VULNERABILITY DETAILS
Chrome stores its saved passwords in sqlite database on local machine which then asks for local credentials in order to view the stored passwords.
This can be bypassed by using win32crypt python module



VERSION
Chrome Version 69.0.3497.100 (Official Build) (64-bit)
Operating System: Windows 10 Pro Version 10.0.15063 Build 15063

REPRODUCTION CASE

Use google chrome to remember password for any site

Close chrome

Run the proof of concept tool

enter any drive letter you have access to example C: or e:
and press enter

tool will run and will dump username and password in location in folder labeled ChromeDump


I strongly suggest that chrome should ask for google password before letting windows decrypt it as this tool can bypass the windows password.

Windows may also be to blame, but Google Chrome should add their own security in browser by asking for Google account password first, thus protecting Chrome users if Windows makes a mistake or has vulnerability Google has no control over

CREDIT INFORMATION
David Enos Bluedangerforyou


Please find proof of concept exe attached and video demonstration

 

Deleted: chromethief32.exe 3.4 MB

chromethief32.exe 3.4 MB Download

Deleted: Chrome.mp4 4.0 MB

	Chrome.mp4 4.0 MB View Download