mod0keecrack/README.md

# mod0keecrack

## Introduction

> *KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file.*
(Source: http://keepass.info/)

**mod0keecrack** is a simple tool to crack/bruteforce passwords of KeePass 2 databases. It implements a KeePass 2 Database file parser for .kdbx files, as well as decryption routines to verify if a supplied password is correct. mod0keecrack only handles the encrypted file format and is not able to parse the resulting plaintext database. The only purpose of mod0keecrack is the brute-forcing of a KeePass 2 database password.

mod0keecrack handles KeePass 2 databases that are encrypted with password-only, or with password and key-file.

Currently, there is no incremental or template-based bruteforce algorithm for passphrase generation implemented yet. To use mod0keecrack, you need to generate own wordlists or supply a wordlist via pipe/stdin. For example, you could use the john password cracker to generate wordlists and feed them directly into mod0keecrack via stdin. You can also use text-files with a wordlist on the command-line.

Using wordlists is recommended, as dumb incremental brute-force may take a too long time due to the crypto-algorithms that are used by KeePass databases (SHA256 and many AES key-transformation rounds).

mod0keecrack is plain C and has no 3rd party library dependencies on Windows, as it's using the Microsoft Cryptographic (CNG) Framework. A platform independent implementation could be done by simply porting crypto-ms.c to e.g. crypto-openssl.c.

## Usage

To encrypt password databases, KeePass supports passwords, keyfiles or a password-keyfile combo. To crack a password-only database, use mod0keecrack like this:

`mod0keecrack <keepassx-file.kdbx> [wordlist.txt]`

To crack a database that also uses a key-file, use the command line as shown above, and copy the keyfile to the same directory as the database and rename it to <databasename>.key. For example, if your KeePass database filename is `lala.kdbx` you must copy the keyfile to `lala.key` within the same directory. **If there is a corresponding .key file within the same directory, mod0keecrack always consider it as key-file input.**

wordlist.txt is optional. If no wordlist is provided via command line argument, mod0keecrack reads a wordlist from stdin. If you want to generate a wordlist on the fly, you can use genwords.py as an example and use it like this:

`genwords.py Secrets%04d! | mod0keecrack lala.kdbx`

Example output of the last command line (lala.kdbx uses password AND keyfile lala.key):

<pre>
mod0keecrack>genwords.py Secrets%04d! | mod0keecrack.exe lala.kdbx
[*] using  db: lala.kdbx
[*] using key: lala.key
[*] kdbx header:
[-]    file magic:          9aa2d903
[-]    file identifier:     b54bfb67
[-]    file minor version:  0001
[-]    file major version:  0003
[*] kdbx headerentries:
[-]    END:                 0D0A0D0A
[-]    COMMENT:
[-]    CIPHERID:            31C1F2E6BF714350BE5805216AFC5AFF
[-]    COMPRESSIONFLAGS:    00000001
[-]    MASTERSEED:          BD5A62AC01FD27B040D98894A7FA306D0F9AED7A23E870DC1E36ECE31DA2526B
[-]    TRANSFORMSEED:       FFA6509325D87EDD8FAFA2A44C814F8846109FC1F7BCF2775F278C1C0CDF52A7
[-]    TRANSFORMROUNDS:     00000000000186a0
[-]    ENCRYPTIONIV:        40F71E30D138591E5F8AF4EDF1DB9EE0
[-]    PROTECTEDSTREAMKEY:  27CA955DF72F13301E1A038404ADCA4D59E8DC26B30F8776E393F0F22568E13E
[-]    STREAMSTARTBYTES:    76B99E10BE00334DDE830361A07FBA86845F39DD0DCBCEEE5102D6F41204B746
[-]    INNERRANDOMSTREAMID: 00000002
[*] kdbx payload:
[-]    payload offset:      de
[-]    payload len:         470
[*] Using keyfile lala.key
[+] key hash:               A884B77F5E1ED180BDF95B988BD032247CE6A87893BB4CC5C0532407BC86FE3B
[*] kdbx crack:
[*] decryption successful with password Secrets2015!
</pre>

mod0keecrack does not process decrypted kdbx-database payload. It simply tells you, if a database-passphrase was right or wrong.

