CVE-2023-24055

KeePass CVE-2023-24055复现

KeePass-CVE-2023-24055 KeePass CVE-2023-24055复现 KeePass CVE-2023-24055复现 1，准备机器：kali（192168232129），windows10（192168232128） 2,keepass版本：253 2，原理：通过修改keepass配置文件KeePassconfigxml，添加触发器配置项：导出明文密码并上传到攻击者服务器上；添加触发器的xml代码如下： 其中：&

A python tool to automate KeePass discovery and secret extraction.

A python script to help red teamers discover KeePass instances and extract secrets Features & Roadmap KeePwn is still in early development and not fully tested yet : please use it with caution and always try it in a lab before (legally) attacking real-life targets! KeePass Discovery Accept multiple target sources (IP, range, hostname, file) Automatically look f

Checks a single CVE or a list of CVEs against AttackerKB and optionally the National Vulnerability Database

attackerkb_checker Checks a single CVE or a list of CVEs against AttackerKB and optionally the National Vulnerability Database Usage attackerkb_checkerpy [--nvd] [--apikey=<str>] INPUT Options: -a <str>, --apikey=<str> The API key for AttackerKB --nvd Query National Vulnerability Database (NVD) for CVS ba

POC and Scanner for CVE-2023-24055

CVE-2023-24055 POC and Scanner for CVE-2023-24055 Use at your own risk! config_scannerpy A simple Parser for the KeePass config file running unter Windows The tool will open the directory %APPDATA%\Roaming\KeePass\KeePassconfigxml and will output all triggers The triggers Execute command line / URL Synchronize active database with a file/URL Export active database are ma

CVE-2023-24055 POC written in PowerShell.

Disclaimer This script is for educational and demonstration purposes only The author does not endorse or condone the use of this script for any criminal or malicious activities and it should only be used where explicitly allowed with proper permission This script should be used with caution, as it will alter the KeePass configuration file and delete any previously configured

PoC_CVE-2023-24055 How to run ? Edit the $User var in the script and replace value with your Username Open a PowerShell as administrator and run the script : /PoC_CVE-2023-24055ps1 After the script execution open KeePass Result is stored under "C:\Users\your_username\AppData\Local\Temp\outputxml" Password stored in cleartex

Contains a simple yara rule to hunt for possible compromised KeePass config files

keepass_CVE-2023-24055_yara_rule Contains a simple yara rule to hunt for possible compromised KeePass config files How-to Use a yara rule scanner, like yara, loki or thor-lite to scan systems with this rule The default location for the local KeePass config file is %APPDATA%\Roaming\KeePass\KeePassconfigxml

KeePass 2.53.1 with removed ECAS Trigger System Remediating CVE-2023-24055

KeePass-TriggerLess KeePass 2531 with removed ECAS Trigger System Remediating CVE-2023-24055

CVE-2023-24055 PoC (KeePass 2.5x)

CVE-2023-24055 PoC (KeePass 25x) Under discussion and analysis sourceforgenet/p/keepass/discussion/329220/thread/a146e5cf6b/ sourceforgenet/p/keepass/feature-requests/2773/ An attacker who has write access to the KeePass configuration file can modify it and inject malicious triggers, eg to obtain the cleartext passwords by adding an export trigger h

A PowerShell tool for backing up and exporting KeePass databases to a specified endpoint with GZip compression.

Invoke-KeePassBackup This PowerShell script has been crafted to streamline the process of transmitting KeePass databases to a designated endpoint Conceived as an indispensable tool for your penetration testing toolkit, it aims to facilitate the exfiltration of target databases, paving the way for subsequent exploitation 🕊️ The goal is to incorporate comprehensive KeePass