V2EX = way to explore V2EX 是一个关于分享和探索的地方
Sign Up Now For Existing Member Sign In
This topic created in 3136 days ago, the information mentioned may be changed or developed.
Patrick Wardle, Synack ’ s head of research, posted a video on Monday that shows how code he wrote can be used to get passwords from macOS ’ s Keychain. Keychain is the password manger built into macOS, and it usually requires a master password to access it. But Wardle ’ s code was able to access Keychain and collect passwords.
 | 1 0xcb Sep 26, 2017 via Android 之前版本都可以的啊,只要你授权管理员帐户,dump keychain 简单的很 |
 | 3 bkmi Sep 26, 2017 via Android 按理说这应该是个大新闻,但是竟然没人关注的,神奇神奇 |
 | 6 tairan2006 Sep 26, 2017 …这个很严重啊,还升什么级。。 |
 | 7 usedname Sep 26, 2017 这个 bug 没人关注? |
 | 8 BearD01001 Sep 26, 2017 持续关注... |
 | 9 NVDA Sep 26, 2017 看到了,原作者说给 Apple 发邮件了但是没有回应,我也好奇这明明就是个大新闻为什么没人发... |
 | 10 wuhao930301 Sep 26, 2017 手动关注。为什么 Beta 版的时候没曝出来,是正式版才有的 bug 么 |
 | 11 Chingim OP @wuhao930301 小人之心地不负责任地推断, 这漏洞估计早就发现了, 就等苹果发布正式版吧 |
 | 12 onevcat Sep 26, 2017 https://twitter.com/patrickwardle/status/912254053849079808 这个吧?看起来是一直就有的吧,作者也说“ other versions of macOS are vulnerable too ” 只有 unsign app 能干这事儿,没签名或者签名不对的 app 别用就是了.. |
 | 13 warking Sep 26, 2017 Correction: The exploit affects other macOS versions too, including the latest High Sierra, but is not specific to the latter only. Apple has actually fixed a number of critical security flaws with macOS 10.13 making it an important update. http://wccftech.com/macos-high-sierra-hackers-steal-passwords/ |
Select Language