V8 Killer#
A powerful and highly customizable universal V8 virtual machine injector.
What is V8 Killer#
This project (V8 Killer) developed by ShellWen is
a general script injection scheme for V8 engine.
Currently, we are mainly focusing on solving the injection problems of Electron
programs.
Comparison of Electron Injection Solutions#
There are several common Electron injection solutions at present:
Enable Debugging Port | Replacing Resource Files | V8 Killer | |
---|---|---|---|
Principle | Enable Devtools debugging port by special command-line parameters or runtime signals | Replace scripts files / asar resource packages stored on disk | Inject dynamic link libraries inline hook after program runs, modify the logic of V8 engine script compilation |
Can pass integrity checks | ✅ | ❌ The modification of files will cause the digest value to change | ✅ |
No security issues | ❌ The debugging port cannot be protected, any program can be injected | ✅ | ✅ The contents of the injection are specified by the configuration file and do not expose the attack surface |
No need to re-adapt after updating | ✅ | ❌ | ⭕ Only need on Windows platform |
Allows modification of any script | ❌ | ✅ Supports substitution of original scripts | ✅ Supports substitution or modification of original scripts |
Currently, V8 Killer is the only universal injection solution that won't break the integrity of Electron programs.
The main disadvantages of V8 Killer:
- For Electron builds under Windows platform, some symbol export information is removed by default, so you need to reverse and fill in the EVA of relevant functions yourself;
- Some Electron programs may check the list of dynamically linked libraries loaded in memory, which may lead V8 Killer to be discovered in the target program.
Getting Started#
Please go to Getting Started.
Contribution#
If you find flaws / Bugs in the code, we welcome you to submit them to us via GitHub Issues, or directly submit solutions to us through GitHub Pull Requests.
If the existing code does not meet your needs, or if you have any new ideas, you can also tell us
via GitHub Issues, but we need to point out that the time of project maintainer is
limited, we may not always be able to satisfy you.
The translation of documents may be delayed or errors may occur due to negligence. If this happens, please report them to us via GitHub Issues.
If you know
about Rust and hope to participate in the development of this project, please go to Development.
Community#
If you encounter problems while using V8 Killer, please go to our discussion page GitHub Discussions.
Please note: GitHub Issues are only used to submit code defects / Bugs, please do not post usage issues to Issues, which would distract developers.
User Notice & Disclaimer#
This project is only for learning and communication purposes, it is forbidden to use it for illegal purposes, or you
will bear the consequences.
This project does not contain any explicit or implied warranties for any purpose, and the
contributors of this project are not responsible for any direct or indirect losses caused by anyone using this project.
The users of this project must read this statement carefully while complying with the open source license.
Technology Stack#
This project uses some open source code from the community, we would like to express our sincere gratitude to these contributors:
Without their contributions, this project would not have been successfully completed.
Thanks again for their contributions to the open source community.
Licensing Agreement#
This project follows the MIT licensing agreement.
For specifics, see the LICENSE file in the project root directory.