![]() ![]() This makes the token accessible without needing root. There are many things wrong with LastPass’ current implementation which has bad consequences: LastPass should have sticked to the common implementation of 2FA and use trust cookies. It is generated at plugin installation time and it is stored on the machine in the browser’s local-storage. LastPass will compare this value server side and validate the request if the token is part of the list of trusted devices. UUID is a 32 character random string that can contain following chars: 0-9 A-Z a-z It is used as the trust token and sent in every request. The parameter that was making the difference was uuid. We tampered with the request parameters trying to identify which one was related to 2FA and removed one by one till we were prompted again for the 2FA code. We were expecting to see a “trust cookie” set by LastPass but there was not such thing. The first approach was to start Burp and look at the login requests coming from a trusted browser. If you read my previous post, you already know how to steal the master password but if the victim has 2FA activated, you still won’t be able to login. LastPass supports a big variety of 2FA mechanisms including Google Authenticator, Yubikey, Toopher, etc. In this case, your master password is something you know, and 2FA is something you have (in form of a device, token, etc.) Authentication should be based on something you know, something you have and/or something you are. It prevents access to your vault even if an attacker has your credentials. Now we just need to extract the encrypted vault key from the SQLite DB and decrypt it using the key we just derived.īut what about if 2-Factor Authentication is enabled? Bypassing 2 factor authenticationĢFA is an additional layer of security for your account. Once we have that, we can derive a key by doing SHA256(pwdeckey). Cookie auth flowĪs shown in the flow chart, we can use the session cookie to query LastPass and obtain the pwdeckey value. Where is the decryption key to decrypt the vault key? LastPass has the seed from where we can derive it. We found that the vault key is actually stored locally encrypted. While this sounds straightforward, because of how LastPass is designed, the cookies will only get you what LastPass stores in their servers, and as you may guess, it does not include the vault key. Our first shot was simply to look at using cookies to obtain the vault key. We found different methods to do so: Cleartext password recoveryīut what about if “Remember Password” was not clicked? Using cookies The goal here was to reverse engineer the browser plugins, analyze all the files stored in the system and see if we could obtain the key that decrypts the vault ( vault key from now on). Attacks from the outside: Attackers that are not on the client nor on LastPass servers side.LastPass side attacks: A scenario in which LastPass employees, attackers compromising their servers, or anyone MiTMing the connection is the attacker.Client side attacks: A post-exploitation scenario in which an attacker has certain access to the victim’s machine (no root access needed).We wanted to do so in all 3 different scenarios: We decided that our focus would be to find ways to attack the vault directly and get access to all the content instead of leaking specific secrets. We looked at what was done already and we found previous research on password managers using DNS poisoning and iframes as well as attack vectors through XSS to steal specific credentials. It was clear that the security community really cared about LastPass’ security so we though it was worth spending more time on it and do a proper research. We got a lot of feedback, questions, comments and suggestions. I blogged about it in the past and it became very popular on reddit. Thanks to the module, he was able to obtain SSH keys to critical servers and the pentest was a success. We found how creds where stored locally and wrote a Metasploit plugin so he could use it to extract vault contents from all the compromised machines. 10% of our time is for research so we made that our small project. He came to me and told me it would be cool to check how LastPass works and if it was possible to steal LastPass credentials. Motivationĭuring one of Alberto’s red team pentests, he gained access to several machines and found that all of them had files with references to LastPass. so I though it was worth writing a post with all the details of our talk. We had a blast at the conference and we got great feedback from the audience. I am back from Amsterdam after presenting our research at Blackhat “ Even the LastPass Will be Stolen, Deal with It!” together with Alberto Garcia. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |