KeePass relies on AES-256 encryption to secure its password database, like most other password managers. While KeePass defaults to an AES/Rijndael (256-bit key, FIPS 197) algorithm, you can change. Your KeePass file might not be as safe as you think, but it is easy to protect yourself with this simple settings change that does not require creating a new kdbx file. This helps make your KeePass file more secure by deterring dictionary and brute force attacks. The setting is called ‘Key Transformation’, accessible in KeePass under File Database Settings Security. KeePass is a free open source password manager. Passwords can be stored in an encrypted database, which can be unlocked with one master key. To crack a password-only database, use mod0keecrack like this: mod0keecrack wordlist.txt To crack a database that also uses a key-file, use the command line as shown above, and copy the keyfile to the same directory as the database and rename it to.key.
Passwords are an integral part of modern society. Nearly every aspect of a person’s digital life involves a password in some fashion or another. From social media sites like Facebook or Twitter to more sensitive items like bank or credit card accounts, passwords are used everywhere. A common method of storing all these passwords is to use a program to store them in a secure database or safe. These databases or safes are generally encrypted with a master password, in order to make sure all of a person’s sensitive account passwords are safe. The question is, however, whether or not these programs are as safe as they seem to be. With tools like John the Ripper and Hashcat available, not necessarily. In this post, we will be going through the steps to crack the master password for a KeePass database, a commonly used program to secure passwords. While KeePass is the focus of this particular post, it is important to note that these steps can also be used for other password repository programs, such as LastPass, Password Safe, and 1Password.
Cracking Keepass Password Safe Database Download
Environment
MCH-Kali (192.168.1.13) – Kali 2018.3 (Hashcat and John the Ripper are installed as part of the Kali distribution).
MadCityHacker.kdbx – This is a test KeePass database created for this scenario.
Scenario Steps
We start out with our KeePass database on our Kali instance:
With the KeePass database, we now need to extract the master password hash from the file. Thankfully, John the Ripper ships with a useful tool to do just that! The utility is called “keepass2john” and simply needs the KeePass database passed in as a parameter:
As you can see, running this utility produces the following hash, which is in the perfect form to be consumed by Hashcat (The only thing that needs to be done is the first section “MadCityHacker:” removed, as this is just a friendly name for the hash):
$keepass$*2*60000*222*5d073d1d92f19a9b9eec0dc213d7dba0b6dc53f1f0d4ca483cea2b60dfaefe9a*1ed0d6b61edd401
46f7c936449a2f0f4774742218449496142064f2fb7ec02c1*cedc2dc9987b0fc328929fd0b1d2cbc5*2fba97d4b24f1446080a
e85dc1067b7301f572a3b4f601c3d0c7d7c9c1429cbb*f1217fee4bd3f96a02d498ac570ccebea2e52f69d5af7d34dd1c25416
6e8733e
The next step is to take this hash string (first saved into a file called “keepass.txt”) and pass it through Hashcat. Hashcat has a number of different options, but for this scenario, we’re going to focus on two: attack mode and hash type.
Hashcat supports typical password cracking attack types, such as dictionary and brute-force, but also includes things like masking, which is filtering down the cracking attempts to certain patterns (for example, a mask of five letters and two numbers will attempt all combinations of that order, such as March18 or Tgyhj37). For this scenario, we will be using the “Straight” mode (attack ID “0”), which is a simple dictionary attack based on a wordlist. The wordlist for this scenario will be the well known “rockyou” wordlist.
Cracking Keepass Password Safe Database Software
Hashcat also has a plethora of hash types that it will attempt to crack; the full list can be found on Hashcat’s help page or on their website here. Since we have a KeePass database, we will be using hash ID “13400” which correlates to “KeePass 1 (AES/Twofish) and KeePass 2 (AES).”
Now that we have the appropriate options ready, let’s get cracking! The command to initiate the cracking will look like the following:
hashcat -a 0 -m 13400 keepass.txt /usr/share/wordlists/rockyou.txt
For real password cracking, using a GPU is the best option, as they are able to process a much larger amount of hashes per second than a typical CPU. For this scenario, I am doing simple CPU cracking on an older system as I know the master password for this database exists in the rockyou wordlist. If you are using this to test the strength of your own KeePass database, I highly recommend using atleast one GPU instead as it will be a more accurate test of strength against an adversary.
With that out of the way, let’s run the aforementioned Hashcat command:
Keepass Database Key
The password for the KeePass database has been cracked successfully! As you can see in the middle of the above screenshot, Hashcat listed out the input hash and it’s associated cracked password of “qwerty.” We can also see, with the “Time.Started” and “Time.Estimated” fields that the crack took a mere seven seconds to complete. A nice feature of Hashcat is that you can monitor how long it’s been running and it’s overall progress (as well as estimated time of completion) throughout the cracking lifecycle. Since this one only took seven seconds, we didn’t need to monitor it for long, but it’s a handy thing to note regardless.
While password databases and safes are a good way to protect your various passwords, it is important to remember that the master password for these need to be well protected as well. The best way to do this is to make sure you make very strong master passwords: 12+ characters (including both upper and lowercase letters, numbers, and special characters), non dictionary words, and nothing personally identifiable, such as birth years or names of family. The best route to take with these master passwords is to actually make them passphrases, as in long and easy to remember strings of words, such as “The dog was taken over to the dog park to burn off some energy.” The longer the master password (or phrase), the better off you will be with protecting your sensitive information.
Having issues? Something not make sense? Or just want to discuss this scenario? Feel free to drop a comment below or contact us through the Contact Us page!