## Platforms

mod0keecrack is implemented in plain C and should be able to compile and run on any platform, if the crypto-framework is ported to the target platform. Currently, the only platform dependend code is implemented in three functions in crypto-ms.c. The first version is using the Microsoft CNG (bcrypt) framework for SHA256 and AES. It should be no issue to implement a platform independent openssl-based version of crypto-ms.c.

## Building

To build mod0keecrack on Windows, open your Dev-command prompt and enter:

`cl.exe /Femod0keecrack.exe helper.c mod0keecrack.c crypto-ms.c bcrypt.lib`

## Author and Legal Stuff

mod0keecrack was written by Thorsten (THS) Schroeder of modzero. You can get in touch with me e.g. via twitter: `@__ths__`

<pre>
 * Copyright (c) 2016, mod0keecrack
 *    Thorsten Schroeder <ths at modzero dot ch>
 *
 * All rights reserved.
 *
 * This file is part of mod0keecrack.
 *
 * "THE BEER-WARE LICENSE" (Revision 42):
 * Thorsten Schroeder <ths at modzero dot ch> wrote this file. As long as you
 * retain this notice you can do whatever you want with this stuff. If we meet
 * some day, and you think this stuff is worth it, you can buy me a beer in
 * return. Thorsten Schroeder.
 *
 * NON-MILITARY-USAGE CLAUSE
 * Redistribution and use in source and binary form for military use and
 * military research is not permitted. Infringement of these clauses may
 * result in publishing the source code of the utilizing applications and
 * libraries to the public. As this software is developed, tested and
 * reviewed by *international* volunteers, this clause shall not be refused
 * due to the matter of *national* security concerns.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE DDK PROJECT BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
</pre>
Fixed tabs vs spaces and line endings. 2016-03-28 12:19:52 +00:00			`# mod0keecrack`

			`## Introduction`

			`> KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file.`
			`(Source: http://keepass.info/)`

			`mod0keecrack is a simple tool to crack/bruteforce passwords of KeePass 2 databases. It implements a KeePass 2 Database file parser for .kdbx files, as well as decryption routines to verify if a supplied password is correct. mod0keecrack only handles the encrypted file format and is not able to parse the resulting plaintext database. The only purpose of mod0keecrack is the brute-forcing of a KeePass 2 database password.`

			`mod0keecrack handles KeePass 2 databases that are encrypted with password-only, or with password and key-file.`

			`Currently, there is no incremental or template-based bruteforce algorithm for passphrase generation implemented yet. To use mod0keecrack, you need to generate own wordlists or supply a wordlist via pipe/stdin. For example, you could use the john password cracker to generate wordlists and feed them directly into mod0keecrack via stdin. You can also use text-files with a wordlist on the command-line.`

			`Using wordlists is recommended, as dumb incremental brute-force may take a too long time due to the crypto-algorithms that are used by KeePass databases (SHA256 and many AES key-transformation rounds).`

			`mod0keecrack is plain C and has no 3rd party library dependencies on Windows, as it's using the Microsoft Cryptographic (CNG) Framework. A platform independent implementation could be done by simply porting crypto-ms.c to e.g. crypto-openssl.c.`

			`## Usage`

			`To encrypt password databases, KeePass supports passwords, keyfiles or a password-keyfile combo. To crack a password-only database, use mod0keecrack like this:`

			`mod0keecrack <keepassx-file.kdbx> [wordlist.txt]`

			To crack a database that also uses a key-file, use the command line as shown above, and copy the keyfile to the same directory as the database and rename it to <databasename>.key. For example, if your KeePass database filename is `lala.kdbx` you must copy the keyfile to `lala.key` within the same directory. If there is a corresponding .key file within the same directory, mod0keecrack always consider it as key-file input.

			`wordlist.txt is optional. If no wordlist is provided via command line argument, mod0keecrack reads a wordlist from stdin. If you want to generate a wordlist on the fly, you can use genwords.py as an example and use it like this:`

			`genwords.py Secrets%04d! \| mod0keecrack lala.kdbx`

			`Example output of the last command line (lala.kdbx uses password AND keyfile lala.key):`

			`<pre>`
			`mod0keecrack>genwords.py Secrets%04d! \| mod0keecrack.exe lala.kdbx`
			`[*] using db: lala.kdbx`
			`[*] using key: lala.key`
			`[*] kdbx header:`
			`[-] file magic: 9aa2d903`
			`[-] file identifier: b54bfb67`
			`[-] file minor version: 0001`
			`[-] file major version: 0003`
			`[*] kdbx headerentries:`
			`[-] END: 0D0A0D0A`
			`[-] COMMENT:`
			`[-] CIPHERID: 31C1F2E6BF714350BE5805216AFC5AFF`
			`[-] COMPRESSIONFLAGS: 00000001`
			`[-] MASTERSEED: BD5A62AC01FD27B040D98894A7FA306D0F9AED7A23E870DC1E36ECE31DA2526B`
			`[-] TRANSFORMSEED: FFA6509325D87EDD8FAFA2A44C814F8846109FC1F7BCF2775F278C1C0CDF52A7`
			`[-] TRANSFORMROUNDS: 00000000000186a0`
			`[-] ENCRYPTIONIV: 40F71E30D138591E5F8AF4EDF1DB9EE0`
			`[-] PROTECTEDSTREAMKEY: 27CA955DF72F13301E1A038404ADCA4D59E8DC26B30F8776E393F0F22568E13E`
			`[-] STREAMSTARTBYTES: 76B99E10BE00334DDE830361A07FBA86845F39DD0DCBCEEE5102D6F41204B746`
			`[-] INNERRANDOMSTREAMID: 00000002`
			`[*] kdbx payload:`
			`[-] payload offset: de`
			`[-] payload len: 470`
			`[*] Using keyfile lala.key`
			`[+] key hash: A884B77F5E1ED180BDF95B988BD032247CE6A87893BB4CC5C0532407BC86FE3B`
			`[*] kdbx crack:`
			`[*] decryption successful with password Secrets2015!`
			`</pre>`

			`mod0keecrack does not process decrypted kdbx-database payload. It simply tells you, if a database-passphrase was right or wrong.`

			`## Platforms`

			`mod0keecrack is implemented in plain C and should be able to compile and run on any platform, if the crypto-framework is ported to the target platform. Currently, the only platform dependend code is implemented in three functions in crypto-ms.c. The first version is using the Microsoft CNG (bcrypt) framework for SHA256 and AES. It should be no issue to implement a platform independent openssl-based version of crypto-ms.c.`

			`## Building`

			`To build mod0keecrack on Windows, open your Dev-command prompt and enter:`

			`cl.exe /Femod0keecrack.exe helper.c mod0keecrack.c crypto-ms.c bcrypt.lib`

			`## Author and Legal Stuff`

			mod0keecrack was written by Thorsten (THS) Schroeder of modzero. You can get in touch with me e.g. via twitter: `@__ths__`

			`<pre>`
			`* Copyright (c) 2016, mod0keecrack`
			`* Thorsten Schroeder <ths at modzero dot ch>`
			`*`
			`* All rights reserved.`
			`*`
			`* This file is part of mod0keecrack.`
			`*`
			`* "THE BEER-WARE LICENSE" (Revision 42):`
			`* Thorsten Schroeder <ths at modzero dot ch> wrote this file. As long as you`
			`* retain this notice you can do whatever you want with this stuff. If we meet`
			`* some day, and you think this stuff is worth it, you can buy me a beer in`
			`* return. Thorsten Schroeder.`
			`*`
			`* NON-MILITARY-USAGE CLAUSE`
			`* Redistribution and use in source and binary form for military use and`
			`* military research is not permitted. Infringement of these clauses may`
			`* result in publishing the source code of the utilizing applications and`
			`* libraries to the public. As this software is developed, tested and`
			`* reviewed by international volunteers, this clause shall not be refused`
			`* due to the matter of national security concerns.`
			`*`
			`* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"`
			`* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE`
			`* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE`
			`* ARE DISCLAIMED. IN NO EVENT SHALL THE DDK PROJECT BE LIABLE FOR ANY DIRECT,`
			`* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES`
			`* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;`
			`* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND`
			`* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT`
			`* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS`
			`* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`
			`</pre>`