will be shutting down on 30th of June.
/d/OpSec icon


31,046 subscribers

Anonymous Planet Onion

Discussion of OpSec, Threat Models, Protection, Assessment & Countermeasures.

Vendors: /d/vendor_handbook.

While the focus of this community's OpSec discussions may center around DarkNet (DN) activity, all members of this sub are encouraged to think about, discuss, and share ideas relating to OpSec.

KeePass 2.X Vulnerable to master password dump

by /u/StuckInTheMiddleWithYou P · 5 votes · 2 weeks ago

Vuln was assined CVE-2023-32784.

Ref: hxxps://github[dot]com/vdohney/keepass-password-dumper


Through dumped memory your Master password can get leaked.

There is no updated/patched version yet.

Not a massive concern unless you get busted or an attacker already has access to your machine, but make sure to update once the patch drops.

Comments (1)
/u/psychonut · 3 votes · 2 weeks ago · Link

Please keep in mind that this does NOT effect KeePassXC, the password manager that everyone on here probably uses. This vulnerability also requires that the attacker already has pwned you, in which case they have other ways they could obtain your password. They could execute a keylogger and simply wait for you to type it in.