⚙️Crackable Software

KeePass

A KeePass database can be cracked in 3 steps.

Transform the kdbx file

Get the kdbx file and transform it using keepass2john.

keepass2john database.kdbx > keepass.hash

Remove the header

keepass2john adds the file's name at the beginning of the result (in this case, it will add "database:").

Removing this header is mandatory to crack the hash.

Crack it

Using hashcat

To know the code to use:

hashcat --help | grep -i "KeePass"

Then, just need to crack it (in this case, rules are used)

hashcat -m 13400 keepass.hash /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/rockyou-30000.rule --force

Using john

john --wordlist=/usr/share/wordlists/rockyou.txt --rules=keepassRules keepass.hash

SSH Private Key

Passphrase of a private key can be cracked in 3 steps.

Transform the private key file

ssh2john id_rsa > ssh.hash

Remove the header

ssh2john adds the file's name at the beginning of the result (in this case, it will add "id_rsa:").

Removing this header is mandatory to crack the hash.

Crack it

Using hashcat

To know the code to use:

hashcat -h | grep -i "ssh"

Then, just need to crack it (in this case, rules are used).

hashcat -m 22921 ssh.hash /usr/share/wordlists/rockyou.txt -r ssh.rule --force

Using john

john --wordlist=/usr/share/wordlists/rockyou.txt --rules=sshRules ssh.hash

PreviousBrute Force NextPassword Hashes

Last updated 1 year ago

hashtagKeePass

hashtagTransform the kdbx file

hashtagRemove the header

hashtagCrack it

hashtagUsing hashcat

hashtagUsing john

hashtagSSH Private Key

hashtagTransform the private key file

hashtagRemove the header

hashtagCrack it

hashtagUsing hashcat

hashtagUsing john

KeePass

Transform the kdbx file

Remove the header

Crack it

Using hashcat

Using john

SSH Private Key

Transform the private key file

Remove the header

Crack it

Using hashcat

Using john