c.f changelog v0.3

lvillatoro · May 4, 2015 · abbfb28 · abbfb28
1 parent d13d047
commit abbfb28
Show file tree

Hide file tree

Showing 50 changed files with 680 additions and 652 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,4 +1,14 @@
-LaZagne 0.2 (27/04/2014)
+LaZagne 0.3 (30/04/2015)
+- For Windows
+	* Flexibility on the code: much more easy to add modules
+	* Passwords found previously are used to test firefox masterpassword if set
+
+- For Linux
+	* Flexibility on the code: much more easy to add modules
+	* Passwords found previously are used to test firefox masterpassword if set
+	* 2 different standalones (32 bits / 64 bits)
+
+LaZagne 0.2 (27/04/2015)
 - For Windows
 	* New modules: Windows hashes + LSA Secrets
 	* Passwords found previously are used to test windows hashes and firefox masterpassword

diff --git a/Linux/src/LaZagne.py b/Linux/src/LaZagne.py
diff --git a/Linux/src/config/constant.py b/Linux/src/config/constant.py
@@ -2,7 +2,7 @@
 class constant():
 	folder_name = 'results'
 	MAX_HELP_POSITION = 27
-	CURRENT_VERSION = 0.1
+	CURRENT_VERSION = 0.3
 	output = None
 	file_logger = None
 	verbose = False
@@ -20,3 +20,4 @@ class constant():
 
 	# total password found
 	nbPasswordFound = 0
+	passwordFound = []
diff --git a/Linux/src/config/manageModules.py b/Linux/src/config/manageModules.py
@@ -0,0 +1,46 @@
+# keyring
+from softwares.wallet.gnome import Gnome
+from softwares.wallet.kde import KDE
+# browsers
+from softwares.browsers.mozilla import Mozilla
+from softwares.browsers.opera import Opera
+# sysadmin
+from softwares.sysadmin.filezilla import Filezilla
+from softwares.sysadmin.env_variable import Env_variable
+# chats
+from softwares.chats.pidgin import Pidgin
+from softwares.chats.jitsi import Jitsi
+# wifi
+from softwares.wifi.wifi import Wifi
+# databases
+from softwares.databases.squirrel import Squirrel
+from softwares.databases.dbvis import DbVisualizer
+from softwares.databases.sqldeveloper import SQLDeveloper
+
+def get_categories():
+	category = {
+		'chats': {'help': 'Chat clients supported'},
+		'sysadmin': {'help': 'SCP/SSH/FTP/FTPS clients supported'},
+		'database': {'help': 'SQL clients supported'},
+		'mails': {'help': 'Email clients supported'},
+		'wifi': {'help': 'Wifi'},
+		'browsers': {'help': 'Web browsers supported'},
+		'wallet': {'help': 'Windows credentials (credential manager, etc.)'}
+	}
+	return category
+
+def get_modules():
+	moduleNames = [
+		DbVisualizer(),
+		Env_variable(),
+		Filezilla(),
+		Gnome(),
+		Jitsi(),
+		Mozilla(),
+		Opera(),
+		Pidgin(),
+		SQLDeveloper(),
+		Squirrel(),
+		Wifi()
+	]
+	return moduleNames
diff --git a/Linux/src/config/moduleInfo.py b/Linux/src/config/moduleInfo.py
@@ -0,0 +1,34 @@
+# name => Name of a class
+# category => windows / browsers / etc
+# options => dictionary
+#	 - command
+#	 - action
+#	 - dest
+#	 - help
+#	ex: ('-s', action='store_true', dest='skype', help='skype')
+#		options['command'] = '-s'
+#		options['action'] = 'store_true'
+#		options['dest'] = 'skype'
+#		options['help'] = 'skype'
+
+class ModuleInfo():
+	def __init__(self, name, category, options, suboptions = []):
+		self.name = name
+		self.category = category
+		self.options = options
+		self.suboptions = suboptions
+
+	def name(self):
+		return self.name
+
+	def category(self):
+		return self.category
+
+	def options(self):
+		return self.options
+
+	def suboptions(self):
+		return self.suboptions
+
+
+
diff --git a/Linux/src/config/write_output.py b/Linux/src/config/write_output.py
@@ -27,7 +27,7 @@ def write_header():
 	open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(header)
 
