diff --git a/Windows/src/LaZagne/config/constant.py b/Windows/src/LaZagne/config/constant.py index df0a0617..eae493ba 100644 --- a/Windows/src/LaZagne/config/constant.py +++ b/Windows/src/LaZagne/config/constant.py @@ -1,25 +1,25 @@ - -class constant(): - folder_name = 'results' - MAX_HELP_POSITION = 27 - CURRENT_VERSION = 0.1 - output = None - file_logger = None - - # jitsi options - jitsi_masterpass = None - - # mozilla options - isInteractive = False - manually = None - path = None - bruteforce = None - defaultpass = None - specific_path = None - mozilla_software = '' - - # ie options - ie_historic = None - - # total password found - nbPasswordFound = 0 + +class constant(): + folder_name = 'results' + MAX_HELP_POSITION = 27 + CURRENT_VERSION = 0.2 + output = None + file_logger = None + + # jitsi options + jitsi_masterpass = None + + # mozilla options + isInteractive = False + manually = None + path = None + bruteforce = None + defaultpass = None + specific_path = None + mozilla_software = '' + + # ie options + ie_historic = None + + # total password found + nbPasswordFound = 0 diff --git a/Windows/src/LaZagne/config/write_output.py b/Windows/src/LaZagne/config/write_output.py index 200c22ba..4bc404af 100644 --- a/Windows/src/LaZagne/config/write_output.py +++ b/Windows/src/LaZagne/config/write_output.py @@ -1 +1,119 @@ -from constant import constant from time import gmtime, strftime import os, getpass, socket import logging import WConio from config.header import Header # --------------------------- Functions used to write --------------------------- def write_header(): time = strftime("%Y-%m-%d %H:%M:%S", gmtime()) header = '''|====================================================================|\r\n | |\r\n | Credentsials discovery |\r\n | |\r\n | ! BANG BANG ! |\r\n | |\r\n |====================================================================|\r\n\r\n - Date: ''' + time + '''\n\r - Username: ''' + getpass.getuser() + ''' \r\n - Hostname: ''' + socket.gethostname() + ''' \r\n\r\n ------------------------------ Results ------------------------------\r\n\r\n''' open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(header) def write_footer(): footer = '\n[+] %s passwords have been found.\nFor more information launch it again with the -v option\n\n' % str(constant.nbPasswordFound) open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(footer) def write_credentials(pwdFound, category): tmp = "############ %s passwords ############\r\n\r\n" % category for pwd in pwdFound: for p in pwd.keys(): tmp = str(tmp) + str(p) + ": " + str(pwd[p]) + "\r\n" tmp = str(tmp) + "\r\n" open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(tmp) def checks_write(values, category): if values: if constant.output == 'txt': try: write_credentials(values, category) logging.info('[+] Credentials stored successfully on the file: %s\\credentials.txt\n' % constant.folder_name) except: logging.info('Couldn\'t write the results file\n') # --------------------------- End of functions used to write --------------------------- # --------------------------- Output functions --------------------------- def print_footer(): footer = '\n[+] %s passwords have been found.\nFor more information launch it again with the -v option\n' % str(constant.nbPasswordFound) logging.info(footer) # print output if passwords have been found def print_output(software_name, pwdFound): if pwdFound: # if the debug logging level is not apply => print the title if logging.getLogger().isEnabledFor(logging.DEBUG) == False: Header().title_info(software_name) toWrite = [] for pwd in pwdFound: lower_list = [s.lower() for s in pwd.keys()] password = [s for s in lower_list if "password" in s] key = [s for s in lower_list if "key" in s] # for the wifi # No password found if not password and not key: print_debug("FAILED", "Password not found !!!") else: print_debug("OK", "Password found !!!") toWrite.append(pwd) constant.nbPasswordFound += 1 for p in pwd.keys(): logging.info("%s: %s" % (p, pwd[p])) print # write credentials into a text file checks_write(toWrite, software_name) else: logging.debug("[!] No passwords found\n") def print_error(message): WConio.textcolor(WConio.LIGHTRED) logging.debug('[!] %s\n' % message) WConio.textcolor(WConio.LIGHTGREY) # def print_debug(message): # logging.debug('[!] %s\n' % message) def print_debug(error_level, message): if error_level == 'ERROR': WConio.textcolor(WConio.LIGHTRED) logging.debug('[ERROR] %s\n' % message) WConio.textcolor(WConio.LIGHTGREY) elif error_level == 'INFO': logging.debug('[INFO] %s\n' % message) # print when password is not found elif error_level == 'FAILED': WConio.textcolor(WConio.LIGHTRED) logging.info(message) WConio.textcolor(WConio.LIGHTGREY) # print when password is found elif error_level == 'OK': WConio.textcolor(WConio.GREEN) logging.info(message) WConio.textcolor(WConio.LIGHTGREY) elif error_level == 'DEBUG': logging.debug('%s\n' % message) else: logging.debug('[%s] %s' % (error_level, message)) # --------------------------- End of output functions --------------------------- \ No newline at end of file +from constant import constant +from time import gmtime, strftime +import os, getpass, socket +import logging +import WConio +from config.header import Header + +# --------------------------- Functions used to write --------------------------- + +def write_header(): + time = strftime("%Y-%m-%d %H:%M:%S", gmtime()) + header = '''|====================================================================|\r\n +| |\r\n +| Credentsials discovery |\r\n +| |\r\n +| ! BANG BANG ! |\r\n +| |\r\n +|====================================================================|\r\n\r\n +- Date: ''' + time + '''\n\r +- Username: ''' + getpass.getuser() + ''' \r\n +- Hostname: ''' + socket.gethostname() + ''' \r\n\r\n +------------------------------ Results ------------------------------\r\n\r\n''' + + open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(header) + +def write_footer(): + footer = '\n[+] %s passwords have been found.\r\nFor more information launch it again with the -v option\r\n\r\n' % str(constant.nbPasswordFound) + open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(footer) + +def write_credentials(pwdFound, category): + tmp = "############ %s passwords ############\r\n\r\n" % category + for pwd in pwdFound: + for p in pwd.keys(): + tmp = str(tmp) + str(p) + ": " + str(pwd[p]) + "\r\n" + tmp = str(tmp) + "\r\n" + open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(tmp) + +def checks_write(values, category): + if values: + if constant.output == 'txt': + try: + write_credentials(values, category) + logging.info('[+] Credentials stored successfully on the file: %s\\credentials.txt\n' % constant.folder_name) + except: + logging.info('Couldn\'t write the results file\n') + +# --------------------------- End of functions used to write --------------------------- + +# --------------------------- Output functions --------------------------- +def print_footer(): + footer = '\n[+] %s passwords have been found.\nFor more information launch it again with the -v option\n' % str(constant.nbPasswordFound) + logging.info(footer) + +# print output if passwords have been found +def print_output(software_name, pwdFound): + if pwdFound: + # if the debug logging level is not apply => print the title + if logging.getLogger().isEnabledFor(logging.DEBUG) == False: + Header().title_info(software_name) + + toWrite = [] + for pwd in pwdFound: + lower_list = [s.lower() for s in pwd.keys()] + password = [s for s in lower_list if "password" in s] + key = [s for s in lower_list if "key" in s] # for the wifi + + # No password found + if not password and not key: + print_debug("FAILED", "Password not found !!!") + else: + print_debug("OK", "Password found !!!") + toWrite.append(pwd) + constant.nbPasswordFound += 1 + + for p in pwd.keys(): + logging.info("%s: %s" % (p, pwd[p])) + print + + # write credentials into a text file + checks_write(toWrite, software_name) + else: + logging.debug("[!] No passwords found\n") + +def print_error(message): + WConio.textcolor(WConio.LIGHTRED) + logging.debug('[!] %s\n' % message) + WConio.textcolor(WConio.LIGHTGREY) + +# def print_debug(message): + # logging.debug('[!] %s\n' % message) + +def print_debug(error_level, message): + if error_level == 'ERROR': + WConio.textcolor(WConio.LIGHTRED) + logging.debug('[ERROR] %s\n' % message) + WConio.textcolor(WConio.LIGHTGREY) + + elif error_level == 'INFO': + logging.debug('[INFO] %s\n' % message) + + # print when password is not found + elif error_level == 'FAILED': + WConio.textcolor(WConio.LIGHTRED) + logging.info(message) + WConio.textcolor(WConio.LIGHTGREY) + + # print when password is found + elif error_level == 'OK': + WConio.textcolor(WConio.GREEN) + logging.info(message) + WConio.textcolor(WConio.LIGHTGREY) + + elif error_level == 'DEBUG': + logging.debug('%s\n' % message) + + else: + logging.debug('[%s] %s' % (error_level, message)) + +# --------------------------- End of output functions --------------------------- \ No newline at end of file diff --git a/Windows/src/LaZagne/laZagne.py b/Windows/src/LaZagne/laZagne.py index 4b2e338d..352f6467 100644 --- a/Windows/src/LaZagne/laZagne.py +++ b/Windows/src/LaZagne/laZagne.py @@ -35,6 +35,7 @@ from softwares.chats.jitsi import Jitsi # wifi from softwares.wifi.wifi import Wifi +from softwares.wifi.wifipass import WifiPass # mails from softwares.mails.outlook import Outlook # databases @@ -58,6 +59,7 @@ # Wifi modules['wifi'] = {} modules['wifi']['wifi'] = Wifi() +modules['wifi']['wifipass'] = WifiPass() # SVN modules['svn'] = {} modules['svn']['tortoise'] = Tortoise() @@ -116,11 +118,14 @@ def verbosity(): def launch_module(b): ok = False + # launch only a specific module for i in args.keys(): if