Skip to content

RedTeamPentesting/bitwarden-windows-hello

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
dpapidump
dpapidump
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
hello-bitwarden.py
hello-bitwarden.py
 
 

Repository files navigation

Tools to Exploit Bitwarden v2023.3.0 with Windows Hello

This repository contains the tools to exploit Bitwarden v2023.3.0 when the Windows Hello feature is enabled as described in our blog post.

Dump Keys from DPAPI

The tool dpapidump dumps credentials from DPAPI, including the biometric key of Bitwarden v2023.3.0 (CVE-2023-27706). It can be used as follows:

cd dpapidump
GOOS=windows go build
./dpapidump.exe

Decrypt Bitwarden Vault

The Python script hello-bitwarden.py can be used to decrypt a Bitwarden password vault using the biometric key obtained from DPAPI or a password. The script can be used as follows:

./hello-bitwarden.py <path to data.json> --biometric <base64-encoded key>
./hello-bitwarden.py <path to data.json> --password <password>

The file data.json is created by Bitwarden and can usually be found at the following path:

%AppData%\Bitwarden\data.json

About

Tools to Exploit Bitwarden v2023.3.0 with Windows Hello

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

29 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages