Information Disclosure of Hardcoded Keys (in SQLite) and Encryption Algorithm (in AesFormula.js File) Resulting in Compromised the Real Credentials.
In the name of Allah, the Most Gracious, the Most Merciful.
This marks the third part (2nd section) of a series of articles exploring the fundamentals of security testing for Electron-based applications.
In this part, we will explore a unique case study we encountered regarding the extraction result of the .asar file.
If you are just beginning to read this article, in the previous section, we explained the importance of extracting and analyzing .asar files to gather useful information.
Note: This article has been published on the company blog where I am employed. Please visit the post for more details: