+- Linux Lite Forums (https://www.freecinema2022.gq/forums)
+-- Forum: General (https://www.freecinema2022.gq/forums/forumdisplay.php?fid=4)
+--- Forum: On Topic (https://www.freecinema2022.gq/forums/forumdisplay.php?fid=14)
+--- Thread: KeePass hacked...on Windows (/showthread.php?tid=2365)
KeePass hacked...on Windows - Valtam - 11-04-2015
Thought your favorite password manager was safe to use on Windows? Think again.
https://thehackernews.com/2015/11/password-manager-hacked.html
Re: KeePass hacked...on Windows - Zead - 11-04-2015
The way I understand this, the attack works only when the database is open or something, right?
From the KeePass developer:
"KeeFarce is not a threat (and the developer of it apparently knows that, as he nowhere declares it as threat or attack).
This tool extracts information of a running KeePass process (with an open database) using a rather complicated method (using DLL injection). There are much simpler ways to achieve that. For example, a tool could send simulated keypresses to the KeePass window to export the data to a file (e.g. press Alt+F, E, Tab, Space, ...). Before that, a screenshot could be created and displayed above all windows in order to hide this procedure (and a user probably would not notice a screen freeze of one second).
Like others wrote before, the actual problem is running specialized malware. If you're doing this, everything's over; software cannot protect itself in such a case. I wrote about this before:
http://keepass.info/help/base/security.html#secspecattacks"
So... nothing new. Or does the attacker need only the database file?
Your passwords cannot be safe if you catch some kind of malware, KeeFarce or not.
You could simply catch a keylogger and get your passwords compromised.
Re: KeePass hacked...on Windows - MarkZ - 11-05-2015
From my understanding, the KeePass program must be open and logged into your keepass db (i.e. db must be decrypted)..then you are at risk.
Re: KeePass hacked...on Windows - Valtam - 11-05-2015
@MarkZ correct. And you only need port 22 open on a server to be open to a ssh attack. Point is, a vulnerability is still an attack vector. Close all the doors, stop the attack.