|
|
|
|
|
|
by tialaramex
2429 days ago
|
|
|
Dubious. On a desktop device it's really common for there to be mechanisms that make it easy for software to steal the clipboard contents and intercept keypresses because these are things that some legitimate desktop software needs. There may often be a documented API that even a mediocre programmer can use to get this working in a few hours. On the other hand, stealing session tokens is typically going to require reaching inside the browser process, which is perhaps the most sophisticated software on a machine, and then groping around to find these tokens. It definitely is possible in some cases but it's likely to be pretty hard. I'd compare it to the difference between stealing a person's credit card from a bag they left under their seat versus reaching under somebody's shirt to take the money they've tucked into their bra. I don't doubt that somebody, somewhere, is good enough to get away with that second one unnoticed, but I know for sure the first one is easier. |
|
|
Stealing session tokens can be as easy as just pulling the entire browser profile, which I doubt requires elevated access.
I imagine black market postexploitation kits would have session data theft as a feature.
Again, if somebody has system access, you're probably completely fucked from a different angle irrespective of your preferred authentication method so now we're talking about semantics of how you're getting fucked because most 'apt's are going to be grepping your disk for words key phrases like 'financial data', not caring about your facebook account.