Wordlist attacks on Bitwarden data.json files

Related tags

Security related resourcesBitwardenDecryptBrute
Overview

BitwardenDecryptBrute

This is a slightly modified version of BitwardenDecrypt. In addition to the decryption this version can do wordlist attacks for offline data.json files.

Usage:

bash decrypt.sh /path/to/data.json /path/to/wordlist.txt

alt text

BitwardenDecrypt

Decrypts an encrypted Bitwarden data.json file (from the desktop App).
You can safely store data.json as an encrypted, offline backup of your vault knowing you will always be able to decrypt it.

To determine the location of the data.json file see:
https://bitwarden.com/help/article/where-is-data-stored-computer/

Note: BitwardenDecrypt does not work with Bitwarden Encrypted JSON Exports.
These exports lack the Protected Symmetric Key needed to decrypt entries.

Limitations

  • Does not work with Bitwarden Encrypted JSON Exports.
    These exports lack the Protected Symmetric Key needed to decrypt entries.
  • No validation of the CipherString. I.e. No verification of the MAC before decrypting. Now verifies the MAC.
  • Can only decrypt EncryptionType: 2 (AesCbc256_HmacSha256_B64). At the time of writing this is the default used for all entries in the personal vault.
  • Does not decrypt anything from a Collection (Organization).
    Initial support for decrypting items from a Collection (Organization). This adds support for decrypting EncryptionType: 4 (Rsa2048_OaepSha1_B64)

License

This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details

Acknowledgments

Owner
Pentesting, scripting and pwning!
GitHub Repository
QHack-2022 - Solutions to the Coding Challenges of QHack 2022

QHack 2022 Problems from Coding Challenges 2022. Rules and how it works To test

Isacco Gobbi 1 Feb 14, 2022
Malware arcane - Scripts and notes on my malware analysis journey

Malware Arcane Repository of notes and scripts I use when doing malware analysis

9 Jun 01, 2022
Looks at Python code to search for things which look "dodgy" such as passwords or diffs

dodgy Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions desig

Landscape 112 Nov 25, 2022
proxyshell payload generate

Py Permutative Encoding https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-pst/5faf4800-645d-49d1-9457-2ac40eb467bd Generate proxyshell

Evi1cg 63 Nov 15, 2022
Lazarus analysis tools and research report

Lazarus Research This repository publishes analysis reports and analysis tools for Operation Dream Job and Operation JTrack for Lazarus. Tools Python

JPCERT Coordination Center 50 Sep 13, 2022
IDA Frida Plugin for tracing something interesting.

IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t

PandaOS 133 Dec 24, 2022
this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a

Titan_Exodous 1 Nov 04, 2021
Delta Sharing: An Open Protocol for Secure Data Sharing

Delta Sharing: An Open Protocol for Secure Data Sharing Delta Sharing is an open protocol for secure real-time exchange of large datasets, which enabl

Delta Lake 497 Jan 02, 2023
OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Marco Simioni 13 Jul 13, 2022
This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798).

CVE-2021-43798 – Grafana Exploit About This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798

Pedro Havay 12 Nov 18, 2022
Use scrapli to retrieve security zone information from a Juniper SRX firewall

Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t

Calvin Remsburg 2 Jun 19, 2022
Extendable payload obfuscation and delivery framework

NSGenCS What Is? An extremely simple, yet extensible framework to evade AV with obfuscated payloads under Windows. Installation Requirements Currently

123 Dec 19, 2022
🏃 Python Solutions of All Problems in FHC 2021 (In Progress)

FacebookHackerCup-2021 Python solutions of Facebook Hacker Cup 2021. Solution begins with * means it will get TLE in the largest data set (total compu

kamyu 14 Oct 15, 2022
AMC- Automatic Media Access Control [MAC] Address Spoofing Tool

AMC (Automatic Media Access Control [MAC] Address Spoofing tool), helps you to protect your real network hardware identity. Each entered time interval your hardware address was changed automatically.

Dipen Chavan 14 Dec 23, 2022
CVE-2022-22536 - SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536

CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22

antx 49 Nov 09, 2022
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

Chirag Agrawal 24 Dec 19, 2022
an impacket-dependent script exploiting CVE-2019-1040

dcpwn an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.

QAX A-Team 71 Nov 30, 2022
The probability of having the password you want in the PassMaker is +90%!!

PasswordMaker Strong listing password Introduction The probability of having the password you want in the tool is +90%!! How to Install Open the termi

MasterBurnt 4 Sep 05, 2021
Visius Heimdall is a tool that checks for risks on your cloud infrastructure

Heimdall Cloud Checker 🇧🇷 About Visius is a Brazilian cybersecurity startup that follows the signs of the crimson thunder ;) 🎸 ! As we value open s

visius 48 Jun 20, 2022
A proxy for asyncio.AbstractEventLoop for testing purposes

aioloop-proxy A proxy for asyncio.AbstractEventLoop for testing purposes. When tests writing for asyncio based code, there are controversial requireme

aio-libs 12 Dec 12, 2022