OSCP Notes

cracking kdbx(keepass)

locate keepass2john
keepass2john something.kdbx >> keyoass_hashes
if you have suscpicious image files within the same directory, maybe try to attach those files as key files
for i in $(ls *.JPG); do echo $i; done #list all the jpeg file names in the current dir
#this next command attach an image file to keepass and remove the original file name and replace it with the img file name when generating hashes.
for i in $(ls *.JPG); do keepass2john -k $i something.kdbx; sed "s/something/$i/g" >> hashes; done
#last step
crack them with hashcat!
Keepass is 13400
hashcat -m 13400 -O hashes ~/rockyou.txt --user
once cracked, we can install keepass client
apt install kpcli
kpcli --kdb Mypasswords.kdbx --key IMGfile.jpg
enter the pass and do help to see what we can do!
ls > show -a -f 0