Skip to content

Commit

Permalink
changing lot of stuff
Browse files Browse the repository at this point in the history
  • Loading branch information
@AlessandroZ
AlessandroZ committed Dec 8, 2016
1 parent d90002f commit e4af3e1
Show file tree
Hide file tree
Showing 40 changed files with 1,127 additions and 2,119 deletions.
483 changes: 186 additions & 297 deletions Windows/laZagne.py
View file

Large diffs are not rendered by default.

345 changes: 174 additions & 171 deletions Windows/lazagne/config/changePrivileges.py
View file

Large diffs are not rendered by default.

11 changes: 9 additions & 2 deletions Windows/lazagne/config/constant.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,12 @@ class constant():
passwordFound = []

finalResults = {}
userprofile = ''
appdata = ''

profile = {
'APPDATA': '',
'USERPROFILE': '',
'HOMEDRIVE': '',
'HOMEPATH': '',
'ALLUSERSPROFILE': ''
}
username = ''
6 changes: 2 additions & 4 deletions Windows/lazagne/config/manageModules.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,9 @@
from lazagne.softwares.browsers.opera import Opera
from lazagne.softwares.browsers.ie import IE
# windows
from lazagne.softwares.windows.system_hash import Hashes
from lazagne.softwares.windows.network import Network
from lazagne.softwares.windows.dot_net import Dot_net
from lazagne.softwares.windows.secrets import Secrets
from lazagne.softwares.windows.passwords_hints import PasswordsHint
# sysadmin
from lazagne.softwares.sysadmin.filezilla import Filezilla
from lazagne.softwares.sysadmin.cyberduck import Cyberduck
Expand Down Expand Up @@ -74,6 +73,7 @@ def get_modules():
FtpNavigator(),
GalconFusion(),
GitForWindows(),
Hashes(),
IE(),
Jitsi(),
KalypsoMedia(),
Expand All @@ -85,13 +85,11 @@ def get_modules():
OpenSSHForWindows(),
Opera(),
Outlook(),
PasswordsHint(),
Pidgin(),
Puttycm(),
Robomongo(),
RoguesTale(),
Tortoise(),
Secrets(),
Skype(),
SQLDeveloper(),
Squirrel(),
Expand Down
12 changes: 10 additions & 2 deletions Windows/lazagne/config/moduleInfo.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,15 @@
# options['help'] = 'skype'

class ModuleInfo():
def __init__(self, name, category, options, suboptions = [], need_high_privileges=False, need_to_be_in_env=True):
def __init__(self, name, category, options, suboptions = [], need_high_privileges=False, need_system_privileges=False, need_to_be_in_env=True, cannot_be_impersonate_using_tokens=False):
self.name = name
self.category = category
self.options = options
self.suboptions = suboptions
self.need_high_privileges = need_high_privileges
self.need_system_privileges = need_system_privileges
self.need_to_be_in_env = need_to_be_in_env
self.cannot_be_impersonate_using_tokens = cannot_be_impersonate_using_tokens

def name(self):
return self.name
Expand All @@ -34,6 +36,12 @@ def suboptions(self):

def need_high_privileges(self):
return self.need_high_privileges

def need_system_privileges(self):
return self.need_system_privileges

def need_to_be_in_env(self):
return self.need_to_be_in_env
return self.need_to_be_in_env

def cannot_be_impersonate_using_tokens(self):
return self.cannot_be_impersonate_using_tokens
40 changes: 40 additions & 0 deletions Windows/lazagne/config/powershell_execute.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
import _subprocess as sub
import subprocess
import base64
import re

def powershell_execute(script, function):

script = re.sub("Write-Verbose ","Write-Output ", script, flags=re.I)
script = re.sub("Write-Error ","Write-Output ", script, flags=re.I)
script = re.sub("Write-Warning ","Write-Output ", script, flags=re.I)

fullargs = ["powershell.exe", "-C", "-"]

info = subprocess.STARTUPINFO()
info.dwFlags = sub.STARTF_USESHOWWINDOW | sub.CREATE_NEW_PROCESS_GROUP
info.wShowWindow = sub.SW_HIDE
p = subprocess.Popen(fullargs, startupinfo=info, stdin=subprocess.PIPE, stderr=subprocess.STDOUT, stdout=subprocess.PIPE, universal_newlines=True, shell=True)

p.stdin.write("$base64=\"\""+"\n")
n = 25000
b64_script = base64.b64encode(script)
tab = [b64_script[i:i+n] for i in range(0, len(b64_script), n)]
for t in tab:
p.stdin.write("$base64+=\"%s\"\n" % t)
p.stdin.flush()

p.stdin.write("$d=[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($base64))\n")
p.stdin.write("Invoke-Expression $d\n")

p.stdin.write("\n$a=Invoke-Expression \"%s\" | Out-String\n" % function)
p.stdin.write("$b=[System.Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes(\"$a\"))\n")
p.stdin.write("Write-Host $b\n")

