In the "Welcome to LastPass" screen, click and drag to the left.
In the "Never forget again" screen, click and drag to the left.
On the "Trusted and secure" page, click "SIGN UP", as shown below.
Enter an email address ending in mailinator.com, as shown below, and click Continue. Enter a master password of CCSF#flip10! twice, as shown below, and click Continue. Click "GO TO MY VAULT".An "Autofill with LastPass" box pops up. Click ENABLE.
A screen asks for permissions. Click NEXT.
On the Autofill Service page, click LastPass. Click OK. Click ENABLE. Click NEXT.
In the "Accessibility" page, at the top left, click the back-arrow.
A warning box says your device is rooted. Click OK.
A page pops up saying "On to a faster autofill".
Close it by clicking the X at the top right.
Click Payment card", as shown below.
Enter some information, as shown below.Make a note of the fake credit card number you use.
At the top right, click SAVE.On the Passwords page, at the lower right, click +.
Click Password.
Add a password, as shown below, and save it.
At the lower left, click Settings.
Scroll to the bottom and click "Log Out", as shown below.
Click "LOG OUT".LastPass is sitting there, waiting for a password, as shown below.
On your host system, execute these commands:
git clone https://github.com/Nightbringer21/fridump.git
python3 fridump/fridump.py -h
You see the Fridump help message,
as shown below.
frida-ps -U | grep last
You see the name of the LastPass process,
which was com.lastpass.lpandroid
when I did it,
as shown below.
Flag M 520.1: Dumping Memory from LastPass (15 pts)
On your host system, execute these commands:Sometimes the master password is found, as shown below, and sometimes it's not.
python3 fridump/fridump.py -U -s com.lastpass.lpandroid grep -a CCSF# dump/strings.txtThe flag is covered by a green rectangle in the image below.
In the LastPass app, log in with your current master password, which is
CCSF#flip10!
At the top left, click the three-bar
icon.
At the bottom, click Settings.
At the top, click "Your LastPass Account".
Click "Account< Settings".
Click "Change Master Password".
Enter the old password and a new password of
CCSF#flip11!
twice,
as shown below.
Click "Save Master Password".
Click OK.
LastPass shows the login page, as shown below.
rm -rf dump
python3 fridump/fridump.py -U -s com.lastpass.lpandroid
grep -a CCSF# dump/strings.txt
Sometimes the old master password is found, as shown below.
Sometimes both the old and new master passwords are found, as shown below.
Posted 11-2-22