• Echo Dot@feddit.uk
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 个月前

    There are attacks where rather than trying to crank the password you just capture the hash which is stored in memory somewhere and then using a tool that lets you bypass the standard login inject that hash into the app, totally bypassing the UI interface and the password hashing algorithm.

    The app sees the hash is correct and isn’t aware that the information has been input via nonstandard methods, and so allows access.

    The attacker still doesn’t have a clue what your password was, but they don’t need to. Interestingly enough this means that every time they want access to your data they have to do this because they don’t have a way of actually changing the password or finding out what it was.

      • Echo Dot@feddit.uk
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 个月前

        Yeah. It is. Every design has assumptions and every design can be abused by those assumptions. I’d like to say it’s not a failure in design but it’s really just a failure of imagination. No one thought this would be an issue, turns out it is, so someone fixed it.

        The problem is that not every system gets updated.