Cracking Electron: Why Electron is not secure for paid macos apps
Disclaimer: This article is for educational purposes only. Please do not use this for malicious intent. Don't use for illegal activities.
Electron is an open source framework for developing MacOS, Windows and Linux desktop apps using web technologies, namely HTML, CSS, JS. When you start the app it launches a chromium browsers and runs your app as if it were native. But it's not and thats why it is more than easy to crack an Electron app. Some of your most used apps might be build with Electron like VSCode, Slack, Discord, WhatsApp, Notion etc.
To keep it short, by clicking the app icon, MacOS launches a small binary file that opens a chromium window and the V8-engine starts to compile your JS files into a working app. The app is compressed into a single file called app.asar and all the dependencies are stored in the Frameworks folder.
$ /Applications/MyElectron.app/Contents/MacOS/MyElectron --remote-debugging-port=8315 --inspect=9229 This will open the app and make the frontend devtools available at http://localhost:8315 and the main process devtools at http://localhost:9229. You can also replac --inspect with --inspect-brk to break at the first line of the main process. This is useful for reverse engineering the startup processes of the app.
