Chrome Botnet Proxies
#1
Chrome Botnet Proxies

Did not make this tool myself but found this nifty little thing on twitter which could be worth checking out: "CursedChrome".
It's a chrome-plugin that turns your targets into http-proxies.

So even if the organization is reasonably locked down; maybe they forgot to lock down chrome plugins? Also if you get a foothold you can use the proxy to access internal company resources such as intranet and other things.

Github: https://github.com/mandatoryprogrammer/CursedChrome

Github Wrote:A (cursed) Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies. By using the proxies this tool creates you can browse the web authenticated as your victim for all of their websites.

Panel:
[Image: cursed-chrome-web-panel.png]
Reply
#2
Nice! I like that one, I will try it out.
Reply
#3
Now there are botnets, with webinjects, etc., for the Chrome store, I have seen one for rent, much progress has been made
Reply
#4
Wow! This is really cool! Goes to show it's important to just not install random browser extensions that run code on your machine.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Verifying https proxies at high speed illmanors 0 15,222 09-16-2018, 11:23 AM
Last Post: illmanors