-
Notifications
You must be signed in to change notification settings - Fork 57
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Invalid data from password dump - old databases #4
Comments
Yes, give me a little while to try other methods. Yes, I have the latest code you posted. I'm going to restart the system and then test again. |
Hey, I've tried your PoC tool on a taskmanager keepass dump where a dummy DB (generated with KeePass 2.5.0) was accessed and that worked flawlessly, on my main DB however it didn't get lenght nor contents right. I've been using KeePass for a long time and this specific DB might have been generated with a different verison than those affected, if that matters |
Hello, yes, this is exactly what @pshelling has messaged me about privately. Thanks for reporting! Can you figure out what KeePass version have you used to generate your old database? I’d like to get my hands on such a database and dump to test it, but it’s obviously not possible with real DBs due to security concerns. |
Unfortunately I didn't keep a record but it might have been 2.39 portable |
Thanks! Unfortunately, even when I created a database with 2.39 and then opened it with 2.53.1, I was still able to reproduce the attack. The problem must be somewhere else. |
Although it's not a very painful vulnerability, it's a disaster that it openly gives away your password. |
@wouterVE thanks for verifying! This is unfortunate news, I was hoping that old versions like that weren't impacted. Anyway, the search is still on for those few versions that are allegedly unaffected. |
I'm on an all US English Windows 10 x64 22H2 system. Installed .NET v7.0.302
Created a Projects folder, copied these files to the folder
keepass_password_dumper.csproj
Program.cs
I also had had a c:\windows\memory.dmp file from two weeks ago. I copied that to the Projects folder. Then ran the following
dotnet run MEMORY.DMP
My password length might be right but the characters and layout are not even close
Is the length of the password an issue? My password is 35 characters long.
I also created a Keepass dump file with Task Manager and copied to the Projects folder and ran it that way too and it was not even close.
dotnet run Keepass.DMP
That one was only about 10 characters found
Am I not running the program correctly or is there something else I should be doing to get the proper results?
The text was updated successfully, but these errors were encountered: