Refactoring. Function Win32CryptUnprotectData returns bytes instead o…

…f str.
lotus321 · Jan 3, 2020 · b0c72ac · b0c72ac
1 parent 8baa73a
commit b0c72ac
Show file tree

Hide file tree

Showing 9 changed files with 22 additions and 17 deletions.
diff --git a/Windows/lazagne/config/winstructure.py b/Windows/lazagne/config/winstructure.py
@@ -645,11 +645,11 @@ def Win32CryptUnprotectData(cipherText, entropy=False, is_current_user=True, use
             blobEntropy = DATA_BLOB(len(entropy), bufferEntropy)
 
             if CryptUnprotectData(byref(blobIn), None, byref(blobEntropy), None, None, 0, byref(blobOut)):
-                decrypted = getData(blobOut).decode("utf-8")
+                decrypted = getData(blobOut)
 
         else:
             if CryptUnprotectData(byref(blobIn), None, None, None, None, 0, byref(blobOut)):
-                decrypted = getData(blobOut).decode("utf-8")
+                decrypted = getData(blobOut)
 
     if not decrypted:
         can_decrypt = True

diff --git a/Windows/lazagne/softwares/browsers/chromium_based.py b/Windows/lazagne/softwares/browsers/chromium_based.py
@@ -112,8 +112,9 @@ def _export_credentials(self, db_path, is_yandex=False):
                     # Failed...
                 else:
                     # Decrypt the Password
-                    password = Win32CryptUnprotectData(password, is_current_user=constant.is_current_user,
-                                                       user_dpapi=constant.user_dpapi)
+                    password_bytes = Win32CryptUnprotectData(password, is_current_user=constant.is_current_user,
+                                                             user_dpapi=constant.user_dpapi)
+                    password = password_bytes.decode("utf-8")
 
                 if not url and not login and not password:
                     continue

diff --git a/Windows/lazagne/softwares/browsers/ie.py b/Windows/lazagne/softwares/browsers/ie.py
@@ -117,7 +117,8 @@ def history_from_regedit(self):
     def decipher_password(self, cipher_text, u):
         pwd_found = []
         # deciper the password
-        pwd = win.Win32CryptUnprotectData(cipher_text, u, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+        pwd_bytes = win.Win32CryptUnprotectData(cipher_text, u, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+        pwd = pwd_bytes.decode("utf-8")
         a = ''
         if pwd:
             for i in range(len(pwd)):

diff --git a/Windows/lazagne/softwares/chats/skype.py b/Windows/lazagne/softwares/chats/skype.py
@@ -40,7 +40,8 @@ def get_regkey(self):
 
             # num = winreg.QueryInfoKey(hkey)[1]
             k = winreg.EnumValue(hkey, 0)[1]
-            return win.Win32CryptUnprotectData(k, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+            result_bytes = win.Win32CryptUnprotectData(k, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+            return result_bytes.decode("utf-8")
         except Exception as e:
             self.debug(str(e))
             return False

diff --git a/Windows/lazagne/softwares/mails/outlook.py b/Windows/lazagne/softwares/mails/outlook.py
@@ -52,8 +52,8 @@ def retrieve_info(self, hkey, name_key):
             k = winreg.EnumValue(hkey, x)
             if 'password' in k[0].lower():
                 try:
-                    password = win.Win32CryptUnprotectData(k[1][1:], is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
-                    values[k[0]] = password
+                    password_bytes = win.Win32CryptUnprotectData(k[1][1:], is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+                    values[k[0]] = password_bytes.decode("utf-8")
                 except Exception as e:
                     self.debug(str(e))
                     values[k[0]] = 'N/A'

diff --git a/Windows/lazagne/softwares/svn/tortoise.py b/Windows/lazagne/softwares/svn/tortoise.py
@@ -57,11 +57,11 @@ def run(self):
                     # encrypted the password
                     if result:
                         try:
-                            password = Win32CryptUnprotectData(base64.b64decode(result), is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+                            password_bytes = Win32CryptUnprotectData(base64.b64decode(result), is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
                             pwd_found.append({
                                 'URL': url,
                                 'Login': username,
-                                'Password': str(password)
+                                'Password': password_bytes.decode("utf-8")
                             })
                         except Exception:
                             pass

diff --git a/Windows/lazagne/softwares/sysadmin/cyberduck.py b/Windows/lazagne/softwares/sysadmin/cyberduck.py
@@ -37,10 +37,10 @@ def run(self):
                             or elem.attrib['name'].startswith('sftp') or elem.attrib['name'].startswith('http') \
                             or elem.attrib['name'].startswith('https'):
                         encrypted_password = base64.b64decode(elem.attrib['value'])
-                        password = Win32CryptUnprotectData(encrypted_password, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+                        password_bytes = Win32CryptUnprotectData(encrypted_password, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
                         pwd_found.append({
                             'URL': elem.attrib['name'],
-                            'Password': password,
+                            'Password': password_bytes.decode("utf-8"),
                         })
                 except Exception as e:
                     self.debug(str(e))

diff --git a/Windows/lazagne/softwares/sysadmin/openvpn.py b/Windows/lazagne/softwares/sysadmin/openvpn.py
@@ -22,10 +22,11 @@ def check_openvpn_installed(self):
             return False
 
     def decrypt_password(self, encrypted_password, entropy):
-        return Win32CryptUnprotectData(encrypted_password,
-                                       entropy=entropy,
-                                       is_current_user=constant.is_current_user,
-                                       user_dpapi=constant.user_dpapi)
+        result_bytes = Win32CryptUnprotectData(encrypted_password,
+                                               entropy=entropy,
+                                               is_current_user=constant.is_current_user,
+                                               user_dpapi=constant.user_dpapi)
+        return result_bytes.decode("utf-8")
 
     def get_credentials(self, key):
         pwd_found = []

diff --git a/Windows/lazagne/softwares/sysadmin/rdpmanager.py b/Windows/lazagne/softwares/sysadmin/rdpmanager.py
@@ -17,7 +17,8 @@ def __init__(self):
     def decrypt_password(self, encrypted_password):
         try:
             decoded = base64.b64decode(encrypted_password)
-            password_decrypted = Win32CryptUnprotectData(decoded, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+            password_decrypted_bytes = Win32CryptUnprotectData(decoded, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
+            password_decrypted = password_decrypted_bytes.decode("utf-8")
             password_decrypted = password_decrypted.replace('\x00', '')
         except Exception:
             password_decrypted = encrypted_password.replace('\x00', '')