The security weakness exploited by the tools in this repository was responsibly disclosed to the CodeTantra security team and has been fixed in the latest release of CodeTantra SEA.
This project now serves only as a historical record and research base to help defenders and security researchers understand the issue and look for similar vulnerabilities in future versions or other software. Do not use these tools against live, up-to-date production systems.
- Overview
- Features
- How It Worked
- Requirements
- Quick Start (research / demo only)
- Building From Source
- Project Structure
- Contributing & Road-map
- Legal / Ethical Disclaimer
- License
CodeTantra SEA – Enhanced Helper is a pair of small utilities (one C++ helper & one Python injector) originally written to bypass two specific restrictions inside the CodeTantra Secure Exam Application (SEA):
- Window Management – kept the SEA window below every other window so a student could
Alt-Tabfreely. - Away-Timer Prevention – injected JavaScript into the embedded Chromium instance to stop the "You navigated away" timer.
Both tricks relied on weaknesses that have since been patched. The repository is preserved so that:
- blue-teams can reproduce & validate the old behaviour,
- researchers can extend the approach to hunt for new issues, and
- educators can reference a concrete, fixed case study of client-side exam bypassing.
- HWND.exe / HWND.cpp – Enumerates all visible windows, forces every window except CodeTantra to be always-on-top.
- dev_injector.exe / dev_injector.py – Connects to the SEA Chromium DevTools port and injects a multi-strategy JavaScript payload that disables away-detection logic.
- launcher.py – Convenience script that launches SEA, waits, then starts both helpers automatically.
- SEA was started with the flags
--remote-debugging-port=9222 --remote-allow-origins=*so that DevTools was remotely reachable. dev_injectorpolled DevTools targets, found the exam page, and executed the payload shown indev_injector.py.- In parallel
HWND.exeiterated over top-level windows via the Win32 API, flipping the always-on-top flag. - Together this allowed seamless window switching without triggering SEA's focus/visibility checks.
For a full, annotated walkthrough read the comments inside each source file.
- Operating System – Windows 10/11 (only).
- Python – 3.8 or later if you intend to run the injector from source.
- C++ Compiler (optional) – MinGW-w64 or MSVC if you want to rebuild
HWND.exe.
Python packages (see requirements.txt):
aiohttp>=3.8.1
websockets>=10.4
IMPORTANT: Use only on an offline test VM with an out-of-date SEA installation for demonstration purposes.
- Install Python deps:
pip install -r requirements.txt - Double-click
launcher.pyor run:python launcher.py
- SEA will start, followed by the two helper processes. Observe that switching windows no longer triggers the away-timer (on the vulnerable build).
- Stop the demo via Task Manager or
CTRL+Cin the terminal.
g++ -o HWND.exe HWND.cpp -lpsapiPyInstaller recipe:
pyinstaller --onefile dev_injector.py├── dev_injector.py # Python source for the DevTools injector
├── dev_injector.exe # Pre-built single-file executable (PyInstaller)
├── HWND.cpp # C++ window management helper source
├── HWND.exe # Pre-built binary
├── launcher.py # Convenience launcher script
├── requirements.txt # Python dependencies
└── README.md # You are here 📘
Issues & pull requests that explore new security ideas, refactor the PoC, or add detailed documentation are welcome. Please do NOT submit code intended to exploit currently-supported SEA versions.
This repository is provided solely for educational and defensive security research. Running the tools against systems you do not own or have explicit permission to test may be illegal. The authors and contributors bear no responsibility for misuse.
This project is released under the MIT License. See LICENSE for details.