cracking kdbx(keepass)

locate keepass2john
keepass2john something.kdbx >> keyoass_hashes 

if you have suscpicious image files within the same directory, maybe try to attach those files as key files

for i in $(ls *.JPG); do echo $i; done #list all the jpeg file names in the current dir

#this next command attach an image file to keepass and remove the original file name and replace it with the img file name when generating hashes. 
for i in $(ls *.JPG); do keepass2john -k $i something.kdbx; sed "s/something/$i/g" >> hashes; done


#last step
crack them with hashcat! 
Keepass is 13400 
hashcat -m 13400 -O hashes ~/rockyou.txt --user  

once cracked, we can install keepass client

apt install kpcli 
kpcli --kdb Mypasswords.kdbx --key IMGfile.jpg 
enter the pass and do help to see what we can do!
ls > show -a -f 0 

Last updated