Jump to content
Tuts 4 You

Saved Password Locations


CodeExplorer

Recommended Posts

CodeExplorer

While googling I find this
/>http://www.whatsmypass.com/saved-password-locations

I was actualy looking for an Firefox password encryptor

but I coldn't find any.

Link to comment
  • 2 weeks later...
chickenbutt

I use password safe.

"secure" in password manager world means having to backdoor and keylog to open the container. I can snatch most even from inside sandboxie+bsa. Browser and IM managers even encrypted with a master key you can typically expose by keygenning. The devs behind FF4, Opera, Pigin etc don't really make an effort to do it proper.

Link to comment
CodeExplorer

I use KeePass for kipping paswords
/>http://keepass.info/download.html

KeyScrambler encrypts your keystrokes deep in the kernel, foiling keylogging attacks with scrambled, undecipherable data. Plugin for Firefox and Internet Explorer.
/>http://www.qfxsoftware.com/

Still don't know what to do about password save location on firefox,

maybe a portable version of Firefox

Link to comment
chickenbutt

I use KeePass for kipping paswords
/>http://keepass.info/download.html

KeyScrambler encrypts your keystrokes deep in the kernel, foiling keylogging attacks with scrambled, undecipherable data. Plugin for Firefox and Internet Explorer.
/>http://www.qfxsoftware.com/

Still don't know what to do about password save location on firefox,

maybe a portable version of Firefox

I disable saving logins and delete everything but history on exit. If you need it I guess hook profile folder access or use some blocker app. I'm not sure if they still have a weak master password system or not in FF4. I'd use it if it took the master password to get the logins.

Problem with keyscrambler is it doesn't prevent attatchthreadinput loggers which most noobs are using now to avoid ARKs and HIPS engines. Serious malware doesn't even keylog, it just does stuff around kernel tables for stealth and snatches up populer logins and banking info if the do keylog it's in kernel dispatches, they probably go deeper, especially patchguard killers.

I usually imagine a seneraio where a remote code execution has the malware running in a 'trusted' SYSTEM process and plan accordingly. Hooking API in ring3 both in sandboxie and globally to check access to profiles seems the best.

Edited by chickenbutt
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...