 def write_footer():
-	footer = '\n[+] %s passwords have been found.\nFor more information launch it again  with the -v option\n\n' % str(constant.nbPasswordFound)
+	footer = '\n[+] %s passwords have been found.\n\n' % str(constant.nbPasswordFound)
 	open(constant.folder_name + os.sep + 'credentials.txt',"a+b").write(footer)
 
 def write_credentials(pwdFound, category):
@@ -52,7 +52,9 @@ def checks_write(values, category):
 # --------------------------- Output functions ---------------------------
 
 def print_footer():
-	footer = '\n[+] %s passwords have been found.\nFor more information launch it again with the -v option\n' % str(constant.nbPasswordFound)
+	footer = '\n[+] %s passwords have been found.\n' % str(constant.nbPasswordFound)
+	if logging.getLogger().isEnabledFor(logging.DEBUG) == False:
+		footer += 'For more information launch it again with the -v option\n'
 	logging.info(footer)
 
 # print output if passwords have been found
@@ -74,7 +76,15 @@ def print_output(software_name, pwdFound):
 			else:
 				print_debug("OK", "Password found !!!")
 				toWrite.append(pwd)
+				# Store all passwords found on a table => for dictionnary attack if masterpassword set
 				constant.nbPasswordFound += 1
+				try:
+					if password:
+						constant.passwordFound.append(pwd['Password'].strip())
+					elif key:
+						constant.passwordFound.append(pwd['key'])
+				except:
+					pass
 
 			for p in pwd.keys():
 				logging.info("%s: %s" % (p, pwd[p]))

diff --git a/Linux/src/softwares/browsers/mozilla.py b/Linux/src/softwares/browsers/mozilla.py
@@ -14,6 +14,7 @@
 from config.header import Header
 from config.constant import *
 from config.write_output import print_debug, print_output
+from config.moduleInfo import ModuleInfo
 
 # Password structures
 class SECItem(Structure):
@@ -67,13 +68,13 @@ def done(self):
 		self.conn.close()
 
 
-class Mozilla():
+class Mozilla(ModuleInfo):
 	# b = brute force attack
 	# m = manually
 	# d = default list
 	# a = dictionnary attack
 
-	def __init__(self):
+	def __init__(self, isThunderbird = False):
 
 		self.credentials_categorie = None
 		self.libnss = None
@@ -88,6 +89,22 @@ def __init__(self):
 		self.dictionnary_path = None
 		self.number_toStop = None
 
+		# Manage options
+		suboptions = [
+			{'command': '-m', 'action': 'store', 'dest': 'manually', 'help': 'enter the master password manually', 'title': 'Advanced Mozilla master password options'},
+			{'command': '-p', 'action': 'store', 'dest': 'path', 'help': 'path of a dictionnary file', 'title': 'Advanced Mozilla master password options'},
+			{'command': '-b', 'type':int, 'action': 'store', 'dest': 'bruteforce', 'help': 'number of caracter to brute force', 'title': 'Advanced Mozilla master password options'},
+			{'command': '-d', 'action': 'store_true', 'dest': 'defaultpass', 'help': 'try 500 most common passwords', 'title': 'Advanced Mozilla master password options'},
+			{'command': '-s', 'action': 'store', 'dest': 'specific_path', 'help': 'enter the specific path to a profile you want to crack', 'title': 'Advanced Mozilla master password options'}
+		]
+
+		if not isThunderbird:
+			options = {'command': '-f', 'action': 'store_true', 'dest': 'firefox', 'help': 'firefox'}
+			ModuleInfo.__init__(self, 'firefox', 'browsers', options, suboptions)
+		else:
+			options = {'command': '-t', 'action': 'store_true', 'dest': 'thunderbird', 'help': 'thunderbird'}
+			ModuleInfo.__init__(self, 'thunderbird', 'browsers', options, suboptions)
+
 	def __del__(self):
 		self.libnss = None
 
