GitHub - AlessandroZ/LaZagne: Credentials recovery project (original) (raw)
Description
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software.
This project has been added to pupy as a post-exploitation module. Python code will be interpreted in memory without touching the disk and it works on Windows and Linux host.
Standalones
Standalones are now available here: https://github.com/AlessandroZ/LaZagne/releases/
Installation
pip install -r requirements.txt
Usage
- Launch all modules
- Launch only a specific module
- Launch only a specific software script
laZagne.exe browsers -firefox
- Write all passwords found into a file (-oN for Normal txt, -oJ for Json, -oA for All). Note: If you have problems to parse JSON results written as a multi-line strings, check this.
laZagne.exe all -oN
laZagne.exe all -oA -output C:\Users\test\Desktop
- Get help
laZagne.exe -h
laZagne.exe browsers -h
- Change verbosity mode (2 different levels)
- Quiet mode (nothing will be printed on the standard output)
laZagne.exe all -quiet -oA
- To decrypt domain credentials, it could be done specifying the user windows password. Otherwise it will try all passwords already found as windows passwords.
laZagne.exe all -password ZapataVive
Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication / sudo)
Mac OS
**Note: In Mac OS System, without the user password it is very difficult to retrieve passwords stored on the computer.**So, I recommend using one of these options
- If you know the user password, add it in the command line
laZagne all --password SuperSecurePassword
- You could use the interactive mode that will prompt a dialog box to the user until the password will be correct
Supported software
| Windows | Linux | Mac | |
|---|---|---|---|
| Browsers | 7Star Amigo Basilisk BlackHawk Brave Centbrowser Chedot Chrome Beta Chrome Canary Chromium Coccoc Comodo Dragon Comodo IceDragon Cyberfox DCBrowser Elements Browser Epic Privacy Browser Firefox Google Chrome Icecat K-Meleon Kometa Microsoft Edge Opera Opera GX Orbitum QQBrowser pale Moon SogouExplorer Sputnik Torch Uran Vivaldi Yandex | Brave Chromium Dissenter-Browser Firefox Google Chrome IceCat Microsoft Edge Opera SlimJet Vivaldi | Chrome Firefox |
| Chats | Pidgin Psi Skype | Pidgin Psi | |
| Databases | DBVisualizer Postgresql Robomongo Squirrel SQLdevelopper | DBVisualizer Squirrel SQLdevelopper | |
| Games | GalconFusion Kalypsomedia RogueTale Turba | ||
| Git | Git for Windows | ||
| Mails | Epyrus Interlink Outlook Thunderbird | Clawsmail Thunderbird | |
| Maven | Maven Apache | ||
| Dumps from memory | Keepass Mimikatz method | System Password | |
| Multimedia | EyeCON | ||
| PHP | Composer | ||
| SVN | Tortoise | ||
| Sysadmin | Apache Directory Studio CoreFTP CyberDuck FileZilla FileZilla Server FTPNavigator OpenSSH OpenVPN mRemoteNG KeePass Configuration Files (KeePass1, KeePass2) PuttyCMRcloneRDPManager VNC WinSCP Windows Subsystem for Linux | Apache Directory Studio AWS Docker Environnement variable FileZilla gFTP History files Shares SSH private keys KeePass Configuration Files (KeePassX, KeePass2) Grub Rclone | |
| Wifi | Wireless Network | Network Manager WPA Supplicant | |
| Internal mechanism passwords storage | Autologon MSCache Credential Files Credman DPAPI Hash Hashdump (LM/NT) LSA secret Vault Files | GNOME Keyring Kwallet Hashdump | Keychains Hashdump |
Compile
- Using Pyinstaller
pyinstaller --additional-hooks-dir=. -F --onefile laZagne.py
- Using Nuitka
python3 -m nuitka --standalone --onefile --include-package=lazagne laZagne.py
For developers
Please refer to the wiki before opening an issue to understand how to compile the project or to develop a new module.https://github.com/AlessandroZ/LaZagne/wiki
Donation
If you want to support my work doing a donation, I will appreciate a lot:
- Via BTC: 16zJ9wTXU4f1qfMLiWvdY3woUHtEBxyriu
- Via Paypal: https://www.paypal.me/lazagneproject
Special thanks
- Harmjoy for KeeThief
- n1nj4sec for his mimipy module
- Benjamin DELPY for mimikatz, which helps me to understand some Windows API.
- @skelsec for Pypykatz
- Moyix for Creddump
- N0fat for Chainbreaker
- Richard Moore for the AES module
- Todd Whiteman for the DES module
- mitya57 for secretstorage
- All contributors who help me on this project