Researcher releases Free Hacking Tool that Can Steal all Your Secrets from Password Manager by Swati Khandelwal.
Swati advises that Denis Andzakovic has written and released KeeFarce on GitHub.
From the GitHub page:
KeeFarce allows for the extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url’s are dumped into a CSV file in %AppData%
…
KeeFarce has been tested on:
- KeePass 2.28, 2.29 and 2.30 – running on Windows 8.1 – both 32 and 64 bit.
This should also work on older Windows machines (win 7 with a recent service pack). If you’re targeting something other than the above, then testing in a lab environment before hand is recommended.
It has a cool logo:
I don’t have an estimate for when the Office of Personnel Management (OPM) will upgrade to Windows 7 making it vulnerable to KeeFarce.
Until that happens, use older hacking techniques (circa late 1990’s/early 2000’s) when targeting the OPM.
Personally I would mirror their backups, when they run that is, rather than doing anything fancy. What’s suspicious about a backup? That way you have current data without all the media hysteria.
PS: In case you want to become vulnerable or want a suggestion to make someone else vulnerable: KeyPass.