May 11, 2021

Does RAM store your credentials in plaintext?

Home Forums Does RAM store your credentials in plaintext?

This topic contains 1 reply, has 2 voices, and was last updated by  SweeTLemonS_TPR 2 weeks, 4 days ago.

  • Author
  • #386024


    If you were to take an image of a machine including the RAM does it have the credentials you can use to later log into the machine.

    When I had my IT forensics course, nothing like that was ever mentioned. However, while studying for CompTIA Security+ it mentioned something along those lines while covering network security.

    Am I misunderstanding what was being referred to? (I am asking, because I can’t find that part now)

  • #386026


    Although this has already been answered by another user, but for additional context, do look at Heartbleed bug of OpenSSL. The entire vulnerability was based upon acquisition of data from the RAM (via buffer overread) without any trace. And the bug is pretty easy to understand too.

  • #386027


    Yes. At some point it has to match what you originally set.

  • #386025


    From the sounds of it, yes, at least sometimes.

    > Through an examination of logins made to 15 popular online services carried out via the Chrome, Edge and Mozilla Firefox browsers, testing shows that plain-text credentials are present in RAM in every case.

You must be logged in to reply to this topic.