Fix mozilla bug

pwelyn · Feb 20, 2015 · b0a9599 · b0a9599
1 parent 71ae178
commit b0a9599
Show file tree

Hide file tree

Showing 4 changed files with 113 additions and 113 deletions.
diff --git a/Windows/src/LaZagne/softwares/browsers/mozilla.py b/Windows/src/LaZagne/softwares/browsers/mozilla.py
@@ -348,33 +348,33 @@ def retrieve_password(self):
 			for profile in profile_list:
 				print_debug('INFO', 'Profile path found: %s' % profile)
 
-				self.initialize_libnss(profile)
-				masterPwd = self.is_masterpasswd_set()
-				if masterPwd:
-					print_debug('WARNING', 'A masterpassword is used !!')
-					masterPwdFound = self.found_masterpassword()
-
-				if not masterPwd or masterPwdFound:
-					# check if passwors are stored on the Json format
-					credentials = JsonDatabase(profile)
-					if not database_find:
-						# check if passwors are stored on the sqlite format
-						credentials = SqliteDatabase(profile)
-
-					if not database_find:
-						print_debug('ERROR', 'Couldn\'t find credentials file (logins.json or signons.sqlite)')
+				if self.initialize_libnss(profile):
+					masterPwd = self.is_masterpasswd_set()
+					if masterPwd:
+						print_debug('WARNING', 'A masterpassword is used !!')
+						masterPwdFound = self.found_masterpassword()
 
-					try:
-						# decrypt passwords on the db
-						pwdFound+=self.decrypt(software_name, credentials)
-					except:
-						pass
+					if not masterPwd or masterPwdFound:
+						# check if passwors are stored on the Json format
+						credentials = JsonDatabase(profile)
+						if not database_find:
+							# check if passwors are stored on the sqlite format
+							credentials = SqliteDatabase(profile)
+
+						if not database_find:
+							print_debug('ERROR', 'Couldn\'t find credentials file (logins.json or signons.sqlite)')
+
+						try:
+							# decrypt passwords on the db
+							pwdFound+=self.decrypt(software_name, credentials)
+						except:
+							pass
 
-				# if a master password is set (but not found), we save the db to bruteforce offline
-				elif masterPwd and not masterPwdFound and constant.output == 'txt':
-					self.save_db(profile)
-
-				self.libnss.NSS_Shutdown()
+					# if a master password is set (but not found), we save the db to bruteforce offline
+					elif masterPwd and not masterPwdFound and constant.output == 'txt':
+						self.save_db(profile)
+						
+					self.libnss.NSS_Shutdown()
 
