Open sepauli opened 2 months ago
I'm not very good at programming at the moment, which is why I haven't opened a pull request yet.
We're not either, so don't feel bad ;)
Please do open the PR, and we can review it/change stuff ourselves. Thanks for filing this!
Describe the bug The![keepass_trigger_error](https://github.com/Pennyw0rth/NetExec/assets/32775764/7031c059-889a-42d2-bf31-55fddcb8a211)
extract_password
function in thekeepass_trigger
module does not parse the xml file (exported keepass database) correctly, which leads to an error.I encountered this bug when I was working on the HTB Academy Module "Using CrackMapExec" in the task "Popular Modules" - Discovering KeePass
To Reproduce You can test it by adding some groups, subgroups and entries in keepass and executing the function on the exported keepass database Database -> Export -> XML-File
Expected behavior I think the problem here lies in the
extract_password
function, which looks for entries under[“KeePassFile”][“Root”][“Group”][“Entry”]
and[“KeePassFile”][“Root”][“Group”][“Group”]
. A keepass database can have any number of subgroups “Groups” with entries, which is apparently not considered here Old passwords can also exist in a history or in the notes of entries.NetExec info
Additional context I'm not very good at programming at the moment, which is why I haven't opened a pull request yet. I have put the code in a branch. If you want and it suits you, I can open another pull request for this https://github.com/Pennyw0rth/NetExec/compare/main...sepauli:NetExec:sepauli/fix-keepass_trigger