CVE-2023-32784

KeePass 2.X < version 2.54 is susceptible to a vulnerability in which the master password may be retrievable from a memory dump of an unlocked KeePass database. This was assigned CVE-2023-32784

This program aims to retrieve the master password from a memory dump of a running KeePass process. It outputs potential characters by position, a potential passphrase on one line, and a JohnTheRipper mask.

Installation

With go installed

$ go install github.com/mister-turtle/cve-2023-32784@latest

Pre-built binaries

Head to the Releases page and get the latest pre-built binary for your system.

Building from source

$ git clone github.com/mister-turtle/cve-2023-32784
$ cd cve-2023-32784
$ go buid .

Usage

$ go run . --help
Usage of ./cve-2023-32784:
  -d string
        Path to the memory dump

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
.github/workflows		.github/workflows
.gitignore		.gitignore
.goreleaser.yaml		.goreleaser.yaml
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.github/workflows

.github/workflows

.gitignore

.gitignore

.goreleaser.yaml

.goreleaser.yaml

README.md

README.md

go.mod

go.mod

go.sum

go.sum

main.go

main.go

Repository files navigation

CVE-2023-32784

Installation

With go installed

Pre-built binaries

Building from source

Usage

About

Releases 1

Packages

Languages

mister-turtle/cve-2023-32784

Folders and files

Latest commit

History

Repository files navigation

CVE-2023-32784

Installation

With go installed

Pre-built binaries

Building from source

Usage

About

Resources

Stars

Watchers

Forks

Languages