@@ -270,10 +287,11 @@ def found_masterpassword(self):
 
 		# 500 most used passwords
 		if 'd' in self.toCheck:
-			num_lines = (len(get_dico())-1)
+			wordlist = get_dico() + constant.passwordFound
+			num_lines = (len(wordlist)-1)
 			print_debug('ATTACK', '%d most used passwords !!! ' % num_lines)
 
-			for word in get_dico():
+			for word in wordlist:
 				if self.is_masterpassword_correct(word):
 					print_debug('FIND', 'Master password found: %s\n' % word.strip())
 					return True
@@ -306,7 +324,7 @@ def found_masterpassword(self):
 	# ------------------------------ End of Master Password Functions ------------------------------
 
 	# main function
-	def retrieve_password(self):
+	def run(self):
 		self.manage_advanced_options()
 
 		software_name = constant.mozilla_software

diff --git a/Linux/src/softwares/browsers/opera.py b/Linux/src/softwares/browsers/opera.py
@@ -5,11 +5,16 @@
 from config.header import Header
 from config.constant import *
 from config.write_output import print_debug, print_output
+from config.moduleInfo import ModuleInfo
 
 CIPHERED_FILE = ''
 
-class Opera():
-	def retrieve_password(self):
+class Opera(ModuleInfo):
+	def __init__(self):
+		options = {'command': '-o', 'action': 'store_true', 'dest': 'opera', 'help': 'opera'}
+		ModuleInfo.__init__(self, 'opera', 'browsers', options)
+
+	def run(self):
 		# print the title
 		Header().title_debug('Opera')
 

diff --git a/Linux/src/softwares/chats/jitsi.py b/Linux/src/softwares/chats/jitsi.py
@@ -5,12 +5,17 @@
 from config.header import Header
 from config.constant import *
 from config.write_output import print_debug, print_output
+from config.moduleInfo import ModuleInfo
 
 # From https://github.com/mitsuhiko/python-pbkdf2
 from pbkdf2 import pbkdf2_bin
 
-class Jitsi():
+class Jitsi(ModuleInfo):
 	def __init__(self):
+		options = {'command': '-j', 'action': 'store_true', 'dest': 'jitsi', 'help': 'jitsi'}
+		suboptions = [{'command': '-ma', 'action': 'store', 'dest': 'master_pwd', 'help': 'enter the master password manually', 'title': 'Advanced jitsi option'}]
+		ModuleInfo.__init__(self, 'jitsi', 'chats', options, suboptions)
+
 		self.keylen = 32
 		self.iterations = 1024
 		self.padding = '\f'
@@ -96,7 +101,7 @@ def decrypt_password(self, encrypted_pass):
 		return plaintext
 
 	# main function
-	def retrieve_password(self):
+	def run(self):
 		# print the title
 		Header().title_debug('Jitsi')
 

diff --git a/Linux/src/softwares/chats/pidgin.py b/Linux/src/softwares/chats/pidgin.py
@@ -4,8 +4,12 @@
 from config.constant import *
 from config.write_output import print_debug, print_output
 import dbus
+from config.moduleInfo import ModuleInfo
 
-class Pidgin():
+class Pidgin(ModuleInfo):
+	def __init__(self):
+		options = {'command': '-p', 'action': 'store_true', 'dest': 'pidgin', 'help': 'pidgin'}
+		ModuleInfo.__init__(self, 'pidgin', 'chats', options)
 
 	# if pidgin is started, use the api to retrieve all passwords
 	def check_if_pidgin_started(self):
@@ -30,7 +34,7 @@ def check_if_pidgin_started(self):
 			return False
 
 
-	def retrieve_password(self):
+	def run(self):
 		# print the title
 		Header().title_debug('Pidgin')
 

diff --git a/Linux/src/softwares/databases/dbvis.py b/Linux/src/softwares/databases/dbvis.py
@@ -5,8 +5,12 @@
 import xml.etree.cElementTree as ET
 from config.header import Header
 from config.write_output import print_debug, print_output
+from config.moduleInfo import ModuleInfo
 