args[i]: if i in b.keys(): b[i].retrieve_password() ok = True + + # launch all modules if not ok: for i in b.keys(): b[i].retrieve_password() @@ -296,7 +301,9 @@ def error(self, message): #1.6- Parent parser: wifi PWifi = argparse.ArgumentParser(add_help=False,formatter_class=lambda prog: argparse.HelpFormatter(prog, max_help_position=constant.MAX_HELP_POSITION)) PWifi._optionals.title = 'Wifi' -PWifi.add_argument('-wi', action='store_true', dest='wifi', help='Vista and higher - Need System Privileges') +PWifi.add_argument('-wi', action='store_true', dest='wifi', help='Vista and higher - Need Admin Privileges (UAC Bypassed)') +# Manage wifi (when executed with a system account) +PWifi.add_argument('--HiddenWifiArgs', action='store_true', dest='wifipass', help=argparse.SUPPRESS) #1.6- Parent parser: windows PWindows = argparse.ArgumentParser(add_help=False,formatter_class=lambda prog: argparse.HelpFormatter(prog, max_help_position=constant.MAX_HELP_POSITION)) @@ -359,4 +366,3 @@ def error(self, message): elapsed_time = time.time() - start_time print 'elapsed time = ' + str(elapsed_time) - diff --git a/Windows/src/LaZagne/softwares/wifi/wifi.py b/Windows/src/LaZagne/softwares/wifi/wifi.py index a45847fb..3d635bb1 100644 --- a/Windows/src/LaZagne/softwares/wifi/wifi.py +++ b/Windows/src/LaZagne/softwares/wifi/wifi.py @@ -1,66 +1,58 @@ -import xml.etree.cElementTree as ET -import os, win32crypt -import binascii from config.write_output import print_output, print_debug -from config.constant import * from config.header import Header +from config.get_system_priv import get_system_priv +from ctypes import * +import time, tempfile +from ConfigParser import RawConfigParser +import os class Wifi(): def retrieve_password(self): + # print title Header().title_debug('Wifi') - if 'ALLUSERSPROFILE' in os.environ: - directory = os.environ['ALLUSERSPROFILE'] + os.sep + 'Microsoft\Wlansvc\Profiles\Interfaces' - else: - print_debug('ERROR', 'Environment variable (ALLUSERSPROFILE) has not been found.') + if not windll.Shell32.IsUserAnAdmin(): + print_debug('ERROR', '[!] This script should be run as admin!') return - - # for windows Vista or higher - if os.path.exists(directory): - rep = [] - pwdFound = [] - for repository in os.listdir(directory): - if os.path.isdir(directory + os.sep + repository): - - rep = directory + os.sep + repository - for file in os.listdir(rep): - values = {} - if os.path.isfile(rep + os.sep + file): - f = rep + os.sep + file - tree = ET.ElementTree(file=f) - root = tree.getroot() - xmlns = root.tag.split("}")[0] + '}' - - iterate = False - for elem in tree.iter(): - if elem.tag.endswith('SSID'): - for w in elem: - if w.tag == xmlns + 'name': - values['SSID'] = w.text - - if elem.tag.endswith('authentication'): - values['Authentication'] = elem.text - - if elem.tag.endswith('protected'): - values['Protected'] = elem.text - - if elem.tag.endswith('keyMaterial'): - key = elem.text - try: - binary_string = binascii.unhexlify(key) - password = win32crypt.CryptUnprotectData(binary_string, None, None, None, 0)[1] - values['Password'] = password - except: - values['INFO'] = '[!] Password not found. Try with System privileges' - - # store credentials - if len(values) != 0: - pwdFound.append(values) - - # print the results - print_output("Wifi", pwdFound) else: - print_debug('INFO', 'No credentials found.\nFile containing passwords not found:\n%s' % directory) - \ No newline at end of file + + if 'ALLUSERSPROFILE' in os.environ: + directory = os.environ['ALLUSERSPROFILE'] + os.sep + 'Microsoft\Wlansvc\Profiles\Interfaces' + else: + print_debug('ERROR', 'Environment variable (ALLUSERSPROFILE) has not been found.') + return + + if not os.path.exists(directory): + print_debug('INFO', 'No credentials found.\nFile containing passwords not found:\n%s' % directory) + return + + try: + print_debug('INFO', '[!] Trying to elevate our privilege') + get_system_priv() + print_debug('INFO', '[!] Elevation ok - Passwords decryption is in progress') + except: + print_debug('ERROR', '[!] An error occurs during the privilege elevation process. Wifi passwords have not been decrypted') + + time.sleep(5) + + # read temp file containing all passwords found + pwdFound = [] + filepath = tempfile.gettempdir() + os.sep + 'TEMP123A.txt' + if os.path.exists(filepath): + cp = RawConfigParser() + cp.read(filepath) + for section in cp.sections(): + values = {} + for c in cp.items(section): + values[str(c[0])] = str(c[1]) + pwdFound.append(values) + + # remove file on the temporary directory + os.remove(filepath) + + # print the results + print_output("Wifi", pwdFound) + else: + print_debug('INFO', 'No passwords found') \ No newline at end of file diff --git a/Windows/standalone/laZagne.exe b/Windows/standalone/laZagne.exe index 4bfcbcb4..a5330de2 100644 Binary files a/Windows/standalone/laZagne.exe and b/Windows/standalone/laZagne.exe differ