04-28-2020, 02:05 PM
Chrome Botnet Proxies
Did not make this tool myself but found this nifty little thing on twitter which could be worth checking out: "CursedChrome".
It's a chrome-plugin that turns your targets into http-proxies.
So even if the organization is reasonably locked down; maybe they forgot to lock down chrome plugins? Also if you get a foothold you can use the proxy to access internal company resources such as intranet and other things.
Github: https://github.com/mandatoryprogrammer/CursedChrome
Panel:
![[Image: cursed-chrome-web-panel.png]](https://raw.githubusercontent.com/mandatoryprogrammer/CursedChrome/master/images/cursed-chrome-web-panel.png)
Did not make this tool myself but found this nifty little thing on twitter which could be worth checking out: "CursedChrome".
It's a chrome-plugin that turns your targets into http-proxies.
So even if the organization is reasonably locked down; maybe they forgot to lock down chrome plugins? Also if you get a foothold you can use the proxy to access internal company resources such as intranet and other things.
Github: https://github.com/mandatoryprogrammer/CursedChrome
Github Wrote:A (cursed) Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies. By using the proxies this tool creates you can browse the web authenticated as your victim for all of their websites.
Panel:
