Help with partially known keepass password
#1
Hello. I don't know what happened but today I forgot my KeePass password with everything I need inside. My frustration is through the roof. I started googling, found a way to generate a hash with keepass2john and now I'm here.
Maybe someone could guide me to a solution to the following problem.

I'm somewhat certain that the following is the case:
KKKKKKKKKKKKUUKKKKK (K= Known character, U= Unknown character)

From what I've read so far, I guess that I need 2 dictionaries. One for the left part that I know, another for the right part.
But due to language barrier it's pretty hard to grasp how to solve this.

Could you give me hints or solutions?
I am very grateful for any idea you people can give me.
Reply
#2
use a mask attack with this mask:

KKKKKKKKKKKK?a?aKKKKK
Reply
#3
(01-11-2021, 06:16 PM)undeath Wrote: use a mask attack with this mask:

KKKKKKKKKKKK?a?aKKKKK

Thank you I'll read into that.
Reply
#4
.\hashcat.exe -m 13400 -a 3 keepass.txt 'KKKKK?a?aKKKK!'

My hash looks like this:
$keepass$*2*20000000*0*x*x*x*x*x

Am I on the right way? Hashcat is working at this moment.
Reply
#5
Please don't post hashes. I've censored yours.

The command looks right. I just hope you have replaced your known Ks by the actual characters.

You might see a speed gain by adding -S to your command line.
Reply
#6
(01-11-2021, 06:55 PM)undeath Wrote: Please don't post hashes. I've censored yours.

The command looks right. I just hope you have replaced your known Ks by the actual characters.

You might see a speed gain by adding -S to your command line.

Uh. Okay. I guess I've no clue what I'm doing. Thank you for your help.

Edit: I just realized that hashcat does not make any progress at all.
"Progress.........: 0/9025 (0.00%)" what's happening?
Reply
#7
The mask is not optimal for hashcat. With -S it will probably be faster.
Reply
#8
Thank you so much, Undeath!! You saved me so much time. I don't want to think about what happened if I didn't manage to get back into my keepass database. I feel so relieved.

Again: Thank you and everyone involved with hashcat! <3
Reply