# Get the result in base64
output = ""
for i in p.stdout.readline():
output += i
output = base64.b64decode(output)

return output
26 changes: 10 additions & 16 deletions Windows/lazagne/softwares/browsers/chrome.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,32 +14,26 @@ def __init__(self):

# main function
def run(self, software_name = None):
database_path = ''
homedrive = ''
homepath = ''
if 'HOMEDRIVE' in os.environ and 'HOMEPATH' in os.environ:
homedrive = os.environ.get('HOMEDRIVE')
homepath = os.environ.get('HOMEPATH')
homedrive = constant.profile['HOMEDRIVE']
homepath = constant.profile['HOMEPATH']

# All possible path
pathTab = [
homedrive + homepath + '\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data',
homedrive + homepath + '\AppData\Local\Google\Chrome\User Data\Default\Login Data',
homedrive + '\Users\\' + getpass.getuser() + '\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data',
homedrive + '\Users\\' + getpass.getuser() + '\AppData\Local\Google\Chrome\User Data\Default\Login Data',
'C:\Users\\' + getpass.getuser() + '\Local Settings\Application Data\Google\Chrome\User Data\Default\Login Data',
'C:\Users\\' + getpass.getuser() + '\AppData\Local\Google\Chrome\User Data\Default\Login Data'
homedrive + homepath + '\\Local Settings\\Application Data\\Google\\Chrome\\User Data\\Default\\Login Data',
homedrive + homepath + '\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Login Data',
homedrive + '\\Users\\' + constant.username + '\\Local Settings\\Application Data\\Google\\Chrome\\User Data\\Default\\Login Data',
homedrive + '\\Users\\' + constant.username + '\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Login Data',
'C:\\Users\\' + constant.username + '\\Local Settings\\Application Data\\Google\\Chrome\\User Data\\Default\\Login Data',
'C:\\Users\\' + constant.username + '\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Login Data'
]

database_path = [p for p in pathTab if os.path.exists(p)]
if not database_path:
print_debug('INFO', 'Google Chrome not installed.')
return

# if many path are valid
if len(database_path) !=1:
database_path = database_path[0]

database_path = database_path[0]

# Copy database before to query it (bypass lock errors)
try:
shutil.copy(database_path, os.getcwd() + os.sep + 'tmp_db')
Expand Down
2 changes: 1 addition & 1 deletion Windows/lazagne/softwares/browsers/ie.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ class IE(ModuleInfo):
def __init__(self):
options = {'command': '-e', 'action': 'store_true', 'dest': 'Internet Explorer', 'help': 'internet explorer (stored in registry and using the credential manager)'}
suboptions = [{'command': '-l', 'action': 'store', 'dest': 'historic', 'help': 'text file with a list of websites', 'title': 'Advanced ie option'}]
ModuleInfo.__init__(self, 'ie', 'browsers', options, suboptions)
ModuleInfo.__init__(self, 'ie', 'browsers', options, suboptions, cannot_be_impersonate_using_tokens=True)

def getData(self, blobOut):
cbData = int(blobOut.cbData)
Expand Down
23 changes: 5 additions & 18 deletions Windows/lazagne/softwares/browsers/mozilla.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,20 +110,10 @@ def __init__(self, isThunderbird = False):

def get_path(self, software_name):
path = ''
if constant.appdata:
if software_name == 'Firefox':
path = '%s\Mozilla\Firefox' % constant.appdata
elif software_name == 'Thunderbird':
path = '%s\Thunderbird' % constant.appdata

elif 'APPDATA' in os.environ:
if software_name == 'Firefox':
path = '%s\Mozilla\Firefox' % str(os.environ['APPDATA'])
elif software_name == 'Thunderbird':
path = '%s\Thunderbird' % str(os.environ['APPDATA'])
else:
print_debug('DEBUG', 'The APPDATA environment variable is not definded.\nUse the -s option and specify the folder path of the victim\nPath: <HOMEPATH>\Application Data\Mozilla\Firefox\Profiles\<PROFILE_NAME>')

if software_name == 'Firefox':
path = '%s\Mozilla\Firefox' % str(constant.profile['APPDATA'])
elif software_name == 'Thunderbird':
path = '%s\Thunderbird' % str(constant.profile['APPDATA'])
return path

def manage_advanced_options(self):
Expand Down Expand Up @@ -442,12 +432,9 @@ def run(self, software_name = None):

# get the installation path
path = self.get_path(software_name)
if not path:
print_debug('WARNING', 'Installation path not found')
return

