A tool that can inject any js into the V8 VM
Explore the docs »
Report Bug
·
Request Feature
Documentations are available under GitHub Pages.
This project began with an initial idea: injecting scripts into Electron applications. There are traditionally two main approaches for accomplishing this.
- Modifying resource files, such as .js or .asar files. However, this approach is highly invasive and cannot pass integrity checks in some software.
- Opening a debugging port (
--inspect
or--inspect-brk
) and injecting scripts using a debugger. However, some software may inspect this parameter or outright block it.
This project takes a different approach by hooking into the compilation functions of the V8 engine, directly modifying the source code passed to the V8 compiler. This allows scripts to be injected into the V8 engine without altering any local files or opening any debugging ports. Through testing, it has been confirmed that this method can be used with any software/framework built on the V8 engine, including but not limited to Node.js, Electron, and Deno.
Currently, this project has been tested exclusively on Linux and Windows. In theory, with minor modifications, it should be possible to run it on macOS. However, this is not currently part of our development roadmap.
This project is divided into two parts: core
and launcher
. The core
constitutes the central component and represents the actual injected payload. The launcher
is responsible for loading the payload, which is the core
, into the target program.
On Linux, loading the payload can be accomplished simply using LD_PRELOAD
. However, on Windows, this might require additional work, and this is where the purpose of the launcher comes into play.
So far, we support the following targets:
Target | Supported | Note |
---|---|---|
Node.js | Yes | |
Electron | Yes | |
CEF | Untested | |
Deno | No | Deno remove exports from V8. In future versions, we will introduce pattern matching to address this issue. |
Pattern matching is on the way. #12
This is an example of how you may give instructions on setting up your project locally. To get a local copy up and running follow these simple example steps.
Distributed under the MIT License. See LICENSE
for more information.
ShellWen - @realShellWen - me@shellwen.com
Project Link: https://github.com/ShellWen/v8_killer