Lost my keys.

[mybtcrektbychina]

Howdy folks,

As i was trying to be safe i installed keepass to manage everything crypto and have been working with the program for some time now. It seems however, even though i am 100% sure i am using the right password, keepass is now rejecting my keys after i am trying to acces it after a few months. The reasons i know for sure the password is right, is that have named the db.file such as to give me a hint of what the password is. Also i have made many backups of the original db file and have used the same key over and over again to access the file.

However it may be keepass is rejecting it. Thus i can come to no other conclusion then that i must have forgoten a part of the password and or a double key has entered the password and as such i cant access the file anymore.

The only good part is i know 90% of the password. I have, seeing keepass is rejecting the keys, started to doubt about the other 10%. To give an example: the password is something in the order of $567Cryptokey567$ Now i am sure about the Cryptokey but i am not sure about the first four letters and later 4. I might have mixed these up or anything of the sort.
I was hoping if anyone of you knows a way to shuffle these around so as to get the right password.

Any help is welcome!
Thanks.

[1714506533]

1714506533

[1714506533]

1714506533

[jackg]

According to google, these two might be helpful...
https://hazzy.techanarchy.net/security/keepass-password-file-powershell-brute-force-attack-goodness/
https://github.com/devio/mod0keecrack

[bitmover]

You are looking for a" brute Force" software or script.

I never tried to use those, but you can Google "brute Force" keepass or something like that...

It is possible that your keepass was hacked.? I have never used these kind of programs before, because LastPass qas hacked, so I decide to handle passwords on my own.

[mybtcrektbychina]

Thanks for the reply guys. Ill ook in to the google links, thanks for that Jack. Ill give update laters. @Bit no it wasnt hacked. I checked my eth wallet and all funds are still there. I am also using 2FA so just getting to keepass wont do to get access to exchanges, etc.

Is there anyone with a script that can help me out? I am running Win 10.

[jackg]

I wouldn’t run the software directly off windows. Have you ever used Linux before? That’ll probably be better and faster for this and it means you won’t keep any viruses on your windows 10 system. It’s dofficult to run Linux on windows 10 machines though now as they’re designed to not look for other devices to boot from to protect against boot loader viruses.

[HCP]

Is it possible that you used multiple "keys" to secure your Keepass database and now you're missing one? According to the Keepass documentation, you can secure your database using one, some or all of the following:

KeePass stores your passwords securely in an encrypted file (database). This database is locked with a master password, a key file and/or the current Windows account details. To open a database, all key sources (password, key file, ...) are required. Together, these key sources form the Composite Master Key.

As indicated, all key sources used, are required to open the database. So if you used a password AND a key file, you need both to open it...

Is there anyone with a script that can help me out? I am running Win 10.

That first link provided by jackg was demonstrating a Windows Powershell script for bruteforcing... That should work with Win10, but you'd still need to generate your own password list to run against your database, as it seems unlikely that any of the common password lists available online would contain your password.

[mybtcrektbychina]

thanks HPC,

I only used a masterkey, no keyfile and or windows account. I did see the post from jack and ill try and see if i can make it work.

What might be of use is a way to mix a few combinations: i am now only doubting the first four letters used in front and at the end of the password. It should be: 1234!Password1234! but for whatever reason it could be !1234Password!1234 or 1234!Password!1234 etc.

Any one know of a tool that can do this for you?

[HCP]

You can use btcrecover to generate a list of passwords from a "token" file... it can be a bit complicated, and requires that you have Python installed, but it works.

The theory is you can pass it a file that includes the "building blocks" of a password... and it will generate all the various combinations of those blocks. For instance, if your token file was:

Code:

!1234
1234!
Password

It would generate:
!12341234!Password
!1234Password1234!
1234!Password!1234
1234!!1234Password
Password1234!!1234
Password!12341234!

It supports all sorts of nifty things like "anchors", (so you can specify that a particular token like "Password" is always used in position 2 etc.), wildcards, common typos etc.

Refer here: https://github.com/gurnec/btcrecover/blob/master/TUTORIAL.md#the-token-file

So, for you... it would be something like:

Code:

!1234
^2^Password
1234!

That way, Password would always be the 2nd token... and it would generate:
!1234Password1234!
1234!Password!1234

[jackg]

From the script I gave you the link for, you have to import your own list of available passwords. I can make you something to generate that list tomorrow if you’d like.

[mybtcrektbychina]

Thanks again guys really appreciate the help. @HCP i will try the btcrecover tho i dont hav phyton installed nor ever worked with it so i will need to do some digging first.
@Jack thanks, would really appreciate the help! I will follow up on the link u sent, hope i can figure it out.

[mybtcrektbychina]

Folks i found it: https://sourceforge.net/p/keepass/discussion/329221/thread/d283ac7a9d/
I posted on keepass and it seems, due to fresh install, keepass could not find the keyfile. Not its strange, because i never refered to a keyfile when unlocking. It seems to be something keepass did out of it self in the previous versions. I am very thankful for your reactions in these dark moments could have lost alot because of this. Thank you again guys!

[HCP]

As I suspected... the "keyfile".

Seems like an interesting design decision that Keepass have made there... and could be quite problematic for people who aren't paying attention due setup and/or who don't make "proper" backups of things!

Still, glad you got it sorted out... thanks for reporting back how you solved it.

[LoyceV]

Glad you solved it!
I have one tip for the future: always test your backups before relying on them. With KeePass, you can test your backups in a different environment by starting your PC from a Linux LIVE DVD:

Download and use offline. Use for example Ubuntu or Knoppix from a LIVE DVD without ethernet/Wi-Fi

Knoppix has KeePassX installed by default, I'm not sure about Ubuntu.

[mybtcrektbychina]

@HPC indeed u did mention it. The strange thing is when u make a backup, either using 'save as' or 'export', keepass doenst send the .key file with the kdbx. So you assume there is no keyfile being used and yet it does. Indeed could be problematic, im glad the fresh install did not delete it or i would have lost it all. @LoyceV, thanks mate, very good tip indeed. I got abit careless and annoyed cuz the pc bugged out and thus, seeing i knew my password 100% out of hearth, i just went with it. Could have cost me there. Cheers!