17 Jan 2016
Home  »  News   »   How to achieve a briliant phishing attack

How to achieve a briliant phishing attack

Posted in News By emanuell On January 17, 2016

Sean Cassidy shows how to achieve a briliant phishing attack on Lastpass by combining multiple security holes.

This attack is powerfull because the author made a clear roadmap which checks if LastPass is installed, then logging out the user using a known vulnerability in the browser. The author tricks the user to login on the fake site and finally verifies the credentals using the public API.

This article also shows how XSS is used in practice.0

https://www.seancassidy.me/lostpass.html

The source code can be found on  Github

About Author

emanuell

Related Posts

Leave a Reply

Your email address will not be published.