Extracting LastPass Site Credentials from Memory

Jared Sperli stashed this in security

Source: https://techanarchy.net/2016/10/extracti...

At some point LastPass has to put the credentials in clear in to the logon fields for the POST request. This makes sense if im on the logon page with auto fill enabled. Thats not always the case. In most cases if the domain is loaded in an active tab regardless of page this prompt is displayed.

I wanted to know if the credentials are unencrypted only when the form fields are present or any time the domain is loaded. So i setup a test environment to see what i could find.

<a rel="nofollow" target="_blank" href="https://techanarchy.net/2016/10/extracting-lastpass-site-credentials-from-memory/"><img src="//img.pandawhale.com/post-73607-Extracting-LastPass-Site-Crede-9SUK.png" alt="Extracting LastPass Site Credentials from Memory Tech Anarchy" /></a>
 
 Source:
 <a rel="nofollow" target="_blank" href="https://techanarchy.net/2016/10/extracting-lastpass-site-credentials-from-memory/">https://techanarchy.net/2016/10/extracti...</a>
 
 At some point LastPass has to put the credentials in clear in to the logon fields for the POST request. This makes sense if im on the logon page with auto fill enabled. Thats not always the case. In most cases if the domain is loaded in an active tab regardless of page this prompt is displayed.

I wanted to know if the credentials are unencrypted only when the form fields are present or any time the domain is loaded. So i setup a test environment to see what i could find.

Jared Sperli
8:59 AM Oct 17 2016

Stashed in:

To save this post, select a stash from drop-down menu or type in a new one:

shudders

Three Pipe Problem
9:46 AM Oct 17 2016

Shudders?

Adam Rifkin
10:51 AM Oct 17 2016

Extracting LastPass Site Credentials from Memory

Jared Sperli stashed this in security

You May Also Like: