Credentials recovery project
Clone or download
Latest commit 4ecef7f Dec 31, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Linux get fstab creds when authenticated share Dec 11, 2018
Mac check logins.json exists (PR 299) Oct 2, 2018
Windows Vaultfiles path fix Dec 28, 2018
.gitignore adding .DS_Store to gitignore Mar 22, 2018
CHANGELOG Update CHANGELOG Sep 2, 2018
LICENSE cf changelog version 1.3 Jul 2, 2016
README.md OpenVPN support Nov 27, 2018

README.md

The LaZagne Project !!!

Description

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software.

The LaZagne project

This project has been added to pupy as a post-exploitation module. Python code will be interpreted in memory without touching the disk and it works on Windows and Linux host. The last Linux release is not up to date so I recommend using pupy to use it.

Standalones

Standalones are now available here: https://github.com/AlessandroZ/LaZagne/releases/

Installation

Requirements are available here: https://github.com/AlessandroZ/LaZagne/wiki/Requirements

pip install -r requirement.txt

Usage

  • Retrieve version
laZagne.exe --version
  • Launch all modules
laZagne.exe all
  • Launch only a specific module
laZagne.exe browsers
  • Launch only a specific software script
laZagne.exe browsers -firefox
  • Write all passwords found into a file (-oN for Normal txt, -oJ for Json, -oA for All). Note: If you have problems to parse JSON results written as a multi-line strings, check this.
laZagne.exe all -oN
laZagne.exe all -oA -output C:\Users\test\Desktop
  • Get help
laZagne.exe -h
laZagne.exe browsers -h
  • Change verbosity mode (2 different levels)
laZagne.exe all -vv
  • Quiet mode (nothing will be printed on the standard output)
laZagne.exe all -quiet -oA
  • To decrypt domain credentials, it could be done specifying the user windows password. Otherwise it will try all passwords already found as windows passwords.
laZagne.exe all -password ZapataVive

Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication / sudo)

Mac OS

Note: In Mac OS System, without the user password it is very difficult to retrieve passwords stored on the computer. So, I recommend using one of these options

  • If you know the user password, add it in the command line
laZagne all --password SuperSecurePassword
  • You could use the interactive mode that will prompt a dialog box to the user until the password will be correct
laZagne all -i

Supported software

Windows Linux Mac
Browser Chrome, firefox, IE, Opera Firefox, Opera Firefox, Chrome
Chats Jitsy, Pigdin, Skype Jitsy, Pigdin
Databases DBVisualizer, Postgresql, Robomongo, Squirrel, SQLdevelopper DBVisualizer, Squirrel, SQLdevelopper
Games GalconFusion, Kalypsomedia, RogueTale, Turba
Git Git for Windows
Mails Outlook, Thunderbird Clawsmail, Thunderbird
Dumps from memory Keepass, Wdigest (mimikatz method) system password
SVN Tortoise
Sysadmin Apache Directory studio, CoreFTP, CyberDuck, fileZilla, FTPNavigator, OpenSSH, OpenVPN, PuttyCMRDPManager, WinSCP, Windows Subsystem for Linux AWS, Docker, Environnement variable, FileZilla, History files, SSH private keys
Wifi Wireless Network Network Manager * CF Keychains
Internal mechanism passwords storage .NET Passport, Generic Network Hashdump (LM/NT), LSA secret GNOME Keyring, Kwallet,hashdump Keychains, hashdump

(*) used by many tools to store passwords: Chrome, Owncloud, Evolution, KMail, etc.

For developers

Please refer to the wiki before opening an issue to understand how to compile the project or to develop a new module. https://github.com/AlessandroZ/LaZagne/wiki

Donation

If you want to support my work doing a donation, I will appreciate a lot:

Special thanks


Alessandro ZANNI
zanni.alessandro@gmail.com