⚙️Crackable Software

KeePass

A KeePass database can be cracked in 3 steps.

Get the kdbx file and transform it using keepass2john.

keepass2john database.kdbx > keepass.hash

keepass2john adds the file's name at the beginning of the result (in this case, it will add "database:").

Removing this header is mandatory to crack the hash.

To know the code to use:

hashcat --help | grep -i "KeePass"

Then, just need to crack it (in this case, rules are used)

hashcat -m 13400 keepass.hash /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/rockyou-30000.rule --force

john --wordlist=/usr/share/wordlists/rockyou.txt --rules=keepassRules keepass.hash

Passphrase of a private key can be cracked in 3 steps.

ssh2john id_rsa > ssh.hash

ssh2john adds the file's name at the beginning of the result (in this case, it will add "id_rsa:").

Removing this header is mandatory to crack the hash.

To know the code to use:

hashcat -h | grep -i "ssh"

Then, just need to crack it (in this case, rules are used).

hashcat -m 22921 ssh.hash /usr/share/wordlists/rockyou.txt -r ssh.rule --force

john --wordlist=/usr/share/wordlists/rockyou.txt --rules=sshRules ssh.hash

Last updated 1 year ago