From 5b77505dfd174b1483f9ecc0314b7aba2988daec Mon Sep 17 00:00:00 2001 From: AlessandroZ Date: Wed, 18 Oct 2017 15:08:31 +0200 Subject: [PATCH] fix #154 and #156 Former-commit-id: 2c95f39f2b10bd4592204c9ab9db2b1c21f4a3e7 [formerly 2c95f39f2b10bd4592204c9ab9db2b1c21f4a3e7 [formerly 2c95f39f2b10bd4592204c9ab9db2b1c21f4a3e7 [formerly 39a98590824e9e0ee50b67ab1e9f7c63fe75f8df]]] Former-commit-id: da18c8acb5e16ee018abbe8b60169a5db8c0e054 Former-commit-id: 7e35d9d7cf4c71c240061b89df4dd8d2b0d7280a Former-commit-id: 7ae43cd4b0e5904858312161dabc309482c97547 --- Windows/laZagne.py | 81 +++++++++++-------- Windows/lazagne/config/constant.py | 59 +++++++------- Windows/lazagne/softwares/browsers/chrome.py | 20 ++--- Windows/lazagne/softwares/browsers/coccoc.py | 20 ++--- Windows/lazagne/softwares/browsers/mozilla.py | 55 +++---------- Windows/lazagne/softwares/browsers/opera.py | 39 +++++---- Windows/lazagne/softwares/chats/jitsi.py | 16 ++-- Windows/lazagne/softwares/chats/pidgin.py | 2 +- Windows/lazagne/softwares/chats/skype.py | 14 ++-- Windows/lazagne/softwares/databases/dbvis.py | 24 +++--- .../lazagne/softwares/databases/robomongo.py | 6 +- .../softwares/databases/sqldeveloper.py | 32 ++++---- .../lazagne/softwares/databases/squirrel.py | 4 +- .../lazagne/softwares/games/galconfusion.py | 6 +- .../lazagne/softwares/games/kalypsomedia.py | 6 +- Windows/lazagne/softwares/games/roguestale.py | 4 +- Windows/lazagne/softwares/games/turba.py | 6 +- .../lazagne/softwares/git/gitforwindows.py | 6 +- .../softwares/maven/mavenrepositories.py | 4 +- Windows/lazagne/softwares/memory/keethief.py | 4 +- .../lazagne/softwares/memory/memorydump.py | 60 +++++++------- Windows/lazagne/softwares/php/composer.py | 4 +- Windows/lazagne/softwares/svn/tortoise.py | 2 +- .../sysadmin/apachedirectorystudio.py | 2 +- .../lazagne/softwares/sysadmin/cyberduck.py | 10 +-- .../lazagne/softwares/sysadmin/filezilla.py | 10 +-- .../softwares/sysadmin/ftpnavigator.py | 2 +- .../softwares/sysadmin/opensshforwindows.py | 13 ++- Windows/lazagne/softwares/sysadmin/puttycm.py | 2 +- .../lazagne/softwares/sysadmin/rdpmanager.py | 4 +- .../lazagne/softwares/sysadmin/unattended.py | 16 ++-- Windows/lazagne/softwares/sysadmin/winscp.py | 4 +- Windows/lazagne/softwares/wifi/wifi.py | 2 +- 33 files changed, 257 insertions(+), 282 deletions(-) diff --git a/Windows/laZagne.py b/Windows/laZagne.py index 98ec054e..c70083ac 100755 --- a/Windows/laZagne.py +++ b/Windows/laZagne.py @@ -156,7 +156,7 @@ def manage_advanced_options(): if 'historic' in args: constant.ie_historic = args['historic'] - if 'drive' in args: + if args['drive']: drive = args['drive'].upper() # drive letter between A and Z if drive != constant.drive: @@ -201,37 +201,41 @@ def write_in_file(result): # Get user list to retrieve their passwords def get_user_list_on_filesystem(impersonated_user=[]): + # Check users existing on the system (get only directories) - all_users = os.walk('%s:\\Users' % constant.drive).next()[1] - - # Remove default users - for user in ['All Users', 'Default User', 'Default', 'Public']: - if user in all_users: - all_users.remove(user) + user_path = u'%s:\\Users' % constant.drive + all_users = [] + if os.path.exists(user_path): + all_users = os.listdir(user_path) + + # Remove default users + for user in ['All Users', 'Default User', 'Default', 'Public', 'desktop.ini']: + if user in all_users: + all_users.remove(user) - # Removing user that have already been impersonated - for imper_user in impersonated_user: - if