keepass

KeeThief – A Case Study in Attacking KeePass Part 2

Note: this post and code were¬†co-written with my fellow ATD workmate Lee Christensen (@tifkin_) who developed several of the interesting components of the project. The other week I published the “A Case Study in Attacking KeePass” post detailing a few notes on how to operationally “attack” KeePass installations. This generated an unexpected amount of responses, …

KeeThief – A Case Study in Attacking KeePass Part 2 Read More »

A Case Study in Attacking KeePass

[Edit 7/1/16] I wanted to make a few clarifying notes as there have been some questions surrounding this writeup: You only need administrative rights to execute any WMI subscriptions and/or gather files from user folders NOT normally accessible from the current user context (not everything described here needs admin¬†rights). KeePass is not “bad” or “vulnerable” …

A Case Study in Attacking KeePass Read More »