Skip to content

Releases: Orange-Cyberdefense/KeePwn

KeePwn 0.5

11 Nov 20:23
@d3lb3 d3lb3
0.5
e7ed1c2
Compare
Choose a tag to compare
KeePwn 0.5 Latest
Latest

KeePwn 0.5 introduces a full rework of the search module, including options to check if KeePass.exe is currently running on the remote host, multi-threaded parallelization and results export to CSV.

Features & Roadmap

  • KeePass Discovery
    • Look for KeePass installation files through SMB C$ share (global installation only).
    • Accept multiple target sources (IP, CIDR, hostname, file).
    • Check for KeePass metadata (version, last access time).
    • Check for running KeePass process through Impacket-based RPC. 🆕
    • Multi-threaded implementation to avoid bottleneck hosts. 🆕
    • Export search results to CSV. 🆕
    • Find KDBX databases.
  • KeePass Plugin Abuse
    • Add and remove KeePass plugins (see KeeFarce Reborn) through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
  • KeePass Trigger Abuse
    • Add and remove triggers (see: KeeThief from KeePass configuration file through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
    • Customize triggers with command line arguments.
  • KeePass Dump Parsing
    • Parse memory dumps to find master password candidates (CVE-2023-32784).
    • Parse memory dumps to find encryption key.
  • KeePass Database Cracking
    • Convert KDBX to John and Hashcat compatible formats.
    • Add support for KDBX 4.x format.
  • Authentication
    • Support LM/NT hash authentication.
    • Support Kerberos Authentication.
  • Miscellaneous
    • Write unit tests.
    • Make the project available on PyPI .
Assets 2
Loading

KeePwn 0.4

16 Apr 12:30
@d3lb3 d3lb3
0.4
4741e85
Compare
Choose a tag to compare
KeePwn 0.4

KeePwn 0.4 introduces the convert mode which implements keepass2john.py script by @harmjoy. It was ported to KeePwn with the help of @0xSp3ctra.

Features & Roadmap

  • KeePass Discovery
    • Look for KeePass installation files through SMB C$ share (global installation only).
    • Accept multiple target sources (IP, CIDR, hostname, file).
    • Check for KeePass metadata (version, last access time).
    • Check for running KeePass process through Impacket-based RPC.
    • Multi-threaded implementation to avoid bottleneck hosts.
    • Export search results to CSV.
    • Find KDBX databases.
  • KeePass Plugin Abuse
    • Add and remove KeePass plugins (see KeeFarce Reborn) through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
  • KeePass Trigger Abuse
    • Add and remove triggers (see: KeeThief from KeePass configuration file through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
    • Customize triggers with command line arguments.
  • KeePass Dump Parsing
    • Parse memory dumps to find master password candidates (CVE-2023-32784).
    • Parse memory dumps to find encryption key.
  • KeePass Database Cracking 🆕
    • Convert KDBX to John and Hashcat compatible formats.
    • Add support for KDBX 4.x format.
  • Authentication
    • Support LM/NT hash authentication.
    • Support Kerberos Authentication.
  • Miscellaneous
    • Write unit tests.
    • Make the project available on PyPI .

Contributors

0xSp3ctra
Assets 2
Loading

KeePwn 0.3

22 May 15:06
@d3lb3 d3lb3
0.3
93583b0
Compare
Choose a tag to compare
KeePwn 0.3

KeePwn 0.3 introduces support for memory dump parsing in order to discover the masterkey (CVE-2023-32784). Implemented in Python by @jenaye.

Features & Roadmap

  • KeePass Discovery
    • Look for KeePass installation files through SMB C$ share (global installation only).
    • Accept multiple target sources (IP, CIDR, hostname, file).
    • Check for KeePass metadata (version, last access time).
    • Check for running KeePass process through Impacket-based RPC.
    • Multi-threaded implementation to avoid bottleneck hosts.
    • Export search results to CSV.
    • Find KDBX databases.
  • KeePass Plugin Abuse
    • Add and remove KeePass plugins (see KeeFarce Reborn) through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
  • KeePass Trigger Abuse
    • Add and remove triggers (see: KeeThief from KeePass configuration file through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
    • Customize triggers with command line arguments.
  • KeePass Dump Parsing 🆕
    • Parse memory dumps to find master password candidates (CVE-2023-32784).
    • Parse memory dumps to find encryption key.
  • KeePass Database Cracking
    • Convert KDBX to John and Hashcat compatible formats.
    • Add support for KDBX 4.x format.
  • Authentication
    • Support LM/NT hash authentication.
    • Support Kerberos Authentication.
  • Miscellaneous
    • Write unit tests.
    • Make the project available on PyPI .

Contributors

jenaye
Assets 2
Loading

KeePwn 0.2

22 May 12:59
@d3lb3 d3lb3
0.2
fe5dfa9
Compare
Choose a tag to compare
KeePwn 0.2

KeePwn 0.2 adds a new mode to support malicious plugin abuse. It also improves the discovery process by checking KeePass's binary version (useful to look for unpatched versions). Code refactoring was also performed to improve terminal output readability.

Features & Roadmap

  • KeePass Discovery
    • Look for KeePass installation files through SMB C$ share (global installation only).
    • Accept multiple target sources (IP, CIDR, hostname, file).
    • Check for KeePass metadata (version, last access time). 🆕
    • Check for running KeePass process through Impacket-based RPC.
    • Multi-threaded implementation to avoid bottleneck hosts.
    • Export search results to CSV.
    • Find KDBX databases.
  • KeePass Plugin Abuse 🆕
    • Add and remove KeePass plugins (see KeeFarce Reborn) through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
  • KeePass Trigger Abuse
    • Add and remove triggers (see: KeeThief from KeePass configuration file through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
    • Customize triggers with command line arguments.
  • KeePass Dump Parsing
    • Parse memory dumps to find master password candidates (CVE-2023-32784).
    • Parse memory dumps to find encryption key.
  • KeePass Database Cracking
    • Convert KDBX to John and Hashcat compatible formats.
    • Add support for KDBX 4.x format.
  • Authentication
    • Support LM/NT hash authentication.
    • Support Kerberos Authentication.
  • Miscellaneous
    • Write unit tests.
    • Make the project available on PyPI .
Assets 2
Loading

KeePwn 0.1

28 Feb 21:47
@d3lb3 d3lb3
0.1
8230513
Compare
Choose a tag to compare
KeePwn 0.1

Features & Roadmap

  • KeePass Discovery
    • Look for KeePass installation files through SMB C$ share (global installation only).
    • Accept multiple target sources (IP, CIDR, hostname, file).
    • Check for KeePass metadata (version, last access time).
    • Check for running KeePass process through Impacket-based RPC.
    • Multi-threaded implementation to avoid bottleneck hosts.
    • Export search results to CSV.
    • Find KDBX databases.
  • KeePass Plugin Abuse
    • Add and remove KeePass plugins (see KeeFarce Reborn) through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
  • KeePass Trigger Abuse
    • Add and remove triggers (see: KeeThief from KeePass configuration file through SMB C$ share.
    • Retrieve cleartext exports on the remote host.
    • Customize triggers with command line arguments.
  • KeePass Dump Parsing
    • Parse memory dumps to find master password candidates (CVE-2023-32784).
    • Parse memory dumps to find encryption key.
  • KeePass Database Cracking
    • Convert KDBX to John and Hashcat compatible formats.
    • Add support for KDBX 4.x format.
  • Authentication
    • Support LM/NT hash authentication.
    • Support Kerberos Authentication.
  • Miscellaneous
    • Write unit tests.
    • Make the project available on PyPI .
Assets 2
Loading