imper_user in all_users: - all_users.remove(imper_user) + # Removing user that have already been impersonated + for imper_user in impersonated_user: + if imper_user in all_users: + all_users.remove(imper_user) return all_users def set_env_variables(user=getpass.getuser(), toImpersonate=False): constant.username = user if not toImpersonate: - constant.profile['APPDATA'] = os.environ.get('APPDATA', '%s:\\Users\\%s\\AppData\\Roaming\\' % (constant.drive, user)) - constant.profile['USERPROFILE'] = os.environ.get('USERPROFILE', '%s:\\Users\\%s\\' % (constant.drive, user)) - constant.profile['HOMEDRIVE'] = os.environ.get('HOMEDRIVE', '%s:' % constant.drive) - constant.profile['HOMEPATH'] = os.environ.get('HOMEPATH', '%s:\\Users\\%s' % (constant.drive, user)) - constant.profile['ALLUSERSPROFILE'] = os.environ.get('ALLUSERSPROFILE', '%s:\\ProgramData' % constant.drive) - constant.profile['COMPOSER_HOME'] = os.environ.get('COMPOSER_HOME', '%s:\\Users\\%s\\AppData\\Roaming\\Composer\\' % (constant.drive, user)) - constant.profile['LOCALAPPDATA'] = os.environ.get('LOCALAPPDATA', '%s:\\Users\\%s\\AppData\\Local' % (constant.drive, user)) + constant.profile['APPDATA'] = unicode(os.environ.get('APPDATA', u'%s:\\Users\\%s\\AppData\\Roaming\\' % (constant.drive, user))) + constant.profile['USERPROFILE'] = unicode(os.environ.get('USERPROFILE', u'%s:\\Users\\%s\\' % (constant.drive, user))) + constant.profile['HOMEDRIVE'] = unicode(os.environ.get('HOMEDRIVE', u'%s:' % constant.drive)) + constant.profile['HOMEPATH'] = unicode(os.environ.get('HOMEPATH', u'%s:\\Users\\%s' % (constant.drive, user))) + constant.profile['ALLUSERSPROFILE'] = unicode(os.environ.get('ALLUSERSPROFILE', u'%s:\\ProgramData' % constant.drive)) + constant.profile['COMPOSER_HOME'] = unicode(os.environ.get('COMPOSER_HOME', u'%s:\\Users\\%s\\AppData\\Roaming\\Composer\\' % (constant.drive, user))) + constant.profile['LOCALAPPDATA'] = unicode(os.environ.get('LOCALAPPDATA', u'%s:\\Users\\%s\\AppData\\Local' % (constant.drive, user))) else: - constant.profile['APPDATA'] = '%s:\\Users\\%s\\AppData\\Roaming\\' % (constant.drive, user) - constant.profile['USERPROFILE'] = '%s:\\Users\\%s\\' % (constant.drive, user) - constant.profile['HOMEPATH'] = '%s:\\Users\\%s' % (constant.drive, user) - constant.profile['COMPOSER_HOME'] = '%s:\\Users\\%s\\AppData\\Roaming\\Composer\\' % (constant.drive, user) - constant.profile['LOCALAPPDATA'] = '%s:\\Users\\%s\\AppData\\Local' % (constant.drive, user) + constant.profile['APPDATA'] = u'%s:\\Users\\%s\\AppData\\Roaming\\' % (constant.drive, user) + constant.profile['USERPROFILE'] = u'%s:\\Users\\%s\\' % (constant.drive, user) + constant.profile['HOMEPATH'] = u'%s:\\Users\\%s' % (constant.drive, user) + constant.profile['COMPOSER_HOME'] = u'%s:\\Users\\%s\\AppData\\Roaming\\Composer\\' % (constant.drive, user) + constant.profile['LOCALAPPDATA'] = u'%s:\\Users\\%s\\AppData\\Local' % (constant.drive, user) # print user when verbose mode is enabled (without verbose mode the user is printed on the write_output python file) def print_user(user): @@ -247,7 +251,7 @@ def clean_temporary_files(): except: pass -def runLaZagne(category_choosed='all'): +def runLaZagne(category_choosed='all', check_specific_drive=False): # ------ Part used for user impersonation ------ @@ -256,7 +260,12 @@ def runLaZagne(category_choosed='all'): constant.finalResults = {'User': current_user} print_user(current_user) yield 'User', current_user - set_env_variables() + + if check_specific_drive: + set_env_variables(toImpersonate=True) + else: + set_env_variables() + for r in runModule(category_choosed): yield r stdoutRes.append(constant.finalResults) @@ -272,7 +281,7 @@ def runLaZagne(category_choosed='all'): # Not save the current user's SIDs if current_user != sid[3].split('\\', 1)[1]: impersonateUsers.setdefault(sid[3].split('\\', 1)[1], []).append(sid[2]) - + for user in impersonateUsers: if 'service ' in user.lower() or ' service' in user.lower(): continue @@ -333,18 +342,18 @@ def runLaZagne(category_choosed='all'): PPoptional = argparse.ArgumentParser(add_help=False, formatter_class=lambda prog: argparse.HelpFormatter(prog, max_help_position=constant.MAX_HELP_POSITION)) PPoptional._optionals.title = 'optional arguments' PPoptional.add_argument('-v', dest='verbose', action='count', default=0, help='increase verbosity level') - PPoptional.add_argument('-quiet', dest='quiet', action= 'store_true', default=False, help = 'quiet mode: nothing is printed to the output') - PPoptional.add_argument('-drive', dest='drive', action= 'store', default='C', help = 'drive to perform the test (default: C)') - PPoptional.add_argument('-path', dest='path', action= 'store', help = 'path of a file used for dictionary file') - PPoptional.add_argument('-b', dest='bruteforce', action= 'store', help = 'number of character to brute force') + PPoptional.add_argument('-quiet', dest='quiet', action='store_true', default=False, help='quiet mode: nothing is printed to the output') + PPoptional.add_argument('-drive', dest='drive', action='store', default=False, help='drive to perform the test (default: C)') + PPoptional.add_argument('-path', dest='path', action='store', help='path of a file used for dictionary file') + PPoptional.add_argument('-b', dest='bruteforce', action='store', help='number of character to brute force') # Output PWrite = argparse.ArgumentParser(add_help=False, formatter_class=lambda prog: argparse.HelpFormatter(prog, max_help_position=constant.MAX_HELP_POSITION)) PWrite._optionals.title = 'Output' - PWrite.add_argument('-oN', dest='write_normal', action='store_true', help = 'output file in a readable format') - PWrite.add_argument('-oJ', dest='write_json', action='store_true', help = 'output file in a json format') - PWrite.add_argument('-oA', dest='write_all', action='store_true', help = 'output file in all format') + PWrite.add_argument('-oN', dest='write_normal', action='store_true', help='output file in a readable format') + PWrite.add_argument('-oJ', dest='write_json', action='store_true', help='output file in a json format') + PWrite.add_argument('-oA', dest='write_all', action='store_true', help='output file in all format') # ------------------------------------------- Add options and suboptions to all modules ------------------------------------------- all_subparser = [] @@ -395,6 +404,10 @@ def runLaZagne(category_choosed='all'): arguments = parser.parse_args() category_choosed = args['auditType'] + check_specific_drive = False + if args['drive']: + check_specific_drive = True + quiet_mode() # Print the title @@ -407,7 +420,7 @@ def runLaZagne(category_choosed='all'): start_time = time.time() - for r in runLaZagne(category_choosed): + for r in runLaZagne(category_choosed, check_specific_drive=check_specific_drive): pass clean_temporary_files() diff --git a/Windows/lazagne/config/constant.py b/Windows/lazagne/config/constant.py index 4e63aec2..67ee8202 100755 --- a/Windows/lazagne/config/constant.py +++ b/Windows/lazagne/config/constant.py @@ -3,48 +3,49 @@ date = time.strftime("%d%m%Y_%H%M%S") class constant(): - folder_name = 'results_{current_time}'.format(current_time=date) - file_name_results = 'credentials' # the extention is added depending on the user output choice - MAX_HELP_POSITION = 27 - CURRENT_VERSION = '2.3' - output = None - file_logger = None + # folder_name = 'results_{current_time}'.format(current_time=date) + folder_name = '.' + file_name_results = 'credentials_{current_time}'.format(current_time=date) # the extention is added depending on the user output choice + MAX_HELP_POSITION = 27 + CURRENT_VERSION = '2.3.1' + output = None + file_logger = None # jitsi options - jitsi_masterpass = None + jitsi_masterpass = None # mozilla options - manually = None - path = None - bruteforce = None - specific_path = None + manually = None + path = None + bruteforce = None + specific_path = None # ie options - ie_historic = None + ie_historic = None # total password found - nbPasswordFound = 0 - passwordFound = [] + nbPasswordFound = 0 + passwordFound = [] - finalResults = {} + finalResults = {} profile = { - 'APPDATA' : '', - 'USERPROFILE' : '', - 'HOMEDRIVE' : '', - 'HOMEPATH' : '', - 'ALLUSERSPROFILE': '', - 'COMPOSER_HOME' : '', - 'LOCALAPPDATA' : '' + 'APPDATA' : u'', + 'USERPROFILE' : u'', + 'HOMEDRIVE' : u'', + 'HOMEPATH' : u'', + 'ALLUSERSPROFILE' : u'', + 'COMPOSER_HOME' : u'', + 'LOCALAPPDATA' : u'' } - username = '' + username = u'' - keepass = {} - hives = [] + keepass = {} + hives = [] - checkUnattended = False + checkUnattended = False - quiet_mode = False + quiet_mode = False # standart output - st = None - drive = 'C' \ No newline at end of file + st = None + drive = u'C' \ No newline at end of file diff --git a/Windows/lazagne/softwares/browsers/chrome.py b/Windows/lazagne/softwares/browsers/chrome.py index c8409bd9..89588cb4 100755 --- a/Windows/lazagne/softwares/browsers/chrome.py +++ b/Windows/lazagne/softwares/browsers/chrome.py @@ -14,13 +14,13 @@ def __init__(self): # main function def run(self, software_name = None): - homedrive = constant.profile['HOMEDRIVE'] - homepath = constant.profile['HOMEPATH'] + homedrive = constant.profile['HOMEDRIVE'] + homepath = constant.profile['HOMEPATH'] # all possible path pathTab = [ - homedrive + homepath + '\\Local Settings\\Application Data\\Google\\Chrome\\User Data', - homedrive + homepath + '\\AppData\\Local\\Google\\Chrome\\User Data', + homedrive + homepath + u'\\Local Settings\\Application Data\\Google\\Chrome\\User Data', + homedrive + homepath + u'\\AppData\\Local\\Google\\Chrome\\User Data', ] application_path = [p for p in pathTab if os.path.exists(p)] @@ -33,8 +33,8 @@ def run(self, software_name = None): # try to list all users profile profiles = [] - if os.path.exists(os.path.join(application_path, 'Local State')): - with open(os.path.join(application_path, 'Local State')) as file: + if os.path.exists(os.path.join(application_path, u'Local State')): + with open(os.path.join(application_path, u'Local State')) as file: try: data = json.load(file) for profile in data['profile']['info_cache']: @@ -47,15 +47,15 @@ def run(self, software_name = None): pwdFound = [] for profile in profiles: - database_path = os.path.join(application_path, profile, 'Login Data') + database_path = os.path.join(application_path, profile, u'Login Data') if not os.path.exists(database_path): print_debug('INFO', 'User database not found') continue # Copy database before to query it (bypass lock errors) try: - shutil.copy(database_path, os.path.join(os.getcwd(), 'tmp_db')) - database_path = os.path.join(os.getcwd(), 'tmp_db') + shutil.copy(database_path, os.path.join(unicode(os.getcwd()), u'tmp_db')) + database_path = os.path.join(unicode(os.getcwd()), u'tmp_db') except Exception,e: print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', 'An error occured copying the database file') @@ -91,7 +91,7 @@ def run(self, software_name = None): print_debug('DEBUG', '{0}'.format(e)) conn.close() - if database_path.endswith('tmp_db'): + if database_path.endswith(u'tmp_db'): os.remove(database_path) return pwdFound diff --git a/Windows/lazagne/softwares/browsers/coccoc.py b/Windows/lazagne/softwares/browsers/coccoc.py index a1da80f5..be7c4b5f 100755 --- a/Windows/lazagne/softwares/browsers/coccoc.py +++ b/Windows/lazagne/softwares/browsers/coccoc.py @@ -14,13 +14,13 @@ def __init__(self): # main function def run(self, software_name = None): - homedrive = constant.profile['HOMEDRIVE'] - homepath = constant.profile['HOMEPATH'] + homedrive = constant.profile['HOMEDRIVE'] + homepath = constant.profile['HOMEPATH'] # all possible path pathTab = [ - homedrive + homepath + '\\Local Settings\\Application Data\\CocCoc\\Browser\\User Data', - homedrive + homepath + '\\AppData\\Local\\CocCoc\\Browser\\User Data', + homedrive + homepath + u'\\Local Settings\\Application Data\\CocCoc\\Browser\\User Data', + homedrive + homepath + u'\\AppData\\Local\\CocCoc\\Browser\\User Data', ] application_path = [p for p in pathTab if os.path.exists(p)] @@ -33,8 +33,8 @@ def run(self, software_name = None): # try to list all users profile profiles = [] - if os.path.exists(os.path.join(application_path, 'Local State')): - with open(os.path.join(application_path, 'Local State')) as file: + if os.path.exists(os.path.join(application_path, u'Local State')): + with open(os.path.join(application_path, u'Local State')) as file: try: data = json.load(file) for profile in data['profile']['info_cache']: @@ -47,15 +47,15 @@ def run(self, software_name = None): pwdFound = [] for profile in profiles: - database_path = os.path.join(application_path, profile, 'Login Data') + database_path = os.path.join(application_path, profile, u'Login Data') if not os.path.exists(database_path): print_debug('INFO', 'User database not found') continue # Copy database before to query it (bypass lock errors) try: - shutil.copy(database_path, os.path.join(os.getcwd(), 'tmp_db')) - database_path = os.path.join(os.getcwd(), 'tmp_db') + shutil.copy(database_path, os.path.join(unicode(os.getcwd()), u'tmp_db')) + database_path = os.path.join(unicode(os.getcwd()), u'tmp_db') except Exception,e: print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', 'An error occured copying the database file') @@ -91,7 +91,7 @@ def run(self, software_name = None): print_debug('DEBUG', '{0}'.format(e)) conn.close() - if database_path.endswith('tmp_db'): + if database_path.endswith(u'tmp_db'): os.remove(database_path) return pwdFound diff --git a/Windows/lazagne/softwares/browsers/mozilla.py b/Windows/lazagne/softwares/browsers/mozilla.py index 621c91ec..37b5d4aa 100755 --- a/Windows/lazagne/softwares/browsers/mozilla.py +++ b/Windows/lazagne/softwares/browsers/mozilla.py @@ -45,7 +45,7 @@ def done(self): class JsonDatabase(Credentials): def __init__(self, profile): - db = profile + os.sep + "logins.json" + db = os.path.join(profile, u'logins.json') super(JsonDatabase, self).