keychainbreaker-rs
Rust library and CLI for parsing and decrypting macOS Keychain files (login.keychain-db).
This is a Rust port of the Go library at https://github.com/moond4rk/keychainbreaker. The encryption mechanics are identical; this repository tracks Go upstream for crypto correctness and re-defines the surface for idiomatic Rust ergonomics.
What It Does
- Reads
.keychain-dbfiles with a pure binary parser — no macOS APIs, so it also runs on Linux and Windows. - Decrypts stored credentials from the keychain password (PBKDF2-HMAC-SHA1) or a recovered 24-byte master key.
- Extracts generic passwords, internet passwords, PKCS#8 private keys, and X.509 certificates.
- Exports a
hashcatmode 23100 / John the Ripper hash for offline cracking — no password required.
Crates
| Crate | Purpose |
|---|---|
keychainbreaker |
The library. Pure Rust, no unsafe, no platform-specific code. |
keychainbreaker-cli |
The keychainbreaker binary with dump, hash, and version subcommands. |
Both crates are edition 2024, MSRV 1.88.
Installation
Quick Start
Library
use ;
let mut kc = open_file?;
kc.unlock?;
for entry in kc.generic_passwords?
Record types are serializable through the default-on serde feature. Turn it off if you only need decryption:
= { = "0.2", = false }
CLI
# Extract everything to JSON (prompts for the password when -p is omitted)
# Same, with full diagnostics on stderr
# Export a crackable hash — no unlock needed
A wrong or missing password still yields a metadata-only dump (record names and timestamps, no secrets) rather than an error. To decrypt with a recovered 24-byte master key instead of a password, pass -k <hex>.
Compatibility
- Any host OS. The parser is pure Rust and never calls macOS APIs, so a
.keychain-dbcopied to Linux or Windows decrypts exactly as it does on macOS. - macOS 26.4+ (v2 keychains). A fresh 26.4 install — or an upgrade to it — re-encrypts the login keychain to
blobVersion=2, binding decryption to the device's Secure Enclave. Such keychains cannot be decrypted offline from the file and password alone; decryption needs a 24-byte master key recovered on the originating machine, supplied via-k/Credential::Key. OlderblobVersion=1keychains are unaffected. - JSON output vs. Go. Byte-identical, except that missing/zero timestamps are omitted here instead of emitted as
"0001-01-01T00:00:00Z".
Building from Source
Ethics and Authorization
This tool is for authorized security testing, digital forensics, and credential recovery on systems you own or have explicit permission to access. Using it against systems you do not own is illegal in most jurisdictions and is not what this project is for.
License
Licensed under the Apache License, Version 2.0. Same as the upstream Go project.