#Check if mozilla folder has been found
elif not os.path.exists(path):
if not os.path.exists(path):
print_debug('INFO', software_name + ' not installed.')
return
else:
Expand Down
38 changes: 15 additions & 23 deletions Windows/lazagne/softwares/browsers/opera.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,7 @@ def run(self, software_name = None):
# retrieve opera folder
path = self.get_path()

if path == 'env_variable_error':
print_debug('ERROR', 'The APPDATA environment variable is not defined.')
return
elif not path:
if not path:
print_debug('INFO', 'Opera is not installed.')
return

Expand Down Expand Up @@ -49,26 +46,21 @@ def run(self, software_name = None):

def get_path(self):
global CIPHERED_FILE
if 'APPDATA' in os.environ:
# version less than 10
if os.path.exists(os.environ['APPDATA'] + '\Opera\Opera\profile'):
CIPHERED_FILE = 'wand.dat'
return os.environ['APPDATA'] + '\Opera\Opera\profile'

# version more than 10
if os.path.exists(os.environ['APPDATA'] + '\Opera\Opera'):
CIPHERED_FILE = 'wand.dat'
return os.environ['APPDATA'] + '\Opera\Opera'

# new versions
elif os.path.exists(os.environ['APPDATA'] + '\Opera Software\Opera Stable'):
CIPHERED_FILE = 'Login Data'
return os.environ['APPDATA'] + '\Opera Software\Opera Stable'
# version less than 10
if os.path.exists(constant.profile['APPDATA'] + '\Opera\Opera\profile'):
CIPHERED_FILE = 'wand.dat'
return constant.profile['APPDATA'] + '\Opera\Opera\profile'

# version more than 10
if os.path.exists(constant.profile['APPDATA'] + '\Opera\Opera'):
CIPHERED_FILE = 'wand.dat'
return constant.profile['APPDATA'] + '\Opera\Opera'

# new versions
elif os.path.exists(constant.profile['APPDATA'] + '\Opera Software\Opera Stable'):
CIPHERED_FILE = 'Login Data'
return constant.profile['APPDATA'] + '\Opera Software\Opera Stable'

else:
return None
else:
return 'env_variable_error'

def decipher_old_version(self, path):
salt = '837DFC0F8EB3E86973AFFF'
Expand Down
22 changes: 5 additions & 17 deletions Windows/lazagne/softwares/chats/jitsi.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,20 +29,11 @@ def get_salt(self):
return binascii.unhexlify(hexsalt)

def get_path(self):
if constant.appdata:
directory = '%s\Jitsi\sip-communicator.properties' % constant.appdata
if os.path.exists(directory):
return directory
return 'JITSI_NOT_EXISTS'

elif 'APPDATA' in os.environ:
directory = os.environ.get('APPDATA') + os.sep + 'Jitsi' + os.sep + 'sip-communicator.properties'
if os.path.exists(directory):
return directory
else:
return 'JITSI_NOT_EXISTS'
directory = constant.profile['APPDATA'] + os.sep + 'Jitsi' + os.sep + 'sip-communicator.properties'
if os.path.exists(directory):
return directory
else:
return 'Error'
return 'JITSI_NOT_EXISTS'

def get_info(self, file_properties):
values = {}
Expand Down Expand Up @@ -106,10 +97,7 @@ def decrypt_password(self, encrypted_pass):
# main function
def run(self, software_name = None):
file_properties = self.get_path()
if file_properties == 'Error':
print_debug('ERROR', 'The APPDATA environment variable is not defined')

elif file_properties == 'JITSI_NOT_EXISTS':
if file_properties == 'JITSI_NOT_EXISTS':
print_debug('INFO', 'Jitsi not installed.')

else:
Expand Down
14 changes: 3 additions & 11 deletions Windows/lazagne/softwares/chats/pidgin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,9 @@ def __init__(self):
options = {'command': '-p', 'action': 'store_true', 'dest': 'pidgin', 'help': 'pidgin'}
ModuleInfo.__init__(self, 'pidgin', 'chats', options, need_to_be_in_env=False)

def run(self, software_name = None):
if constant.appdata:
directory = '%s\.purple' % constant.appdata
path = os.path.join(directory, 'accounts.xml')

elif 'APPDATA' in os.environ:
directory = os.environ['APPDATA'] + '\.purple'
path = os.path.join(directory, 'accounts.xml')
else:
print_debug('ERROR', 'The APPDATA environment variable is not defined.')
return
def run(self, software_name = None):
directory = constant.profile['APPDATA'] + '\.purple'
path = os.path.join(directory, 'accounts.xml')

if os.path.exists(path):
tree = ET.ElementTree(file=path)
Expand Down
Loading

0 comments on commit e4af3e1

Please sign in to comment.