NA

CVE-2023-24055

Published: 22/01/2023 Updated: 07/11/2023
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

KeePass up to and including 2.53 (in a default installation) allows an attacker, who has write access to the XML configuration file, to obtain the cleartext passwords by adding an export trigger. NOTE: the vendor's position is that the password database is not intended to be secure against an attacker who has that level of access to the local PC.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

keepass keepass

Github Repositories

Contains a simple yara rule to hunt for possible compromised KeePass config files

keepass_CVE-2023-24055_yara_rule Contains a simple yara rule to hunt for possible compromised KeePass config files How-to Use a yara rule scanner, like yara, loki or thor-lite to scan systems with this rule The default location for the local KeePass config file is %APPDATA%\Roaming\KeePass\KeePassconfigxml

KeePass 2.53.1 with removed ECAS Trigger System Remediating CVE-2023-24055

KeePass-TriggerLess KeePass 2531 with removed ECAS Trigger System Remediating CVE-2023-24055

A PowerShell tool for backing up and exporting KeePass databases to a specified endpoint with GZip compression.

Invoke-KeePassBackup This PowerShell script has been crafted to streamline the process of transmitting KeePass databases to a designated endpoint Conceived as an indispensable tool for your penetration testing toolkit, it aims to facilitate the exfiltration of target databases, paving the way for subsequent exploitation 🕊️ The goal is to incorporate comprehensive KeePass

KeePass CVE-2023-24055复现

KeePass-CVE-2023-24055 KeePass CVE-2023-24055复现 KeePass CVE-2023-24055复现 1,准备机器:kali(192168232129),windows10(192168232128) 2,keepass版本:253 2,原理:通过修改keepass配置文件KeePassconfigxml,添加触发器配置项:导出明文密码并上传到攻击者服务器上;添加触发器的xml代码如下: 其中:&

CVE-2023-24055 PoC (KeePass 2.5x)

CVE-2023-24055 PoC (KeePass 25x) Under discussion and analysis sourceforgenet/p/keepass/discussion/329220/thread/a146e5cf6b/ sourceforgenet/p/keepass/feature-requests/2773/ An attacker who has write access to the KeePass configuration file can modify it and inject malicious triggers, eg to obtain the cleartext passwords by adding an export trigger h

PoC_CVE-2023-24055 How to run ? Edit the $User var in the script and replace value with your Username Open a PowerShell as administrator and run the script : /PoC_CVE-2023-24055ps1 After the script execution open KeePass Result is stored under "C:\Users\your_username\AppData\Local\Temp\outputxml" Password stored in cleartex

CVE-2023-24055 POC written in PowerShell.

Disclaimer This script is for educational and demonstration purposes only The author does not endorse or condone the use of this script for any criminal or malicious activities and it should only be used where explicitly allowed with proper permission This script should be used with caution, as it will alter the KeePass configuration file and delete any previously configured

POC and Scanner for CVE-2023-24055

CVE-2023-24055 POC and Scanner for CVE-2023-24055 Use at your own risk! config_scannerpy A simple Parser for the KeePass config file running unter Windows The tool will open the directory %APPDATA%\Roaming\KeePass\KeePassconfigxml and will output all triggers The triggers Execute command line / URL Synchronize active database with a file/URL Export active database are ma

A python tool to automate KeePass discovery and secret extraction.

A python script to help red teamers discover KeePass instances and extract secrets Features & Roadmap KeePwn is still in early development and not fully tested yet : please use it with caution and always try it in a lab before (legally) attacking real-life targets! KeePass Discovery Accept multiple target sources (IP, range, hostname, file) Automatically look f

Checks a single CVE or a list of CVEs against AttackerKB and optionally the National Vulnerability Database

attackerkb_checker Checks a single CVE or a list of CVEs against AttackerKB and optionally the National Vulnerability Database Usage attackerkb_checkerpy [--nvd] [--apikey=<str>] INPUT Options: -a <str>, --apikey=<str> The API key for AttackerKB --nvd Query National Vulnerability Database (NVD) for CVS ba

alt3kxgithubio RedTeamer | PentTester | Bug Bounty | 0day guy! | Researcher | Lone Wolf githubcom/alt3kx | @alt3kx My Exploit-db reference at: wwwexploit-dbcom/author/?a=1074 wwwexploit-dbcom/author/?a=9576 A handy collection of my public Exploits & CVE's, all available on wwwexploit-dbcom and cvemitreorg C

Table of Contents 2023 year top total 30 2022 year top total 30 2021 year top total 30 2020 year top total 30 2019 year top total 30 2018 year top total 30 2017 year top total 30 2016 year top total 30 2015 year top total 30 2014 year top total 30 2023 star updated_at name url des 422 2023-11-15T09:54:51Z qq-tim-elevation githubcom/vi3t1/qq-tim-elevation CVE-2

Table of Contents 2023 year top total 30 2022 year top total 30 2021 year top total 30 2020 year top total 30 2019 year top total 30 2018 year top total 30 2017 year top total 30 2016 year top total 30 2015 year top total 30 2014 year top total 30 2023 star updated_at name url des 422 2023-11-15T09:54:51Z qq-tim-elevation githubcom/vi3t1/qq-tim-elevation CVE-2

TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things

TOP all Top Top Top_Codeql TOP All bugbounty pentesting CVE-2022- POC Exp Things Table of Contents 2023 year top total 30 2022 year top total 30 2021 year top total 30 2020 year top total 30 2019 year top total 30 2018 year top total 30 2017 year top total 30 2016 year top total 30 2015 year top total 30 2014 year top total 30 2023 star updated_at name url des 422 202

PoC in GitHub 2023 CVE-2023-0045 missyes/CVE-2023-0045 es0j/CVE-2023-0045 CVE-2023-0179 TurtleARM/CVE-2023-0179-PoC CVE-2023-0297 (2023-01-13) Code Injection in GitHub repository pyload/pyload prior to 050b3dev31 bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad CVE-2023-0315 (2023-01-15) Command Injection in GitHub repository froxlor/froxlor prior to 208 mhaskar/C

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

PoC in GitHub 2023 CVE-2023-0045 (2023-04-25) The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bi