Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2023-32784

Description

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.

POC

Reference

- https://github.com/keepassxreboot/keepassxc/discussions/9433

- https://github.com/vdohney/keepass-password-dumper

- https://sourceforge.net/p/keepass/discussion/329220/thread/f3438e6283/

Github

- https://github.com/0xFFD700/Neuland-CTF-2023

- https://github.com/0xabdoulaye/CTFs-Journey

- https://github.com/1ocho3/NCL_V

- https://github.com/3mpir3Albert/HTB_Keeper

- https://github.com/4m4Sec/CVE-2023-32784

- https://github.com/7h4nd5RG0d/Forensics

- https://github.com/Aledangelo/HTB_Keeper_Writeup

- https://github.com/CTM1/CVE-2023-32784-keepass-linux

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/Cmadhushanka/CVE-2023-32784-Exploitation

- https://github.com/G4sp4rCS/CVE-2023-32784-password-combinator-fixer

- https://github.com/GhostTroops/TOP

- https://github.com/Hirusha-N/CVE-2021-34527-CVE-2023-38831-and-CVE-2023-32784

- https://github.com/JorianWoltjer/keepass-dump-extractor

- https://github.com/LeDocteurDesBits/cve-2023-32784

- https://github.com/MashrurRahmanRawnok/Keeper-HTB-Write--Up

- https://github.com/Mr-xn/Penetration_Testing_POC

- https://github.com/Orange-Cyberdefense/KeePwn

- https://github.com/Rajuaravinds/My-Book

- https://github.com/RawnokRahman/Keeper-HTB-Write--Up

- https://github.com/RiccardoRobb/Pentesting

- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories

- https://github.com/SarahZimmermann-Schmutzler/exploit_keepass

- https://github.com/SarahZimmermann-Schmutzler/pentesting_tools

- https://github.com/ValentinPundikov/poc-CVE-2023-32784

- https://github.com/ZarKyo/awesome-volatility

- https://github.com/binde74/Keepass

- https://github.com/chris-devel0per/HTB--keeper

- https://github.com/chris-devel0per/htb-keeper

- https://github.com/dawnl3ss/CVE-2023-32784

- https://github.com/dev0558/CVE-2023-32784-EXPLOIT-REPORT

- https://github.com/didyfridg/Writeup-THCON-2024---Keepas-si-safe

- https://github.com/forensicxlab/volatility3_plugins

- https://github.com/hau-zy/KeePass-dump-py

- https://github.com/hktalent/TOP

- https://github.com/josephalan42/CTFs-Infosec-Witeups

- https://github.com/le01s/poc-CVE-2023-32784

- https://github.com/lions2012/Penetration_Testing_POC

- https://github.com/mister-turtle/cve-2023-32784

- https://github.com/mylovemyon/memo

- https://github.com/nahberry/DuckPass

- https://github.com/nateahess/DuckPass

- https://github.com/nenandjabhata/CTFs-Journey

- https://github.com/neuland-ingolstadt/Neuland-CTF-2023-Winter

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/rvsvishnuv/rvsvishnuv.github.io

- https://github.com/s3mPr1linux/KEEPASS_PASS_DUMP

- https://github.com/theguly/stars

- https://github.com/und3sc0n0c1d0/BruteForce-to-KeePass

- https://github.com/vdohney/keepass-password-dumper

- https://github.com/ynuwenhof/keedump

- https://github.com/z-jxy/keepass_dump

- https://github.com/zhanpengliu-tencent/medium-cve