Keepass token lenght exception - high iteration
#1
Hello,
i tried to crack my wallet because i am not sure of CamelCase i set. I already generated my wordlist.
Now to the Problem:
I made huge iteration (Took about 12 sec to unlock the wallet) so its going difficult to crack (not even thought that i would try this, but here i am Big Grin)

Hash starts with:
$keepass$*2*276020016*0*c38d232af215088d8d

But when i try to start hashcat following code appears


$sudo hashcat --force -a 0 -m 13400 hash.txt wordlist.txt

hashcat (v5.1.0) starting...

OpenCL Platform #1: The pocl project
====================================
* Device #1: blabla

Hashfile 'hash.txt' on line 1 ($keepa...4a8805d256706bcacd8c6274b2bc7863): Token length exception
No hashes loaded.

Started: Wed May 19 13:19:55 2021
Stopped: Wed May 19 13:19:55 2021



I tried it also with the beta build hashcat (v6.2.1-26-g0fd8de3a7) (but on windows)

I tested a higher iteration (hashcat ($keepass$*2*30000000*0*74f38030270a7982d631268193e) before and it was working.

Any suggestions/ideas?

The lenght of the string in hash.txt is 317 .
The length of the working test before had 316.
Reply
#2
(05-19-2021, 01:27 PM)Knuub Wrote: Hello,
i tried to crack my wallet because i am not sure of CamelCase i set. I already generated my wordlist.
Now to the Problem:
I made huge iteration (Took about 12 sec to unlock the wallet) so its going difficult to crack (not even thought that i would try this, but here i am Big Grin)

Hash starts with:
$keepass$*2*276020016*0*c38d232af215088d8d

But when i try to start hashcat following code appears


$sudo hashcat --force -a 0 -m 13400 hash.txt wordlist.txt

hashcat (v5.1.0) starting...

OpenCL Platform #1: The pocl project
====================================
* Device #1: blabla

Hashfile 'hash.txt' on line 1 ($keepa...4a8805d256706bcacd8c6274b2bc7863): Token length exception
No hashes loaded.

Started: Wed May 19 13:19:55 2021
Stopped: Wed May 19 13:19:55 2021



I tried it also with the beta build hashcat (v6.2.1-26-g0fd8de3a7) (but on windows)

I tested a higher iteration (hashcat ($keepass$*2*30000000*0*74f38030270a7982d631268193e) before and it was working.

Any suggestions/ideas?

The lenght of the string in hash.txt is 317 .
The length of the working test before had 316.

first
look for a space or whitespace/something similar at the end of your hash (inside your file)
second
hashcat (v5.1.0) starting...
try to update or build from github, actual version is 6.2.1 or for over quite a year 6.1.1
Reply
#3
Quote:first
look for a space or whitespace/something similar at the end of your hash (inside your file)
second
hashcat (v5.1.0) starting...
try to update or build from github, actual version is 6.2.1 or for over quite a year 6.1.1


Hi, thanks for the fast answere. I checked multiple times for whitespaces. 
Hashcat is  going to work with this hash if i remove a digit of the iterations 276020016 -> 27602016

You got a point with the version, but it made no difference.

$sudo ./hashcat.bin --force -a 0 -m 13400 hash.txt wordlist.txt

hashcat (v6.2.1-26-g0fd8de3a7) starting...

You have enabled --force to bypass dangerous warnings and errors!
This can hide serious problems and should only be done when debugging.
Do not report hashcat issues encountered when using --force.
OpenCL API (OpenCL 1.2 pocl 1.4, None+Asserts, LLVM 9.0.1, RELOC, SLEEF, DISTRO, POCL_DEBUG) - Platform #1 [The pocl project]
=============================================================================================================================
* Device #1: blabla

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Hashfile 'hash.txt' on line 1 ($keepa...4a8805d256706bcacd8c6274b2bc7863): Token length exception
No hashes loaded.

Started: Wed May 19 13:49:00 2021
Stopped: Wed May 19 13:49:00 2021

Reply
#4
mh im not so into the c syntax, but as far as i can see it, iteration count is stored inside an u32, so the maximum shoud be

4294967295

according to your, tried a higher iterations count and it worked, there seems to be another problem
Reply
#5
I managed to get it working:

If anyone will encounter this issue do following:

Get the Code from github, go to module_13400.c which is the module for Keepass.
Increase the variable : token.len_max[2] to you desired number. It was set to 8 i needed to increase it to 9.
token.len_max[2] = 8; -> token.len_max[2] = 9;

build it
and its working for this specific example
Reply
#6
your where faster Big Grin, found the same line

strange thing, i will open an github issue for that, maybe this bug? can be found on other modules too

len_max should be 10 due to u32 max length, at least in modules/modes which are using iterations/and or these iterations can be manually tuned (veracrypt PIM or something similar)
Reply
#7
Feel free to send in a PR. Is a simple change I don't see any problems.
Reply