You can steal Chrome data (if you have local access)

Discussion in 'News Archive' started by Danielx64, Dec 16, 2017.

  1. Danielx64

    Danielx64 Level 9

    Mar 24, 2017
    Windows 10
    What do you think? Is this really an issue that needs fixing?
  2. I wouldn't be too concerned as these kind of vulnerabilities are common and usual quickly fixed (Google have a good reputation for that). Anyway i think it proves that saving passwords in web browsers is not that good of an idea. Especially when there are so many good (and some free) password managers out there.
  3. Arequire

    Arequire Level 19

    Feb 10, 2017
    United Kingdom
    Windows 7
    I'm firmly in this camp. If someone with malicious intent has physical access to your machine - and assuming they're not incompetent or time constrained - then the battle's lost. Ghack's advice about locking your system won't help either; all you need is a Linux distro on a flash drive the to reset the Windows password.
  4. Opcode

    Opcode Level 24
    Content Creator

    Aug 17, 2017
    Windows 10
    Sure about that?

    If you save passwords with the web browser and not a password manager, it'll be easily stolen. Google Chrome uses a technique to "lock" but you can "unlock", and Mozilla Firefox encrypts the saved passwords except you can decrypt them using APIs they use themselves. Regarding other user accounts, you can access the browser data for them as well; you can exploit lsass.exe to grab credentials for other user accounts on the system, then use various APIs to impersonate the target user account with the stolen credentials, and then steal the browser data for that user, too.

    Some of the years old methods for Google Chrome & Firefox still work to this very day. At the end of the day, the browser needs to read the data one way or another; therefore so can an attacker.

    If your compromised, nothing stops an attacker from installing a keylogger and gaining credentials this way either. I don't think browser vendors are to blame, if you're infected then it's already game over, time to restart from scratch and try not to mess up.
    Weebarra, Prorootect, upnorth and 7 others like this.
  5. TairikuOkami

    TairikuOkami Level 10
    Content Creator

    May 13, 2017
    Postal Worker
    Windows 10
    Indeed and not just locally, remotely as well. There is even no need to steal passwords, just hashes or cookies will do.
    Weebarra, Prorootect, upnorth and 2 others like this.
  6. Well i totally agree with you. And that's why i said in my original post "i think it proves that saving passwords in web browsers is not that good of an idea". What i meant by that is web browsers are reasonably safe as long as you don't use their integrated password managers.

    Anyway thanks for detailed info, there was some technical stuff i didn't knew ;)
    Weebarra, Prorootect and Opcode like this.
  7. Umbra

    Umbra Level 61
    Content Creator

    May 16, 2011
    Beta tester
    Europe > S-E Asia
    Windows 10
    Kali on live CD = system owned
    Weebarra, Opcode and Danielx64 like this.
  • About Us

    Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.
  • Need Malware Removal Help?

    If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware. We offer free malware removal assistance to our members in the Malware Removal Assistance forum.
  • Quick Tip

    Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.