Security issue on chrome web browser
Reported by
dvir.ill...@gmail.com,
Aug 11
|
||
Issue descriptionVULNERABILITY DETAILS Using this any web page or external program can "look" at all passwords saved on chrome by copying chrome "Login data" file (to ensure no "restricted database" error accrued) and read it then decrypt the passwords. (It was tested on python 2.7.15 but will most likely work on any other programming language that supports file reading and "win32crypt", for instance running on a JAVA applet) VERSION Chrome Version:Version 68.0.3440.106 (Official Build) (64-bit)[stable] Operating System:Windows 10 Home(version:1709,os-build:16299.547) 64-bit REPRODUCTION CASE To recreate "bug" you need to to run the python file attached(That could possibly be ran on a web page or even on an external program), it will print all the sites user names and passwords saved on chrome sincerely, Dvir Illouz dvir.illouz@gmail.com
,
Aug 12
"Copying Chrome's login data file" considered as physically-local-attack (unless you have other way to get the file remotely) We consider these attacks outside Chrome's threat model, because there is no way for Chrome (or any application) to defend against a malicious user who has managed to log into your computer as you, or who can run software with the privileges of your operating system user account. Such an attacker can modify executables and DLLs, change environment variables like PATH, change configuration files, read any data your user account owns, email it to themselves, and so on. Such an attacker has total control over your computer, and nothing Chrome can do would provide a serious guarantee of defense. This problem is not special to Chrome — all applications must trust the physically-local user. Given the above reason. I'm closing this bug. |
||
►
Sign in to add a comment |
||
Comment 1 by dvir.ill...@gmail.com
, Aug 12