Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 18 Jan 2015 21:27:02 -0800
From: Shawn Tayler <shawn@...services.net>
To: john-users@...ts.openwall.com
Subject: Re: Problems with keepass2john

Hi Dhiru,

The file is about 85K.  I built the version at the link provided.

./keepass2john -i 10 kee.kdb > kee1.hash
[!] Not inlining kee.kdb. You will need kee.kdb too for cracking!

Shawn

On 01/18/2015 12:40 PM, Dhiru Kholia wrote:
> On Fri, 16 Jan 2015, Shawn Tayler wrote:
>
>> On 01/13/2015 06:41 AM, Dhiru Kholia wrote:
>>
>> Any suggestions as to as to how I might be able to continue? I am not
>> a programmer but would be willing to learn. Might there be some
>> additional comments or details available for the source that could
>> help?
> Hi Shawn,
>
> How large is your KeePass database file?
>
> Recently, we have fixed keepass2john (slightly) and it might just work
> for you now.
>
> https://github.com/magnumripper/JohnTheRipper has the latest bits.
>
> The KeePass source code (in JtR) is fairly easy to read. Essentially,
> the problem here is that we have an upper bound on the size of "hashes"
> (produced by keepass2john.c) and this prevents *big* KeePass files from
> being included (inlined) into the "hash" itself.
>
> However, keepass_fmt_plug.c only knows how to deal with inlined hashes,
> currently.
>
> In short, keepass_fmt_plug.c (which does the actual cracking of the
> hashes produced by keepass2john) needs to me modified to read the actual
> KeePass database.
>
>>> On Sat, 10 Jan 2015, Shawn Tayler wrote:
>>>
>>>> I tried using version 1.8.0-jumbo-1 and the hashes produced won't even
>>>> load with john.  Tried 1.7.9-jumbo-7 and it at least produced loadable
>>>> hash files.  I've been trying the several iterations of what I believe
>>>> the password must be to no avail.  As a test I created several test
>>>> kdb files with simple passwords, e.g. test, testtest, testtesttest,
>>>> etc.  the intersting thing is that the hash files created from these
>>>> test files are all about 1.7K in size, but the one from my kdb file is
>>>> only about 300 bytes and my range of passwords, used crunch to create
>>>> a few terabytes of possibilities, are a no go.
>>>>
>>>> Has anyone had similar issues with keepass2john or have some
>>>> suggestions as to where I can continue?
>>> Hi Shawn,
>>>
>>> It seems that the "keepass" format broke with some recent changes.
>>>
>>> See https://github.com/magnumripper/JohnTheRipper/issues/1023 for more
>>> details.
> Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.