Home Security KeePass Exploit Permits Attackers to Recuperate Grasp Passwords from Reminiscence

KeePass Exploit Permits Attackers to Recuperate Grasp Passwords from Reminiscence

by crpt os


May 22, 2023Ravie LakshmananPassword Security / Exploit

A proof-of-concept (PoC) has been made available for a security flaw impacting the KeePass password manager that could be exploited to recover a victim’s master password in cleartext under specific circumstances.

The issue, tracked as CVE-2023-32784, impacts KeePass versions 2.x for Windows, Linux, and macOS, and is expected to be patched in version 2.54, which is likely to be released early next month.

“Apart from the first password character, it is mostly able to recover the password in plaintext,” security researcher “vdhoney,” who discovered the flaw and devised a PoC, said. “No code execution on the target system is required, just a memory dump.”

“It doesn’t matter where the memory comes from,” the researcher added, stating, “it doesn’t matter whether or not the workspace is locked. It is also possible to dump the password from RAM after KeePass is no longer running, although the chance of that working goes down with the time it’s been since then.”

It’s worth noting that successful exploitation of the flaw banks on the condition that an attacker has already compromised a potential target’s computer. It also requires that the password is typed on a keyboard, and not copied from a clipboard.

KeePass password hacker

vdhoney said the vulnerability has to do with how a custom text box field used for entering the master password handles user input. Specifically, it has been found to leave traces of every character the user types in the program memory.

This leads to a scenario whereby an attacker could dump the program’s memory and reassemble the password in plaintext with the exception of the first character. Users are advised to update to KeePass 2.54 once it becomes available.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

The disclosure comes a few months after another medium-severity flaw (CVE-2023-24055) was uncovered in the open source password manager that could be potentially exploited to retrieve cleartext passwords from the password database by leveraging write access to the software’s XML configuration file.

KeePass has maintained that the “password database is not intended to be secure against an attacker who has that level of access to the local PC.”

It also follows findings from Google security research that detailed a flaw in password managers such as Bitwarden, Dashlane, and Safari, which can be abused to auto-fill saved credentials into untrusted web pages, leading to possible account takeovers.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex