top | item 36147133

(no title)

nullsense | 2 years ago

I ran OSForensics on the machine last night. It was my first time running a tool like this, and I while I didn't manage to find a smoking gun, I did find some questionable files masquerading as an installer where there were all kinds of different files and file types but they were actually all executables. I wound up deleting those.

What I did discover is that by default Chrome captures and stores every field you submit to every form in a SQLite database. The amount of PII that turned up was absolutely staggering. If I could only exfiltrate one file from a machine, it would be that.

It sort of boggles the mind that that's a thing at all. I don't ever want to touch a browser ever again.

discuss

No comments yet.