Posts

Packaging Electron Applications for OSX

Image
I want to use Electron to create installable apps for OSX, Precise, and Trusty. I first attempted to use fpm (package distribution across multiple platforms) which works fine for creating rpm and deb packages, but creating the OSX pkg file proved difficult. These steps will summarize how to create an installable .pkg from an Electron Application. NOTE: This tutorial does not cover creating valid packages for the mac app store, which has a whole different set of requirements. But you will end up with a .pkg file which can be distributed and used to install your application. I. Re-Branding Electron Unless you want your Application to be named "Electron" after its installation, you will probably want to rename the application and change the default icon. On OSX, this is done by editing the existing Info.plist file in the Electron.app directory and changing four values to match your Apps name. The Location of the Electron Info.plist file is found under the Electron.app...

Using Selenium Testing for Electron (Atom shell) Applications

Image
Electron (formerly Atom Shell) is a very new way to quickly create javascript applications for multiple platforms. Not a lot of documentation exists about using Selenium to do full-fledged integration testing on Electron Applications. And even less exists about performing such tests in python. This brief tutorial should answer a few questions about Electron Applications and show you how to get started using Selenium to test them. I. Getting started Install and start chromedriver Selenium need this to be able to make calls to the Electron App. Chromedriver acts as a bridge between Selenium and Chrome, it follows Selenium wire protocol. By default, chromium runs on port 9515, you can start on alternate ports, but remember the assigned port this will be passed as an argument to Selenium later. ./chromedriver --port=9515 Install Selenium You'll need to use Selenium's remotewebdriver to interface with chromedriver. Im using a python virtualenv to keep all my python plugi...

Protostar: Stack5

Image
Overview I wanted to learn more about the fundamentals behind performing a buffer overflow, or "Stack Smashing" attack. This is a pretty common attack and no modern system would really have this type of vulnerability. Still, this is a good way to gain some beginners knowledge of reversing with GDB and the x86 assembly language, and because I am a diehard academic, lets dive in! Overview of Buffer Overflows Following the Exploit exercises site here , we downloaded the Protostar VM. I started at Stack5, because Stack0-4 were relatively simple. Stack5 is recreating a standard buffer overflow using shellcode as a payload. The source code includes nothing except for a simple 64 Byte buffer that you are supposed to overflow. This was my introduction to using any type of shellcode related exploit, so I have included links for my own reference. A snip of the source code for this exercise Crafting the Payload Metasploit and MsfPayload are command-line too...