 			# print the results
 			print_output(software_name, pwdFound)
diff --git a/Windows/src/LaZagne/softwares/windows/dot_net.py b/Windows/src/LaZagne/softwares/windows/dot_net.py
@@ -1,85 +1,85 @@
-import struct
-from ctypes import *
-from ctypes.wintypes import DWORD
-import win32cred
-from config.constant import *
-from config.write_output import print_output, print_debug
-from config.header import Header
-
-memcpy = cdll.msvcrt.memcpy
-LocalFree = windll.kernel32.LocalFree
-CryptUnprotectData = windll.crypt32.CryptUnprotectData
-CRYPTPROTECT_UI_FORBIDDEN = 0x01
-
-class DATA_BLOB(Structure):
-	_fields_ = [
-		('cbData', DWORD),
-		('pbData', POINTER(c_char))
-	]
-
-class Dot_net():
-	def getData(self, blobOut):
-		cbData = int(blobOut.cbData)
-		pbData = blobOut.pbData
-		buffer = c_buffer(cbData)
-		memcpy(buffer, pbData, cbData)
-		LocalFree(pbData);
-		return buffer.raw
-
-	def get_creds(self):
-		try:
-			creds = win32cred.CredEnumerate(None, 0)
-			return creds
-		except:
-			return None
-
-	def get_entropy(self):
-		entropy = '82BD0E67-9FEA-4748-8672-D5EFE5B779B0\0'
-		s = ''
-		for c in entropy:
-			s += struct.pack('<h', ord(c) << 2)
-			entropy = s
-		return s
-
-	def Win32CryptUnprotectData(self, cipherText, entropy):
-		bufferIn = c_buffer(cipherText, len(cipherText))
-		blobIn = DATA_BLOB(len(cipherText), bufferIn)
-		bufferEntropy = c_buffer(entropy, len(entropy))
-		blobEntropy = DATA_BLOB(len(entropy), bufferEntropy)
-		blobOut = DATA_BLOB()
-		if CryptUnprotectData(byref(blobIn), None, byref(blobEntropy), None, None, CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
-			return self.getData(blobOut)
-		else:
-			return 'failed'
-
-	def retrieve_password(self):
-		# print title
-		Header().title_debug('Dot Net Passport')
-
-		a = self.get_creds()
-		pwd = ''
-		pwdFound = []
-		if a:
-			for i in a:
-				values = {}
-				if i['Type'] == win32cred.CRED_TYPE_DOMAIN_VISIBLE_PASSWORD:
-					cipher_text = i['CredentialBlob']
-					pwd = self.Win32CryptUnprotectData(cipher_text, self.get_entropy())
-					if pwd != 'failed':
-						values['TargetName'] = i['TargetName'] 
-						if i['UserName'] is not None:
-							values['Username'] = i['UserName']
-						try:
-							values['Password'] = pwd.decode('utf16')
-						except: 
-							values['Password'] = 'Error decoding the password'
-
-						pwdFound.append(values)
-
-			# print the results
-			print_output('Dot Net Passport', pwdFound)
-
-		else:
-			print_debug('INFO', 'No credentials listed with the enum cred function')
-
-
+import struct
+from ctypes import *
+from ctypes.wintypes import DWORD
+import win32cred
+from config.constant import *
+from config.write_output import print_output, print_debug
+from config.header import Header
+
+memcpy = cdll.msvcrt.memcpy
+LocalFree = windll.kernel32.LocalFree
+CryptUnprotectData = windll.crypt32.CryptUnprotectData
+CRYPTPROTECT_UI_FORBIDDEN = 0x01
+
+class DATA_BLOB(Structure):
+	_fields_ = [
+		('cbData', DWORD),
+		('pbData', POINTER(c_char))
+	]
+
+class Dot_net():
+	def getData(self, blobOut):
+		cbData = int(blobOut.cbData)
+		pbData = blobOut.pbData
+		buffer = c_buffer(cbData)
+		memcpy(buffer, pbData, cbData)
+		LocalFree(pbData);
+		return buffer.raw
+
+	def get_creds(self):
+		try:
+			creds = win32cred.CredEnumerate(None, 0)
+			return creds
+		except:
+			return None
+
+	def get_entropy(self):
+		entropy = '82BD0E67-9FEA-4748-8672-D5EFE5B779B0\0'
+		s = ''
+		for c in entropy:
+			s += struct.pack('<h', ord(c) << 2)
+			entropy = s
+		return s
+
+	def Win32CryptUnprotectData(self, cipherText, entropy):
+		bufferIn = c_buffer(cipherText, len(cipherText))
+		blobIn = DATA_BLOB(len(cipherText), bufferIn)
+		bufferEntropy = c_buffer(entropy, len(entropy))
+		blobEntropy = DATA_BLOB(len(entropy), bufferEntropy)
+		blobOut = DATA_BLOB()
+		if CryptUnprotectData(byref(blobIn), None, byref(blobEntropy), None, None, CRYPTPROTECT_UI_FORBIDDEN, byref(blobOut)):
+			return self.getData(blobOut)
+		else:
+			return 'failed'
+
+	def retrieve_password(self):
+		# print title
+		Header().title_debug('Dot Net Passport')
+
+		a = self.get_creds()
+		pwd = ''
+		pwdFound = []
+		if a:
+			for i in a:
+				values = {}
+				if i['Type'] == win32cred.CRED_TYPE_DOMAIN_VISIBLE_PASSWORD:
+					cipher_text = i['CredentialBlob']
+					pwd = self.Win32CryptUnprotectData(cipher_text, self.get_entropy())
+					if pwd != 'failed':
+						values['TargetName'] = i['TargetName']
+						if i['UserName'] is not None:
+							values['Username'] = i['UserName']
+						try:
+							values['Password'] = pwd.decode('utf16')
+						except:
+							values['INFO'] = 'Error decoding the password'
+
+						pwdFound.append(values)
+
+			# print the results
+			print_output('Dot Net Passport', pwdFound)
+
+		else:
+			print_debug('INFO', 'No credentials listed with the enum cred function')
+
+
diff --git a/Windows/src/LaZagne/softwares/windows/network.py b/Windows/src/LaZagne/softwares/windows/network.py
@@ -75,7 +75,7 @@ def retrieve_password(self):
 
 					if pwd != 'failed':
 						targetName = i['TargetName'].replace('Microsoft_WinInet_', '')
-						values['TargetName'] = targetName 
+						values['TargetName'] = targetName
 
 						if os_plateform == 'XP':
 							t = targetName.split('/')
@@ -86,8 +86,8 @@ def retrieve_password(self):
 
 						try:
 							values['Password'] = pwd.decode('utf16')
-						except: 
-							values['Password'] = 'Error decoding the password'
+						except:
+							values['INFO'] = 'Error decoding the password'
 
 						pwdFound.append(values)
 

diff --git a/Windows/standalone/laZagne.exe b/Windows/standalone/laZagne.exe