Keefarce

KeeFarce fools KeyPass password manager into exporting its internal passwords database to CSV file

Denis Andzakovic, a security researcher for Security Assessment has released a tool that fools KeyPass password manager into exporting its internal passwords database to CSV file, using DLL injection. KeeFarce is also described as an in-memory looter for KeePass 2.x databases. See tool in GitHub. KeeFarce leverages DLL injection to export the information (including usernames and passwords) of a running and unlocked KeePass Database into a cleartext CSV file. Source code and prebuilt executables.