Your browser saves passwords in plain text in its memory

Your browser may store sensitive data, including usernames, passwords and session cookies ς, σε καθαρό κείμενο στη . Check how yours behaves.

process hacker

According to CyberArk security researcher Zeev Ben Porat, most Chromium-based web browsers, including the famous Chrome, seem to be affected by this inability to program.

But he is not alone. Both Microsoft Edge and Brave are prone, and even Mozilla's Firefox web browser is affected by the problem.

Which is the subject; That your browser caches all your sensitive data in clear text and not encrypted. To see the saved passwords and names you don't have toίται φυσική παρουσία στο μηχάνημα-στόχο, ούτε δικαιώματα διαχειριστή, καθώς η απομακρυσμένη πρόσβαση ή ακόμα και η εκτέλεση ενός malware λογισμικού στο μηχάνημα-στόχο είναι επαρκής για την εξ of the data.

Η ελέγχου ταυτότητας δύο παραγόντων ενδέχεται να μην επαρκεί ούτε για την προστασία των λογαριασμών χρηστών, εάν υπάρχουν δεδομένα cookie στη μνήμη.

Security researcher Zeev Ben Porat describes many different types of credential data in text form that can be extracted from the browser's memory. Such as:

  • Username + password used when logging in to a targeted web application
  • URL + Username + Password are automatically loaded into memory when the browser is started by password management
  • All URL + records username + password stored in login data
  • All cookies that belong to a specific web application (including session cookies)

The problem was reported to Google and the response was "it will not be fixed". The reason given is that Chromium will not fix issues related to physical local access attacks.

Try your own browser
process hacker

Windows users can use free Process Hacker tool to test their browsers.

Simply download the portable version of the program, extract its zip file and run the file Processhacker.exe to get started. Then do the following test:

Step 1: Enter a username, password or other sensitive data in a random in the browser you want to test.

Step 2: Double-click the main browser process in the Process Hacker process list for details.

Step 3: Go to the Memory tab.

Step 4: Turn it on Strings on the page.

Step 5: Click OK on the page.

Step 6: Activate the Filter button in the window that opens and select "Contains" from the context menu.

Step 7: Enter the password of step 1 or other sensitive information in the "Enter the filter pattern" field and select ok.
Process Hacker will return your data if it is found in process memory. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Chromium, memory, data, Process, hacker, password

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).