Add feature to crack .kdbx with keyfile & Windows User Account

openwall / john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

https://www.openwall.com/john/

9.7k stars 2.05k forks source link

Add feature to crack .kdbx with keyfile & Windows User Account #2555

Open Mickydss opened 7 years ago

Mickydss commented 7 years ago

KeePass .kdbx databases can be protected with a keyfile and a Windows User Account. It would be nice to add support for such KeePass databases.

Fist0urs commented 7 years ago

Please update your message to remove template stuff.

Also please remove "on Win10" in your title, as the mechanism is the same on all Windows versions.

Concerning this algorithm, iirc this is not straightfoward. While bound to a computer account, Keepass adds a layer of data protected by Windows DPAPI (cf. #2521). Please take a look at keepassx source code and provide further information.

Thx

kholia commented 6 years ago

See http://www.harmj0y.net/blog/redteaming/a-case-study-in-attacking-keepass/ for details on how to approach this problem.

There are lot of steps involved in this process which JtR Jumbo can't help with. Hence I am closing this issue.

kholia commented 6 years ago

https://msdn.microsoft.com/en-us/library/windows/desktop/aa382377(v=vs.85).aspx could be useful here.

Also see https://github.com/hashcat/hashcat/issues/1437. It has some internal details on how this works.

Please feel free to reopen this issue if you have a solution, and are actively working on it.