Answer the question
In order to leave comments, you need to log in
Is it possible to protect KeePass (password manager) from KeeFarce (a virus based on DLL injection)?
The latest version of KeePass is still vulnerable to KeeFarce (tested on myself).
https://github.com/denandz/KeeFarce
Um, please don't tell me here to keep my passwords in my head. Thank you.
Answer the question
In order to leave comments, you need to log in
you can install a virtual machine and run keepass in a secure environment
another option is to add some character to the password that will not be stored in the password manager, for example, the password "123$€", store "123" in the manager, in the head for all passwords prefix "$€", then even if the password manager database is leaked, the saved password will be useless..
It works by executing the export function of KeePass itself. In theory, it is enough to disable this feature in the policy settings, and that's it. At the very least, the functionality that is currently implemented in the version of KeeFarce available on the github will not be enough to pull out passwords, if export is disabled in Policy, it will be necessary to finish it.
take the open source keepass and change the names of the methods and files in such a way that the password manager cannot detect the virus at all.
You can obfuscate not only method names, but also data structures by adding your own fields to them, changing the types of existing ones, etc.
sorry, but protection through concealment is the only method of protection here.
and in the end, if you have administrator rights, you can simply simulate pressing buttons by calling the menu for exporting the database to csv, few people will notice the flickering window.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question