Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support new KeePass algorithms #2502

Open
kholia opened this issue Apr 13, 2017 · 8 comments
Open

Support new KeePass algorithms #2502

kholia opened this issue Apr 13, 2017 · 8 comments
Assignees
@kholia
Labels
enhancement

Comments

@kholia
Copy link
Member

kholia commented Apr 13, 2017

Useful links,

ChaCha20 and Argon2 are needed.
@kholia kholia added enhancement RFC / discussion Help or comments wanted labels Apr 13, 2017
@magnumripper
Copy link
Member

magnumripper commented Apr 21, 2017
edited
Loading

I'd like to see an OpenCL format as well. (Edit: OK, that's #2471)

@kholia
Copy link
Member Author

kholia commented May 20, 2017
edited
Loading

Here are some sample KeePass databases for testing.

This was referenced Jul 3, 2017
Merged
Merged
@kholia
Copy link
Member Author

kholia commented Aug 27, 2017

ChaCha20 support is done. Argon2 stuff needs work.

@kholia
Copy link
Member Author

kholia commented Sep 9, 2017

Steps for building KeePass under Linux. Tested on Fedora 25.

Install monodevelop package

Download and extract KeePass-2.36-Source.zip

cd Build

sh PrepMonoDev.sh

cd ..

xbuild /p:TargetFrameworkVersion="v4.5"

@kholia kholia removed the RFC / discussion Help or comments wanted label Nov 9, 2017
@kholia kholia self-assigned this Nov 9, 2017
@philsmd philsmd mentioned this issue Sep 26, 2019
Closed
@HEELcaT666
Copy link

HEELcaT666 commented Jun 18, 2020
edited
Loading

Hi! Has this issue been fixed yet? I would be deeply grateful if you could please resolve this problem.

@BobForCat
Copy link

BobForCat commented Jul 23, 2023
edited
Loading

Hi guys,
I have successfully implemented a python parsing (less than 200 lines) of the keepass v4 file using the KeePassJava2 code+documentation and I would like to propose this as a python keepass2john.py for john, but that will also impact hashcat when it will be implemented

I'd like that we (or in fact : you two, or whoever you think needed for this) decide the exchange format (for both hashcat and john) we change for that new version of file.

Actual john format

Actuat format contains in this order

transformRounds     --> deprecated
algorithm  
masterSeed  
transformSeed         --> deprecated
initializationVectors  --> not needed anymore  
expectedStartBytes  --> not needed anymore

v4 format idea

As the new format contains a HMAC of the header using the password (or +keyfile) I'd suggest the new format contains

algorithm
masterSeed  
kdf_params    --> details below
validation_hmac_sha256
full_header              --> to compute the hmac and validate

The kdf_params consists of a mutliple key pairs, where keys are a single uppercase letter and value either a number of bytes. I tought we could

  • write value as number if number, else hex of bytes
  • write pair like k=v
  • join every pair with *

For argon2 (with in order: version, iteration,memory,parallelism,salt) it would look like

UUID=ef636ddf8c29444b91f7a9a403e30a0c*V=19*I=2*M=1048576*P=2*S=388336bb577ac102077622356bac26141893528edf7687026fe0d6f79e220b27

My questions are

  • is this a good idea to put the full header there to validate on ? Or would it be better to use the hmac of the first encrypted bloc instead ?

  • As I write in python it's very easy for me to decide the separators, the format, ... but in C it's different, so I don't know if how the parameters are written is a nice way. Like we could add a field nbKdfParams to help or whatever

Final possible format

$keepass$*2*2*5663db9dd04368094676903cd2bc447ec2d92d175a7913471fc6ff8a606138bf*6*UUID=ef636ddf8c29444b91f7a9a403e30a0c*V=19*I=2*M=1048576*P=2*S=388336bb577ac102077622356bac26141893528edf7687026fe0d6f79e220b27*910a4315635e59579a531444cb73cca06c9d0003a4652f4b782a4ce048f5d81f*03d9a29a67fb4bb5000004000210000000d6038a2b8b6f4cb5a524339a31dbb59a03040000000100000004200000005663db9dd04368094676903cd2bc447ec2d92d175a7913471fc6ff8a606138bf0b8b00000000014205000000245555494410000000ef636ddf8c29444b91f7a9a403e30a0c040100000056040000001300000005010000004908000000020000000000000005010000004d080000000000100000000000040100000050040000000200000042010000005320000000388336bb577ac102077622356bac26141893528edf7687026fe0d6f79e220b2700070c0000004bbdce257080e13ce35337db00040000000d0a0d0a

pings to @jsteube @kholia hashcat/hashcat#1013

@solardiz
Copy link
Member

@BobForCat Thank you! Once we agree on the encoding and have the script, what is the plan to have this actually supported in JtR and/or hashcat? Do you intend to work on that as well, or know who will?

@BobForCat
Copy link

@solardiz Nope, no development on the cracking side for me, and I don't know anyone for that task

I also discovered that https://github.com/libkeepass/pykeepass did a parsing for v4, but I'm unsure if we can use a python dependency into a JtR extraction script

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kholia kholia

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@kholia @magnumripper @solardiz @HEELcaT666 @BobForCat