Basic Mac support #100
Basic Mac support #100
Conversation
|
Good job, that's a good start for Mac OS! I was too lazy to install a VM with Mac, and my Mac is super old so I have never developed it for mac. However, maybe you're first work help me to begin to work on. Thanks for your help. If you are motivated to continue, I suggest you to work on the keychains. It should be very important to retrieve it, everyone puts everything into it. If you can't, I will take a look on it. |
|
Yeah, setting up a Mac VM is far from easy ! I'm currently looking at how keyring handles the Mac keychain, will send another PR your way if i make sense of it. |
|
So i looked into it and n0fate's chainbreaker seems like a better solution. I'm packaging it as an importable library. When it's done i can upload in on pypi and then we can either make it a 3rd party dependency or pack it directly into laZagne, whichever you think is better. That is if the license works for you (chainbreaker is GPL2, is that compatible with your license ?) |
|
If the code is small, it can be directly added into Lazage. The project seems good, but to decrypt the keychain, the password is needed which I think it's not the best idea. I think getting the password from memory will be a better idea, even if root privileges is needed. For example, this project does the job (I don't know if a python project like this one exist): https://github.com/juuso/keychaindump I don't know if it's possible to develop it in python (I will check it when I have some time). If not maybe embed it (already compiled) would be possible. |
|
chainbreaker supports decrypting the keychain using either the password or the key, so perhaps it's possible to rewrite only the memory search part in python and add that to chainbreaker. This sort of memory exploration is not my forte but i'll see what i can do. |
|
This could be implemented also with the -drive parameter. So you may be running this on a Windows system but the external / mounted -drive you are looking at is a Mac OS system and therefore, the path is different, for example, for the Firefox directory (as the script is looking for the Windows path and not the Mac OS path) |
Basic Mac support Former-commit-id: bd6de59dd75de4a14dea0eb025ae741d7edee44b [formerly 78ec0aa] Former-commit-id: bf719abb43565046e25d59e4d7954e119a4d68d3
I verified that laZagne's core works on Mac and added a "Mac" directory. I removed all the modules except Mozilla, the only change done there was changing the paths (
get_pathmethod). Firefox/Thunderbird password extraction work as expected (at least with the versions installed on my Mac).this is my first github pull request ever, so please let me know if i should do this differently !