New issue
Advanced search Search tips

Issue 677505 link

Starred by 1 user
Status: WontFix
Owner: ----
Closed: Dec 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security Chrome:

Reported by giannino...@gmail.com, Dec 29 2016 
VULNERABILITY DETAILS
Please provide a brief explanation of the security issue.

VERSION
Chrome Version: 55.0.2883.87 m (64-bit) + Stable
Operating System: Windows 10 Pro v: 10.0.14393 Num 14393

REPRODUCTION CASE
During a hack the first thing that is systematically done by a hacker. This is to access the target computer directly. Generally it's easy. If the victim uses chrome it takes a few seconds to download the password file located at the address. This one is in txt format is not encrypted. This is where the problem comes from.

XXXX = victim user name

Demonstration:

Just access the file at this address:

C: \ Users \ XXXXX \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Login Data


Sory for my english

in french

Lors d'un hack le premier chose qui est systématiquement fait par un pirate . C'est d'accéder directement à l'ordinateur cible. Généralement c'est facile. Si la victime utilise chrome il faut quelques seconde pour télécharger le fichier mot de passe se trouvant à l'adresse. Celui-ci est au format txt est n'est pas crypté. Voila d'ou vient le probleme.

XXXX = nom d'utilisateur de la victime 



Demonstration :

Juste acceder au fichier à cette adresse:

C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Login Data
Chrome Version.PNG
26.8 KB View Download
PC Version.PNG
51.1 KB View Download
Faille.PNG
223 KB View Download

Comment 1 by kenrb@chromium.org, Dec 29 2016

Status: WontFix (was: Unconfirmed)
Thank you for the report. Unfortunately, as described in our FAQ, this is an attack that requires local access to a user's logged in account and therefore falls outside of our threat model (https://dev.chromium.org/Home/chromium-security/security-faq#TOC-Why-aren-t-physically-local-attacks-in-Chrome-s-threat-model-). It is not feasible for a browser to prevent a user from accessing the resources that it has to store locally on disk.

Comment 2 by giannino...@gmail.com, Jan 2 2017 

Yet this is the easiest way. Additionally google can easily fix the porbleme. Simply encrypt data storage ... It's easy to base yourself on a simple encryption method like the android shamas directly on the touch pad or via the mouse or a 6 or 4 digit code it will not be very strong but better than nothing. I am currently busy mounting the attack in a way more possed to match your criteria but this time I will publish it on the internet and not via your support ...
Project Member

Comment 3 by sheriffbot@chromium.org, Apr 7 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment