https://jh.live/plextrac-408 || Save time and effort on pentest reports with PlexTrac's premiere reporting & collaborative platform: https://jh.live/plextrac-408 😎

Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training
See what else I'm up to with: https://jh.live/newsletter

ℹ️ Affiliates:
Learn how to code with CodeCrafters: https://jh.live/codecrafters
Host your own VPN with OpenVPN: https://jh.live/openvpn
Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense
Master Binary Files and Protocols with Gynvael Coldwind: https://jh.live/hackarcana (code MBF-JH-10 gives 10% off!)

John Hammond

The post explains how a vulnerability in Electron-based applications, like the AI code editor Cursor, can be exploited using Loki C2, a Node.js-based command and control framework. It demonstrates setting up and using Loki to backdoor Electron applications by replacing their JavaScript files, allowing for remote execution of arbitrary code. The post also discusses how to ensure the targeted application remains functional while compromised, highlighting the collaboration between the author and the developer of Loki C2.

I Backdoored Cursor AI

<p>You know, I don’t 100% understand what you say, but I do 100% enjoy your content. Maybe someday, something will stick in my brain 😂</p>
