger #0day #software #news #Trojan #problem #hack #hacker #driver #install #fail #security
5 Likes