O'Reilly logo

Memory Dump Analysis Anthology, Volume 5 by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 14. Security and Malware Analysis

Crash Dumps and Password Exposure

Process crash dumps can lead to the exposure of passwords and other sensitive information especially if they were saved before a process was trying to send entered user data over a secure protocol. Here's an incident that happened to us. We were trying to login to an online banking system to check our balances and when we entered our user id and password in IE and clicked Continue button the system experienced a small delay and then a WER dialog box appeared asking us to either check online for a solution, debug or close the program. We chose Close the program and a full process memory dump was saved because we have already set up LocalDumps (Volume 1, page 606) on my old ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required