Hello everyone, how do I get chrome passwords from memory using c #. I mean having the chrome passwords that is not save on database
-
XSS.stack #1 – первый литературный журнал от юзеров форума
Chrome passwords
- Автор темы Ghostmela
- Дата начала
The easiest way, as a programmer, would be to use (and capture the output of) `System.Diagnostics.Process.Start` to run ProcDump, which gives you the memory dump of the process. Of course, that will give you everything, so you'll have to parse that to try and find something that looks like a password. (There are also pure C# ways to get a process memory dump that can be found with a bit of Googling). To search specifically for passwords, you might use a simple regex to find forms with HTML inputs akin to
. Of course, the Chrome process will store the password itself as it's being typed somewhere totally differently (or maybe you are interested in capturing it when it's sent over the network). To figure that out the memory layout of how the Chrome process will store this, and how to find it, you'll just need to run Chrome with a debugger attached so you can analyze the memory manually. Then you'll be able to figure out patterns and automate the process.
Also, in case anyone reading this is confused by this phrase:
When you save your password in Chrome so it can autofill it for you later, the password is stored in a SQLite database in plain text. Easy to steal. OP is not interested in this, rather, he wants to access the memory of the Chrome process so that he can steal passwords being typed in, or sent over the network, even though the user may have never saved the password in the browser's database.
Sorry I couldn't be of more use, OP. Your task is doable but not trivial, otherwise I'd have written a quick script for you. But if you tell us what specific part of this confuses you, or where you're stuck, it will be easier for us to help you.
HTML:
<input type="password">Also, in case anyone reading this is confused by this phrase:
When you save your password in Chrome so it can autofill it for you later, the password is stored in a SQLite database in plain text. Easy to steal. OP is not interested in this, rather, he wants to access the memory of the Chrome process so that he can steal passwords being typed in, or sent over the network, even though the user may have never saved the password in the browser's database.
Sorry I couldn't be of more use, OP. Your task is doable but not trivial, otherwise I'd have written a quick script for you. But if you tell us what specific part of this confuses you, or where you're stuck, it will be easier for us to help you.
Почему бы не получать из базы данных самого chrome? Это легче и быстрее чем из памяти браузера (если это вообще возможно)
- Автор темы
- Добавить закладку
- #4
Yeah I can get the password saved on the chrome database. But if a user does not save his/her password on chrome then i won’t be able to get the password. I saw a stealer script of someone that get the password even without saving it on chrome and that's what I am figuring out to get
Я не эксперт в данной теме, но если пользователь не сохранил пароль, то как ты получишь его из памяти? По-моему единственный вариант это запускать у пользователя кейлоггер и смотреть что он вводит в браузере
- Автор темы
- Добавить закладку
- #6
What confuse
Your explanation on what I want to do is correct. What I really want to do and also don't know how to do is to access the memory of the chrome process so that I can steal the password being typed in on an user and pass field
- Автор темы
- Добавить закладку
- #7
Можно инжектится в процесс браузера и хукать функции отправки HTTP запросов.Это называется формграббер.Но в хроме с этим туго, сигнатуры меняются с каждой версией
Я бы не стал так категорично заявлять, несколько лет уже не меняются (последний год точно).