关联漏洞
介绍
# CVE-2023-32784
KeePass 2.X < version 2.54 is susceptible to a vulnerability in which the master password may be retrievable from a memory dump of an unlocked KeePass database. This was assigned [CVE-2023-32784](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32784)
This program aims to retrieve the master password from a memory dump of a running KeePass process. It outputs potential characters by position, a potential passphrase on one line, and a JohnTheRipper mask.
## Installation
### With go installed
```sh
$ go install github.com/mister-turtle/cve-2023-32784@latest
```
### Pre-built binaries
Head to the [Releases page](https://github.com/mister-turtle/cve-2023-32784/releases) and get the latest pre-built binary for your system.
### Building from source
```sh
$ git clone github.com/mister-turtle/cve-2023-32784
$ cd cve-2023-32784
$ go buid .
```
## Usage
```
$ go run . --help
Usage of ./cve-2023-32784:
-d string
Path to the memory dump
```
文件快照
[4.0K] /data/pocs/ff25502172974fdd2cc92b5772650e89419dc061
├── [ 58] go.mod
├── [ 0] go.sum
├── [3.7K] main.go
└── [ 984] README.md
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。