Wednesday, September 27, 2017

Mac OS Keychain Hack retrieve all passwords in plaintext

macOS High Sierra 10.13 was released to the public on Monday, September 25. It is a free update for all compatible Macs and is an upgrade to macOS 10.12 Sierra,

But within a matter of days, a zero-day (aka never seen before) has come to light. 

Passwords are stored in the Mac's Keychain, which typically requires a master login password to access the vault.

But a former NSA contractor has shown that the vulnerability allows an attacker to grab and steal every password in plain-text using an unsigned app downloaded from the internet, without needing that password.

The exploit works on High Sierra , but said that older versions of macOS and OS X are also vulnerable.

Patrick Wardle, a former NSA hacker who now serves as chief security researcher at Synack, posted a video of the hack -- a password exfiltration exploit -- in action.

Steal y0 (macOS) Keychain from patrick wardle on Vimeo.

No comments:

Post a Comment