Re: Credentials held unencrypted in memory during runtime

On 12.04.2011 21:37, Ron Wilson wrote:
> On Tue, Apr 12, 2011 at 3:29 PM, Bob Archer<Bob.Archer_at_amsi.com> wrote:
>> I still have to agree with a previous poster.. how did he find his password... did he search
>> for his password? I'm not sure a hacker would be able to do that.
>
> From the source code, a cracker could potentially determine the
> location of the password relative to something he can find. Then the
> cracker searches for the "land mark" and, from there, locations the
> password.

Why so complicated? The attacker can already execute code (otherwise he
wouldn't be able to read the process memory of another process) and has
enough privileges. He just has to read the data from the working copy
(i.e., the data that's on the machine), no need for the password to get
the sources from the repository.
And with the ability to execute code, he can do a lot more than just use
complicated methods to read process memory for passwords - in such a
situation it's much easier to just install a keylogger and get *any*
password from there.
Seriously: if an attacker can read the process memory, there is no
security anymore. He *owns* your machine, better yet: the machine isn't
yours anymore, it's his.

Stefan

-- 
        ___
   oo  // \\      "De Chelonian Mobile"
  (_,\/ \_/ \     TortoiseSVN
    \ \_/_\_/>    The coolest Interface to (Sub)Version Control
    /_/   \_\     http://tortoisesvn.net
------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2719198
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].