![]() ![]() The pastebin link is here :) Step 3: Compiling the Python Program You must remember to port forward which ever port you are using. If you are on a LAN then you should use your local IP for both, but if you want to attack over the internet put the server ip as the machines local IP and the clients IP as your external IP. For this you must remember to add your IP and port. This requires far less explanation, but what it does is it creates a socket, listens for one connection, then accepts the connection, receives the data and writes it to a new database. Now here is an explanation of the codeĪfter the imports, the items for the sockets are defined Finally we want to import getenv from the all powerful OS module so we can go to appdata regardless of the of the name of the user, which is important if you want to run on any computer. Along with this we're going to import the sqlite3 module and socket module, which will allow us to connect back home. For this we are also going to need Pywin32 which can be downloaded but might be installed by default (I cant remember ( Double Derp)), more specifically the win32crypt module which allows us to run CryptUnprotectData. It is a amazingly powerful for the simplicity of the language and can be used for a variety of tasks. If you are unfamiliar with python you should learn it NOW. Derp Step 2: The Godly Python Programming Language The database currently shows the encrypted data BLOB. This makes sense when you read this example of the CryptProtectData function. On this website a blob is defined as BLOBĪ generic sequence of bits that contain one or more fixed-length header structures plus context specific data. Highlighted in yellow, you can see it says BLOB. The file isn't stored as a database however upon opening the file in Notepad ++ there is a string, before the encrypted data which defines the SQL file type seen here: The Login Data database is stored in %USER%>AppData>Local>Google>Chrome>User Data>Default. And obviously this is going to be very useful in trying to decrypt the stored passwords. The CryptProtectData function has a twin, who does the opposite to it CryptUnprotectData, which. For those who didn't, well basically you can decrypt the data as long as your on the same windows user-profile as the original user. For those who understand what I just said. Now while this can be a very secure function using a triple-DES algorithm and creating user-specific keys to encrypt the data, it can still be decrypted as long as you are logged into the same account as the user who encrypted it. ![]() The main problem with what they did was the fact they are using the CryptProtectData function, built into Windows. In 2013 the "Google Chrome team came under fire for its long-held practice of making saved passwords visible in plain text." This is a big flaw which they did patch after this problem, however their attempts clearly weren't good enough. Image via Understanding Google Chrome Saved Passwords ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |