{"id":23421582,"url":"https://github.com/evilbytecode/bloxstrap-persistance","last_synced_at":"2025-04-12T14:07:00.906Z","repository":{"id":244780616,"uuid":"816245819","full_name":"EvilBytecode/Bloxstrap-Persistance","owner":"EvilBytecode","description":"Bloxstrap-Persistance modifies Bloxstrap's settings (Settings.json) to add persistent integrations, showcasing how applications can be exploited.","archived":false,"fork":false,"pushed_at":"2024-06-17T11:11:57.000Z","size":5,"stargazers_count":7,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-26T08:37:33.678Z","etag":null,"topics":["bloxstrap","grabber","persistence","red-team","roblox-logger","tactics"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/EvilBytecode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-06-17T10:45:58.000Z","updated_at":"2024-07-27T00:13:19.000Z","dependencies_parsed_at":"2024-06-17T12:25:36.073Z","dependency_job_id":null,"html_url":"https://github.com/EvilBytecode/Bloxstrap-Persistance","commit_stats":null,"previous_names":["evilbytecode/bloxstrap-persistance"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FBloxstrap-Persistance","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FBloxstrap-Persistance/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FBloxstrap-Persistance/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FBloxstrap-Persistance/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/EvilBytecode","download_url":"https://codeload.github.com/EvilBytecode/Bloxstrap-Persistance/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248578865,"owners_count":21127713,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bloxstrap","grabber","persistence","red-team","roblox-logger","tactics"],"created_at":"2024-12-23T02:16:07.650Z","updated_at":"2025-04-12T14:07:00.879Z","avatar_url":"https://github.com/EvilBytecode.png","language":"Go","readme":"# Bloxstrap-Persistance\n\nBloxstrap-Persistance is a proof-of-concept demonstration showcasing how to abuse the configuration files of a hypothetical application named Bloxstrap. By persistently modifying its settings file (`Settings.json`), this project adds custom integrations, potentially compromising the integrity and functionality of Bloxstrap.\n\n## Proof of Concept (PoC)\n\nWatch the PoC video to see the demonstration in action:\n- [View PoC Video](https://streamable.com/fi1qp7)\n\n\n### Prerequisites\n\n- Go (Golang) environment to compile and run the code.\n- Bloxstrap installed on the target system.\n\n### Execution\n\n1. **Locate Settings File:**\n   - The program attempts to find the `Settings.json` file in the user's Bloxstrap directory (`AppData/Local/Bloxstrap`).\n\n2. **Modify Settings:**\n   - If the `Settings.json` file exists, the program reads its current settings into a data structure.\n   - It then appends a custom integration (`newmalinter`) with predefined values:\n     - **Name:** \"Evilbytecode was here\"\n     - **Location:** \"C:\\\\Windows\\\\System32\\\\cmd.exe\"\n     - **LaunchArgs:** \"start cmd.exe\"\n     - **AutoClose:** false\n\n3. **Persist Changes:**\n   - The modified settings, now including the malicious integration, are written back to `Settings.json`, ensuring persistence across application launches.\n\n### Limitations\n\n- **Dependency on Bloxstrap:** The success of this demonstration relies on Bloxstrap being installed and the `Settings.json` file being present in the specified directory.\n- **Ethical Considerations:** Modifying software settings without consent can be unethical and potentially illegal. This code is strictly for educational purposes.\n\n### Disclaimer\n- This project is intended for educational purposes only. Modifying software without explicit permission may violate terms of service and laws in your jurisdiction. Use responsibly and with caution.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevilbytecode%2Fbloxstrap-persistance","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fevilbytecode%2Fbloxstrap-persistance","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fevilbytecode%2Fbloxstrap-persistance/lists"}