CVE-2023-24055

This repository provides a functional proof-of-concept for CVE-2023-24055, demonstrating how an attacker with write access to KeePass's configuration file can inject malicious triggers to exfiltrate cleartext passwords via XML export and PowerShell exfiltration.

This repository contains a functional proof-of-concept exploit for CVE-2023-24055, which manipulates KeePass's configuration file to add a malicious trigger that exports the database without requiring a master password. The PoC includes both a scanner to detect dangerous triggers and an exploit to inject a malicious export trigger.

This repository provides a YARA rule to detect potentially compromised KeePass configuration files related to CVE-2023-24055. It does not contain exploit code but aids in identifying affected systems.

This repository provides a functional proof-of-concept for CVE-2023-24055, demonstrating how KeePass's trigger system can be abused to exfiltrate plaintext passwords via a malicious XML configuration. The PoC includes detailed steps and XML payloads to export credentials and send them to an attacker-controlled server using PowerShell.

This PoC exploits CVE-2023-24055 in KeePass by modifying the KeePass.config.xml file to create a malicious trigger that exports database entries in cleartext to a temporary file. The script requires administrative privileges to modify directory permissions and the configuration file.

The repository contains source code files from KeePass, specifically focusing on the 'TriggerLess' modification. It includes configuration and application definition files but lacks explicit exploit code or technical analysis of CVE-2023-24055.

This PowerShell script exploits CVE-2023-24055 in KeePass by modifying the XML configuration file to add an export trigger, allowing cleartext password extraction and optional exfiltration to a remote URL. It demonstrates the vulnerability by altering KeePass triggers to export credentials to a specified file and optionally upload them via a crafted PowerShell command.