Extract a crackable hash from a KeePass database (.kdbx) with kdbx2john (keepass2john), ready for John the Ripper or hashcat. For authorized recovery only.
kdbx2john (keepass2john) reads a KeePass database file and produces a hash for recovering its master password offline. KeePass derives the master key with AES-KDF or Argon2 (KDBX 4) and a transform seed, which the hash captures. It does not open the database or reveal stored entries; it only extracts the parameters needed to test master-password guesses. Use it only on databases you own.
Input:
passwords.kdbx (KeePass database)
Output:
passwords:$keepass$*2*60000*0*<seed>*<...>
Does it support KDBX 3 and KDBX 4?
Yes. KDBX 3 uses AES-KDF; KDBX 4 can use Argon2. The hash records which KDF and its parameters so the cracker derives the key correctly.
What if the database also uses a key file?
If a key file or hardware key is required in addition to the password, the password alone is not enough and recovery will not succeed without that factor.
Which hashcat mode applies?
KeePass databases use hashcat mode 13400.
This tool extracts password hashes from KeePass database files, assisting in master password auditing and recovery.
Supported Tools: