
Building a Botnet on ServiceWorkers - Capira
http://sakurity.com/blog/2016/12/10/serviceworker_botnet.html
======
comboy
I opened the js fiddle and I can't see any Service Workers running in chrome
inspector. Also, since that seems to be an actual image, how does the JS get
executed? I see a Link header, but why would something get executed because of
it?

Edit: Oh, it's running indeed ( chrome://inspect/#service-workers )

~~~
Aaron1011
IIRC, service workers allow you to intercept all requests made by the page,
for the purposes of implementing offline caching.

~~~
comboy
Right, but you need to execute some JS to set them up, and the example only
shows img tag.

~~~
detaro
No, the Link-tag with rel=serviceworker on the image response installs the
service worker. Not clear (to me) if that's part of the origin trial or not.

~~~
youngtaff
The link tag with rel=serviceworker behaviour here is part of 'Foreign-Fetch'
\- an experiment too allow third-parties to install a serviceworker e.g.
analytics provider could install a SW that handles analytics offline so a
developer doesn't need to.

I think the origin-trial for this expires early next year.

[https://developers.google.com/web/updates/2016/09/foreign-
fe...](https://developers.google.com/web/updates/2016/09/foreign-fetch)
[https://groups.google.com/a/chromium.org/forum/#!topic/Blink...](https://groups.google.com/a/chromium.org/forum/#!topic/Blink-
dev/sIzHpZVhmBE)

------
lowglow
Just launched Wolfpack, a little botnet (distributed task-based agents). You
can check it out here:
[https://github.com/dpgailey/wolfpack](https://github.com/dpgailey/wolfpack)

