FIDO2 Authentication Bypass Implementation

Attacker is the application to be run by the malicious actor.

The inject.js script can be pasted in the console window of the malicious actor's browser to override the navigator.credentials.get(). It can also be converted to a web extension to use.

Cloud is a sample implementation of the C2 server.

The URL of the C2 server has to be mentioned in the flaskapp code for both the attacker and malware.

Malware is the malware script that is run on the victim's machine.

It can be made to start on boot.

Demo video

https://youtu.be/Lh45VzZqQ60

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
attacker		attacker
cloud		cloud
malware		malware
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

FIDO2 Authentication Bypass Implementation

Attacker is the application to be run by the malicious actor.

Cloud is a sample implementation of the C2 server.

Malware is the malware script that is run on the victim's machine.

Demo video

Note: This implementation does not contain the support for resident keys but it can be added.

About

Uh oh!

Releases

Packages

Languages

airvitap/Fido2-trojan-auth-bypass

Folders and files

Latest commit

History

Repository files navigation

FIDO2 Authentication Bypass Implementation

Attacker is the application to be run by the malicious actor.

Cloud is a sample implementation of the C2 server.

Malware is the malware script that is run on the victim's machine.

Demo video

Note: This implementation does not contain the support for resident keys but it can be added.

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages