Closed acammack-r7 closed 4 years ago
thanks for posting this. If you want to add the needle yourself and retest it (maybe with a few accounts logged on at a time to be sure) go ahead and make a pull request and i'll verify it's good.
If not I'll keep this open and do it myself when I get the chance. Just busy right now prepping for Defcon Finals and writing tools and such for it so i can't put a timeline on it until then.
just out of curiosity - since this is also going to be relevant for beta-2.0 if it's vastly different - what version of gnome-keyring-daemon is this? gnome-keyring-daemon -V
should work. to just using apt-get
# gnome-keyring-daemon -V
gnome-keyring-daemon: 3.10.1
testing: enabled
# apt-cache policy gnome-keyring
Installed: 3.10.1-1ubuntu4.2
Keeping this open - Needs a retest using the C variant of the 2.0 release
closing
Information
mimipenguin.sh
from 47dba4b9de69f09dfc21afbe8c4f4811d4f49994 run on a rather out of date Ubuntu 14.04.4 VM.The
strings
dump of the process contains the cleartext password, but it is not near any of the current needles. Based on the what the other needles are looking for, I expect adding/lib/x86_64-linux-gnu/libdbus-1.so.3
may be the solution. Relevant excerpt from the dump (the password isnotpassword
):Current behavior
No results are found
Expected behavior
The password is found