KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. (Source: http://keepass.info/)
mod0keecrack is a simple tool to crack/bruteforce passwords of KeePass 2 databases. It implements a KeePass 2 Database file parser for .kdbx files, as well as decryption routines to verify if a supplied password is correct. mod0keecrack only handles the encrypted file format and is not able to parse the resulting plaintext database. The only purpose of mod0keecrack is the brute-forcing of a KeePass 2 database password.
mod0keecrack handles KeePass 2 databases that are encrypted with password-only, or with password and key-file.
Currently, there is no incremental or template-based bruteforce algorithm for passphrase generation implemented yet. To use mod0keecrack, you need to generate own wordlists or supply a wordlist via pipe/stdin. For example, you could use the john password cracker to generate wordlists and feed them directly into mod0keecrack via stdin. You can also use text-files with a wordlist on the command-line.
Using wordlists is recommended, as dumb incremental brute-force may take a too long time due to the crypto-algorithms that are used by KeePass databases (SHA256 and many AES key-transformation rounds).
mod0keecrack is plain C and has no 3rd party library dependencies on Windows, as it's using the Microsoft Cryptographic (CNG) Framework. A platform independent implementation could be done by simply porting crypto-ms.c to e.g. crypto-openssl.c.
To encrypt password databases, KeePass supports passwords, keyfiles or a password-keyfile combo. To crack a password-only database, use mod0keecrack like this:
mod0keecrack <keepassx-file.kdbx> [wordlist.txt]
To crack a database that also uses a key-file, use the command line as shown above, and copy the keyfile to the same directory as the database and rename it to .key. For example, if your KeePass database filename is lala.kdbx you must copy the keyfile to lala.key within the same directory. If there is a corresponding .key file within the same directory, mod0keecrack always consider it as key-file input.
wordlist.txt is optional. If no wordlist is provided via command line argument, mod0keecrack reads a wordlist from stdin. If you want to generate a wordlist on the fly, you can use genwords.py as an example and use it like this:
genwords.py Secrets%04d! | mod0keecrack lala.kdbx
Example output of the last command line (lala.kdbx uses password AND keyfile lala.key):
mod0keecrack>genwords.py Secrets%04d! | mod0keecrack.exe lala.kdbx [*] using db: lala.kdbx [*] using key: lala.key [*] kdbx header: [-] file magic: 9aa2d903 [-] file identifier: b54bfb67 [-] file minor version: 0001 [-] file major version: 0003 [*] kdbx headerentries: [-] END: 0D0A0D0A [-] COMMENT: [-] CIPHERID: 31C1F2E6BF714350BE5805216AFC5AFF [-] COMPRESSIONFLAGS: 00000001 [-] MASTERSEED: BD5A62AC01FD27B040D98894A7FA306D0F9AED7A23E870DC1E36ECE31DA2526B [-] TRANSFORMSEED: FFA6509325D87EDD8FAFA2A44C814F8846109FC1F7BCF2775F278C1C0CDF52A7 [-] TRANSFORMROUNDS: 00000000000186a0 [-] ENCRYPTIONIV: 40F71E30D138591E5F8AF4EDF1DB9EE0 [-] PROTECTEDSTREAMKEY: 27CA955DF72F13301E1A038404ADCA4D59E8DC26B30F8776E393F0F22568E13E [-] STREAMSTARTBYTES: 76B99E10BE00334DDE830361A07FBA86845F39DD0DCBCEEE5102D6F41204B746 [-] INNERRANDOMSTREAMID: 00000002 [*] kdbx payload: [-] payload offset: de [-] payload len: 470 [*] Using keyfile lala.key [+] key hash: A884B77F5E1ED180BDF95B988BD032247CE6A87893BB4CC5C0532407BC86FE3B [*] kdbx crack: [*] decryption successful with password Secrets2015!
mod0keecrack does not process decrypted kdbx-database payload. It simply tells you, if a database-passphrase was right or wrong.
mod0keecrack is implemented in plain C and should be able to compile and run on any platform, if the crypto-framework is ported to the target platform. Currently, the only platform dependend code is implemented in three functions in crypto-ms.c. The first version is using the Microsoft CNG (bcrypt) framework for SHA256 and AES. It should be no issue to implement a platform independent openssl-based version of crypto-ms.c.
To build mod0keecrack on Windows, open your Dev-command prompt and enter:
cl.exe /Femod0keecrack.exe helper.c mod0keecrack.c crypto-ms.c bcrypt.lib
mod0keecrack was written by Thorsten (THS) Schroeder of modzero. You can get in touch with me e.g. via twitter: @__ths__
* Copyright (c) 2016, mod0keecrack * Thorsten Schroeder * * All rights reserved. * * This file is part of mod0keecrack. * * "THE BEER-WARE LICENSE" (Revision 42): * Thorsten Schroeder wrote this file. As long as you * retain this notice you can do whatever you want with this stuff. If we meet * some day, and you think this stuff is worth it, you can buy me a beer in * return. Thorsten Schroeder. * * NON-MILITARY-USAGE CLAUSE * Redistribution and use in source and binary form for military use and * military research is not permitted. Infringement of these clauses may * result in publishing the source code of the utilizing applications and * libraries to the public. As this software is developed, tested and * reviewed by *international* volunteers, this clause shall not be refused * due to the matter of *national* security concerns. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE DDK PROJECT BE LIABLE FOR ANY DIRECT, * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.