Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Description
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer.
Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.).
This tool has been developed for the purpose of finding these passwords for the most commonly-used software. At
this moment, it supports 22 Programs on Microsoft Windows and 12 on a Linux/Unix-Like OS.
Standalones
Standalones are now available here: https://github.com/AlessandroZ/LaZagne/releases/
Usage
Retrieve version
o cmd: laZagne.exe
o example: laZagne.exe browsers
o help: laZagne.exe -h
Launch only a specific software script
o cmd: laZagne.exe
o example: laZagne.exe browsers -f
o help: laZagne.exe browsers -h
Write all passwords found into a file (-w options)
o
Use a file for dictionary attacks (used only when it's necessary: mozilla masterpassword, system hahes, etc.).
The file has to be a wordlist in cleartext (no rainbow), it has not been optmized to be fast but could useful for
basic passwords.
o cmd: laZagne.exe all -path file.txt
Change verbosity mode (2 different levels)
o
Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication /
sudo)
Supported software
(*) used by many tools to store passwords: Chrome, Owncloud, Evolution, KMail, etc.
IE Browser history
Internet Explorer passwords (from IE7 and before Windows 8) can only be decrypted using the URL of the website.
This one is used as an argument of the Win32CryptUnprotectData api. Thus, using the browsing history of ie will permit
to decrypt many passwords. To do that, I used a dll written in C code (the code is in the "browser_history_dll" directory)
and it is directly embedded to the Python code as a Base64 string (c.f. ie.py). Once launched, the dll is written on the
disk, a wrapper is used to call dll functions and then the dll file is removed from the disk.
Windows hashes
To dump windows hashes and LSA Secrets, the impacket library has been used:
https://github.com/CoreSecurity/impacket
Create a class using the name of the software containing 2 importants functions:
to
be
send
to
the
"print_output"
function
ex:
If you want to improve this tool, you can send me your script and it will be added to this project (authors will be, of
course, credited on each script ;)).
Requirements
To compile the source code, some external libraries are required.
For Windows
o Python 2.7
o Colorama (for the Console colors): https://pypi.python.org/pypi/colorama
o Python for Windows Extensions: http://sourceforge.net/projects/pywin32/
o PyCrypto: pip install pycrypto
o Impacket (for Windows hashes + LSA Secrets): https://github.com/CoreSecurity/impacket
o Pyasn1 (for ASN1 decoding): https://pypi.python.org/pypi/pyasn1/
For Linux
o
o
o
o
o
o
Python 2.7
Argparse
PyCrypto: https://www.dlitz.net/software/pycrypto/
Dbus (Pidgin)
Python-kde4 (Kwallet)
Pyasn1 (for ASN1 decoding): https://pypi.python.org/pypi/pyasn1/
Link: https://github.com/AlessandroZ/LaZagne