Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 18 Jan 2015 21:40:44 +0100 (CET)
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Problems with keepass2john

On Fri, 16 Jan 2015, Shawn Tayler wrote:

> On 01/13/2015 06:41 AM, Dhiru Kholia wrote:
>
> Any suggestions as to as to how I might be able to continue? I am not
> a programmer but would be willing to learn. Might there be some
> additional comments or details available for the source that could
> help?

Hi Shawn,

How large is your KeePass database file?

Recently, we have fixed keepass2john (slightly) and it might just work
for you now.

https://github.com/magnumripper/JohnTheRipper has the latest bits.

The KeePass source code (in JtR) is fairly easy to read. Essentially,
the problem here is that we have an upper bound on the size of "hashes"
(produced by keepass2john.c) and this prevents *big* KeePass files from
being included (inlined) into the "hash" itself.

However, keepass_fmt_plug.c only knows how to deal with inlined hashes,
currently.

In short, keepass_fmt_plug.c (which does the actual cracking of the
hashes produced by keepass2john) needs to me modified to read the actual
KeePass database.

> > On Sat, 10 Jan 2015, Shawn Tayler wrote:
> >
> > > I tried using version 1.8.0-jumbo-1 and the hashes produced won't even
> > > load with john.  Tried 1.7.9-jumbo-7 and it at least produced loadable
> > > hash files.  I've been trying the several iterations of what I believe
> > > the password must be to no avail.  As a test I created several test
> > > kdb files with simple passwords, e.g. test, testtest, testtesttest,
> > > etc.  the intersting thing is that the hash files created from these
> > > test files are all about 1.7K in size, but the one from my kdb file is
> > > only about 300 bytes and my range of passwords, used crunch to create
> > > a few terabytes of possibilities, are a no go.
> > >
> > > Has anyone had similar issues with keepass2john or have some
> > > suggestions as to where I can continue?
> > Hi Shawn,
> >
> > It seems that the "keepass" format broke with some recent changes.
> >
> > See https://github.com/magnumripper/JohnTheRipper/issues/1023 for more
> > details.

Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.