hashcat for keepass using combination of the same wordslist
#1
Hello,

I am a newbie of hashcat.
But I find this activity very interesting.
Here is an exercise that I play with.

I have created a KeePass database "demo.kdbx" with a master password.
The master password is 'B0B!3-S@M!3'.

The master password match the following template XXXXSYYYY,
where XXXX and YYYY come from a given words list,
and S is a symbol.
XXXX or YYYY may be a variant of an original word by replacing some character by symbols or numbers.
Examples:
BOBIE -> B0B!3
SAMIE -> S@M!3

Symbol S can be one of "!@+-..." and other symbols.

I have created file words.txt with content:
Code:
BOBIE
B0B!3
SAMIE
S@M!3

And use the following command :

Code:
$ keepass2john demo.kdbx > demo.hash

Then remove at the beginning of line the word 'demo:'.

Code:
$ cat demo.hash
$keepass$*2*100000*0*36c1b27ee73ab987d4f76330ae22d91b2cf8341832b118ae532faefc71fa1c5e*8cd7d38e010a3cce065bfcd69c4f3ccbb4318d58436f063fb8ee4f1a7fd323a8*758ed74daa44027c1fc29fa0039af3e0*31c6c1caf044b519c98068ad92a2711e72349783ad60301ecb3209ef1a0ec715*d587dcaf78693bf1b4669fa3d8f2029398164bdc70bdf2e8456ad74b35287d26

Code:
$ hashcat -a 1 -m 13400 -j '$-' demo.hash words.txt words.txt

But the password was not found !?

Here is the output :

Code:
hashcat (v5.1.0) starting...

OpenCL Platform #1: The pocl project
====================================
* Device #1: pthread-AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx, 2048/4455 MB allocatable, 8MCU

Dictionary cache built:
* Filename..: words.txt
* Passwords.: 5
* Bytes.....: 25
* Keyspace..: 5
* Runtime...: 0 secs

Dictionary cache built:
* Filename..: words.txt
* Passwords.: 5
* Bytes.....: 25
* Keyspace..: 5
* Runtime...: 0 secs

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers:
* Zero-Byte
* Single-Hash
* Single-Salt

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Watchdog: Hardware monitoring interface not found on your system.
Watchdog: Temperature abort trigger disabled.

* Device #1: build_opts '-cl-std=CL1.2 -I OpenCL -I /usr/share/hashcat/OpenCL -D LOCAL_MEM_TYPE=2 -D VENDOR_ID=64 -D CUDA_ARCH=0 -D AMD_ROCM=0 -D VECT_SIZE=8 -D DEVICE_TYPE=2 -D DGST_R0=0 -D DGST_R1=1 -D DGST_R2=2 -D DGST_R3=3 -D DGST_ELEM=4 -D KERN_TYPE=13400 -D _unroll'
Dictionary cache built:
* Filename..: words.txt
* Passwords.: 5
* Bytes.....: 25
* Keyspace..: 25
* Runtime...: 0 secs

The wordlist or mask that you are using is too small.
This means that hashcat cannot use the full parallel power of your device(s).
Unless you supply more work, your cracking speed will drop.
For tips on supplying more work, see: https://hashcat.net/faq/morework

Approaching final keyspace - workload adjusted. 

$keepass$*2*100000*0*36c1b27ee73ab987d4f76330ae22d91b2cf8341832b118ae532faefc71fa1c5e*8cd7d38e010a3cce065bfcd69c4f3ccbb4318d58436f063fb8ee4f1a7fd323a8*758ed74daa44027c1fc29fa0039af3e0*31c6c1caf044b519c98068ad92a2711e72349783ad60301ecb3209ef1a0ec715*d587dcaf78693bf1b4669fa3d8f2029398164bdc70bdf2e8456ad74b35287d26:B0B!3-S@M!3
                                               
Session..........: hashcat
Status...........: Cracked
Hash.Type........: KeePass 1 (AES/Twofish) and KeePass 2 (AES)
Hash.Target......: $keepass$*2*100000*0*36c1b27ee73ab987d4f76330ae22d9...287d26
Time.Started.....: Mon Jun 20 12:58:39 2022 (3 secs)
Time.Estimated...: Mon Jun 20 12:58:42 2022 (0 secs)
Guess.Base.......: File (words.txt), Left Side
Guess.Mod........: File (words.txt), Right Side
Speed.#1.........:        7 H/s (0.07ms) @ Accel:256 Loops:64 Thr:1 Vec:8
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 20/25 (80.00%)
Rejected.........: 0/20 (0.00%)
Restore.Point....: 0/5 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:3-4 Iteration:99968-100000
Candidates.#1....: BOBIE-S@M!3 -> -S@M!3

Started: Mon Jun 20 12:58:33 2022
Stopped: Mon Jun 20 12:58:43 2022

When I try to see potfile, nothing Sad

Code:
$ hashcat --show demo.hash
Hashfile 'demo.hash' on line 1 ($keepa...98164bdc70bdf2e8456ad74b35287d26): Token length exception
No hashes loaded.

I need some help please Smile
Thanks.

Dominique
Reply


Messages In This Thread
hashcat for keepass using combination of the same wordslist - by domiq44 - 06-20-2022, 01:16 PM