Skip to main content
team-collaboration/version-control/githubGithub

LinkGithub Repository

Reach me out via LinkedIn, Portfolio Contact Form or mail@pascal-nehlsen.de

Admin Registration Challenge Report

CVE 2023_32784 Exploit Tool

This repository contains the source code for an exploit tool designed to assist in password recovery from .dmp and .kdbx files. This exploit uses the CVE vulnerability from this repository.

Only for Testing Purposes

This tool is intended for educational and authorized penetration testing purposes only. Unauthorized use of this tool against systems that you do not have explicit permission to test is illegal and unethical.

Table of Contents

Features

This implementation covers the following features/options:

  • Brute-Force Attack: Attempts to crack passwords by trying all combinations of the first two characters while retaining the rest of the password.
  • Candidate Generation: Analyzes .dmp files to extract potential password candidates.
  • Logging: Provides detailed logs of the processes and outcomes.

Getting Started

To get started with the exploit tool, follow these steps:

  1. Clone the Repository:
git clone https://github.com/pascalnehlsen/2023_32784_exploit.git
cd 2023_32784_exploit
  1. Install Dependencies:

Ensure you have Python 3 installed. The required Python packages can be installed using pip:

pip install -r requirements.txt

Usage Examples+

  1. Create a folder named dumps:
mkdir dumps

  1. Add your .DMP and .kdbx files to the folder

  2. To run the exploit tool, use the following command:

python exploit.py
  • This command assumes the presence of a folder named dumps in the same directory, containing the .DMP and .kdbx files.

Example Output

Upon execution, the tool will display messages indicating progress and results:

Opened path/to/test1.DMP
Possible password: <password>
Brute-force first two characters -> <first_two> <-...
[SUCCESS] Password found: <successful_password>

If no matching pairs are found, the output will indicate that:

No matching .DMP and .kdbx file pairs found.

Password Storage

When a password is successfully found, it is written to a file named result.pot. The format of each entry in the file is:

<hash>:<password>
  • Hash: The SHA-256 hash of the found password.
  • Password: The actual password that was discovered.

Logging

Logs are written to the console. You can modify the logging level in the code if you need to adjust the verbosity of the output. By default, logging is set to INFO, but you can enable DEBUG mode for more detailed output.