Collaborate Disseminate
Researcher publishes PoC tool that exploits unpatched KeePass vulnerability to retrieve the master password from memory.
The post PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords appeared first on SecurityWeek.
Continue reading PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords
A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. The bad news is that the vulnerability is still … Continue reading KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)
I read the infamous xkcd cartoon comparing two passwords and their strength. Curious whether their calculation was accurate, I searched many entropy calculators and plugged in the two examples from xkcd.
According to xkcd (https://xkcd.co… Continue reading Why do entropies of passwords significantly differ from site to site?
In the midst of LastPass’s repeated barrage of breaches, a pretty serious vulnerability was found in another common password manager — KeePass. This slid under most of our radars, including mine. Professor Cyber Naught of the Mastodons s… Continue reading Ask JJX: What About the KeePass Vulnerability?
Latest epsiode. Listen now! Continue reading S3 Ep121: Can you get hacked and then prosecuted for it? [Audio + Text]
CVE-2023-24055 is a known vulnerability that enables an attacker to recover plaintext user credentials from the KeePass application.
However, due to the original KeePass being Windows-specific, I’ve been using a compatible "KeePass XC… Continue reading Is CVE-2023-24055 applicable to other password managers using the same format as the original KeePass?
Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway? Continue reading Password-stealing “vulnerability” reported in KeePass – bug or feature?
Usecase: KeepassXC is configured with a Passward + Yubikey HMAC.
I am trying to understand the exact steps that happen.
I think the first five Steps are clear:
Open KeepassXC
Enter Password
Select Hardware Key
Click unlock
Yubikey is bli… Continue reading What exactly happens when you use 2FA with "Password" + "Yubikey HMAC" Login in KeepassXC?
So far I have been using keepassxc as my password manager. I am syncing passwords from different devices. Delays have been substantial as have been syncing issues. The file was stored behind a nextcloud frontend.
That’s why I was wanting t… Continue reading Restrict HTTPS endpoint access
I’m wondering if it is possible to create a shared KeePass database with several master passwords? Scenario: A group of three persons want to share a password database, but each of them wants to set their own master password that is needed… Continue reading Is it possible to create a shared KeePass database and every accessor has its own master password? [closed]