Aperi’CTF 2019 - OP’Rikube
We’re given an oprikube.kdbx file.
Our intelligence services infiltrated the Telegram channel of an hacktivist group alleged to have been involved in the #OP’Rikube operation.
Many messages have been deleted on this channel following the operation. However, a file has been saved.
According to our sources, many hackers were involved in the operation, one of them rleportedly was a member of the Aperi’Kube group.
Analyze this file and find information about this hacker.
Crack the password of the KDBX file, export keepass data into a CSV file, search for
APRK, get the flag.
Since, we’re given a KDBX file, let’s try to crack its password using a wordlist!
Generate a john-the-ripper compatible hash:
keepass2john files/oprikube.kdbx | tee hash.txt
Crack the password:
john --format=KeePass --fork=20 --wordlist=rockyou.txt hash.txt john --show hash.txt
Woot! Let’s open it using KeePass2:
Looking at the entries, the file is composed of several users, the only item that allows us to identify them is their password (i. e.,
The user we’re looking for is a member of the Aperi’Kube team (
APRK), let’s look for this user!
First, we need to export the user database using the
File > Export > KeePass CSV (1.x) feature then grep it for the
grep "APRK" oprikube.csv
The user we’re looking for is the
The final flag is