-class DbVisualizer():
+class DbVisualizer(ModuleInfo):
+	def __init__(self):
+		options = {'command': '-d', 'action': 'store_true', 'dest': 'dbvis', 'help': 'dbvisualizer'}
+		ModuleInfo.__init__(self, 'dbvis', 'database', options)
 
 	# ---- functions used to decrypt the password ----
 	def get_salt(self):
@@ -97,7 +101,7 @@ def get_mainPath(self):
 		else:
 			return 'DBVIS_NOT_EXISTS'
 
-	def retrieve_password(self):
+	def run(self):
 		# print the title
 		Header().title_debug('DbVisualizer')
 

diff --git a/Linux/src/softwares/databases/sqldeveloper.py b/Linux/src/softwares/databases/sqldeveloper.py
@@ -6,8 +6,13 @@
 from config.header import Header
 from config.constant import *
 from config.write_output import print_debug, print_output
+from config.moduleInfo import ModuleInfo
+
+class SQLDeveloper(ModuleInfo):
+	def __init__(self):
+		options = {'command': '-s', 'action': 'store_true', 'dest': 'sqldeveloper', 'help': 'sqldeveloper'}
+		ModuleInfo.__init__(self, 'sqldeveloper', 'database', options)
 
-class SQLDeveloper():
 	def get_salt(self):
 		salt_array = [5, 19, -103, 66, -109, 114, -24, -83]
 		salt = array.array('b', salt_array)
@@ -127,7 +132,7 @@ def get_infos(self, path, passphrase, salt):
 		else:
 			print_debug('WARNING', 'The xml file containing the passwords has not been found.')
 
-	def retrieve_password(self):
+	def run(self):
 
 		# print the title
 		Header().title_debug('SQL Developer')

diff --git a/Linux/src/softwares/databases/squirrel.py b/Linux/src/softwares/databases/squirrel.py
@@ -2,9 +2,14 @@
 from config.header import Header
 from config.constant import *
 from config.write_output import print_debug, print_output
+from config.moduleInfo import ModuleInfo
 import os
 
-class Squirrel():
+class Squirrel(ModuleInfo):
+	def __init__(self):
+		options = {'command': '-q', 'action': 'store_true', 'dest': 'squirrel', 'help': 'squirrel'}
+		ModuleInfo.__init__(self, 'squirrel', 'database', options)
+
 	def get_path(self):
 
 		path = '~/.squirrel-sql'
@@ -40,7 +45,7 @@ def parse_xml(self, xml_file):
 		print_output('Squirrel', pwdFound)
 
 	# Main function
-	def retrieve_password(self):
+	def run(self):
 		# print the title
 		Header().title_debug('Squirrel')
 

diff --git a/Linux/src/softwares/sysadmin/env_variable.py b/Linux/src/softwares/sysadmin/env_variable.py
@@ -2,10 +2,14 @@
 import os
 from config.header import Header
 from config.write_output import  print_debug, print_output
+from config.moduleInfo import ModuleInfo
 
-class Env_variable():
+class Env_variable(ModuleInfo):
+	def __init__(self):
+		options = {'command': '-e', 'action': 'store_true', 'dest': 'env', 'help': 'environment variables'}
+		ModuleInfo.__init__(self, 'Environnement variables', 'sysadmin', options)
 
-	def retrieve_password(self):
+	def run(self):
 		values = {}
 		pwdFound = []
 

diff --git a/Linux/src/softwares/sysadmin/filezilla.py b/Linux/src/softwares/sysadmin/filezilla.py
@@ -1,11 +1,15 @@
 import xml.etree.cElementTree as ET
 from config.header import Header
 from config.write_output import print_debug, print_output
+from config.moduleInfo import ModuleInfo
 import os
 
-class Filezilla():
-
-	def retrieve_password(self):
+class Filezilla(ModuleInfo):
+	def __init__(self):
+		options = {'command': '-f', 'action': 'store_true', 'dest': 'filezilla', 'help': 'filezilla'}
+		ModuleInfo.__init__(self, 'filezilla', 'sysadmin', options)
+
+	def run(self):
 		# print the title
 		Header().title_debug('Filezilla')