-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support new KeePass algorithms #2502
Comments
I'd like to see an OpenCL format as well. (Edit: OK, that's #2471) |
Here are some sample KeePass databases for testing. |
ChaCha20 support is done. Argon2 stuff needs work. |
Steps for building KeePass under Linux. Tested on Fedora 25.
|
Hi! Has this issue been fixed yet? I would be deeply grateful if you could please resolve this problem. |
Hi guys, I'd like that we (or in fact : you two, or whoever you think needed for this) decide the exchange format (for both hashcat and john) we change for that new version of file. Actual john formatActuat format contains in this order
v4 format ideaAs the new format contains a HMAC of the header using the password (or +keyfile) I'd suggest the new format contains
The
For argon2 (with in order: version, iteration,memory,parallelism,salt) it would look like
My questions are
Final possible format
pings to @jsteube @kholia hashcat/hashcat#1013 |
@BobForCat Thank you! Once we agree on the encoding and have the script, what is the plan to have this actually supported in JtR and/or hashcat? Do you intend to work on that as well, or know who will? |
@solardiz Nope, no development on the cracking side for me, and I don't know anyone for that task I also discovered that https://github.com/libkeepass/pykeepass did a parsing for v4, but I'm unsure if we can use a python dependency into a JtR extraction script |
Useful links,
http://keepass.info/help/base/security.html
http://keepass.info/help/kb/kdbx_4.html#argon2
ChaCha20 and Argon2 are needed.
The text was updated successfully, but these errors were encountered: