New issue
Advanced search Search tips

Issue 677505 link

Starred by 1 user

Issue metadata

Status: WontFix
Owner: ----
Closed: Dec 2016
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: ----
Type: Bug-Security



Sign in to add a comment

Security Chrome:

Reported by giannino...@gmail.com, Dec 29 2016

Issue description

VULNERABILITY DETAILS
Please provide a brief explanation of the security issue.

VERSION
Chrome Version: 55.0.2883.87 m (64-bit) + Stable
Operating System: Windows 10 Pro v: 10.0.14393 Num 14393

REPRODUCTION CASE
During a hack the first thing that is systematically done by a hacker. This is to access the target computer directly. Generally it's easy. If the victim uses chrome it takes a few seconds to download the password file located at the address. This one is in txt format is not encrypted. This is where the problem comes from.

XXXX = victim user name

Demonstration:

Just access the file at this address:

C: \ Users \ XXXXX \ AppData \ Local \ Google \ Chrome \ User Data \ Default \ Login Data


Sory for my english

in french

Lors d'un hack le premier chose qui est systématiquement fait par un pirate . C'est d'accéder directement à l'ordinateur cible. Généralement c'est facile. Si la victime utilise chrome il faut quelques seconde pour télécharger le fichier mot de passe se trouvant à l'adresse. Celui-ci est au format txt est n'est pas crypté. Voila d'ou vient le probleme.

XXXX = nom d'utilisateur de la victime 



Demonstration :

Juste acceder au fichier à cette adresse:

C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Login Data
 
Chrome Version.PNG
26.8 KB View Download
PC Version.PNG
51.1 KB View Download
Faille.PNG
223 KB View Download

Comment 1 by kenrb@chromium.org, Dec 29 2016

Status: WontFix (was: Unconfirmed)
Thank you for the report. Unfortunately, as described in our FAQ, this is an attack that requires local access to a user's logged in account and therefore falls outside of our threat model (https://dev.chromium.org/Home/chromium-security/security-faq#TOC-Why-aren-t-physically-local-attacks-in-Chrome-s-threat-model-). It is not feasible for a browser to prevent a user from accessing the resources that it has to store locally on disk.
Yet this is the easiest way. Additionally google can easily fix the porbleme. Simply encrypt data storage ... It's easy to base yourself on a simple encryption method like the android shamas directly on the touch pad or via the mouse or a 6 or 4 digit code it will not be very strong but better than nothing. I am currently busy mounting the attack in a way more possed to match your criteria but this time I will publish it on the internet and not via your support ...
Project Member

Comment 3 by sheriffbot@chromium.org, Apr 7 2017

Labels: -Restrict-View-SecurityTeam allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment