Shulou(Shulou.com)05/31 Report--

This article mainly shows you "what a tool Chromepass is". The content is simple and clear. I hope it can help you solve your doubts. Let the editor lead you to study and learn this article "what is Chromepass?"

Chromepass

Chromepass is a powerful Chrome saving password collection tool. In essence, Chromepass is a Python-based console terminal application. It can also generate an Windows executable program, and can provide the following functions for researchers:

1. Decrypt the password stored in the Chrome browser

2. Remotely send a file containing the login user name and password (via email or reverse HTTP)

3. Custom icon

4. The antivirus engine cannot detect it at all.

Antivirus detection

Because of the coding technology used by Chromepass, the current version of Chromepass is completely undetectable by antivirus engines. Here are the test results we scanned using the three popular antivirus analysis engines:

VirusTotal Scan (0tic68)

AntiScan (0x26)

Hibird Analysis (All Clean all secure-CrowdStrike Falcon, MetaDefender and Virustotal)

Tool download

The vast majority of researchers can use the following commands to promote the source code of the Chromepass project locally:

Git clone https://github.com/darkarp/chromepass.git tools environment

The tool is actually very easy to install and use. We just need to install and build the Python environment:

Python: this tool is currently only tested in the Python v3.7.4 environment, but theoretically supports 3.6 + environments.

Tool installation

Chromepass is required to run in the Python 3.6 + environment, first run the following command to complete the installation of the dependent components:

Cd chromepasspip install-r requirements.txt

If an error alert pops up during installation, first check that the running environment of the tool is configured correctly, and if the error still pops up, try running the following command:

Python-m pip install-- upgrade pippython-m pip install-r requirements.txt tool use

As I just said, Chromepass is very simple to use, as long as you run the following command:

> python create_server.py

After running, the tool asks the user to select one of the two options:

1. By email (if there is a problem, it is not recommended for now)

First, the tool asks the user to enter an e-mail address and a password

Next, the tool asks the user if they want to send it to another address or send it to themselves

The tool then asks the user if he needs to display an error message, which is a bogus message, which is displayed when the user opens an executable file when the feature is enabled, and the user's password is then sent to the attacker

At this point, we will be able to write our own error messages or leave them blank

OK, everything is ready, we just need to wait for the executable program to be generated and sent to the target user.

2. Through client.exe (recommended)

First, the tool asks the user to enter an IP address to handle the backlink, which belongs to the attacker. The address can be a local IP address or a remote IP address. If you choose to use a remote IP address, port forwarding needs to be involved.

Next, the tool asks the user if they need to display an error message, which is a bogus message, which is displayed when the user opens an executable file when the feature is enabled, and the user's password is then sent to the attacker.

At this point, we will be able to write our own error messages or leave them blank

OK, everything is ready, we just need to wait for the executable program to be generated and sent to the target user.

Client.exe must be run before server_ip.exe execution. Server_ip.exe is the file received by the target user.

Note: if you need to use a custom icon, simply replace the icon.ico file with the same file name and format.

The above is all the content of this article "what is Chromepass?" Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.