__init__(db) def __iter__(self): @@ -53,22 +53,22 @@ def __iter__(self): with open(self.db) as fh: data = json.load(fh) try: - logins = data["logins"] + logins = data['logins'] except: - raise Exception("Unrecognized format in {0}".format(self.db)) + raise Exception('Unrecognized format in {0}'.format(self.db)) for i in logins: - yield (i["hostname"], i["encryptedUsername"], i["encryptedPassword"]) + yield (i['hostname'], i['encryptedUsername'], i['encryptedPassword']) class SqliteDatabase(Credentials): def __init__(self, profile): - db = profile + os.sep + "signons.sqlite" + db = os.path.join(profile, u'signons.sqlite') super(SqliteDatabase, self).__init__(db) self.conn = sqlite3.connect(db) self.c = self.conn.cursor() def __iter__(self): - self.c.execute("SELECT hostname, encryptedUsername, encryptedPassword FROM moz_logins") + self.c.execute('SELECT hostname, encryptedUsername, encryptedPassword FROM moz_logins') for i in self.c: yield i @@ -111,9 +111,9 @@ def __init__(self, isThunderbird = False): def get_path(self, software_name): path = '' if software_name == 'Firefox': - path = '%s\Mozilla\Firefox' % str(constant.profile['APPDATA']) + path = u'%s\Mozilla\Firefox' % constant.profile['APPDATA'] elif software_name == 'Thunderbird': - path = '%s\Thunderbird' % str(constant.profile['APPDATA']) + path = u'%s\Thunderbird' % constant.profile['APPDATA'] return path def manage_advanced_options(self): @@ -288,43 +288,6 @@ def get_firefox_profiles(self, directory): if cp.has_option(section, 'Path'): profile_list.append(os.path.join(directory, cp.get(section, 'Path').strip())) return profile_list - - def save_db(self, userpath): - - # create the folder to save it by profile - relative_path = constant.folder_name + os.sep + 'firefox' - if not os.path.exists(relative_path): - os.makedirs(relative_path) - - relative_path += os.sep + os.path.basename(userpath) - if not os.path.exists(relative_path): - os.makedirs(relative_path) - - # Get the database name - if os.path.exists(userpath + os.sep + 'logins.json'): - dbname = 'logins.json' - elif os.path.exists(userpath + os.sep + 'signons.sqlite'): - dbname = 'signons.sqlite' - - # copy the files (database + key3.db) - try: - ori_db = userpath + os.sep + dbname - dst_db = relative_path + os.sep + dbname - shutil.copyfile(ori_db, dst_db) - print_debug('INFO', '%s has been copied here: %s' % (dbname, dst_db)) - except Exception,e: - print_debug('DEBUG', '{0}'.format(e)) - print_debug('ERROR', '%s has not been copied' % dbname) - - try: - dbname = 'key3.db' - ori_db = userpath + os.sep + dbname - dst_db = relative_path + os.sep + dbname - shutil.copyfile(ori_db, dst_db) - print_debug('INFO', '%s has been copied here: %s' % (dbname, dst_db)) - except Exception,e: - print_debug('DEBUG', '{0}'.format(e)) - print_debug('ERROR', '%s has not been copied' % dbname) # ------------------------------ Master Password Functions ------------------------------ @@ -454,7 +417,7 @@ def run(self, software_name = None): print_debug('WARNING', 'key3 file not found: %s' % self.key3) continue - self.key3 = self.readBsddb(profile + os.sep + 'key3.db') + self.key3 = self.readBsddb(os.path.join(profile, u'key3.db')) if not self.key3: continue diff --git a/Windows/lazagne/softwares/browsers/opera.py b/Windows/lazagne/softwares/browsers/opera.py index ad41e760..42710d67 100755 --- a/Windows/lazagne/softwares/browsers/opera.py +++ b/Windows/lazagne/softwares/browsers/opera.py @@ -16,7 +16,7 @@ def __init__(self): options = {'command': '-o', 'action': 'store_true', 'dest': 'opera', 'help': 'opera'} ModuleInfo.__init__(self, 'opera', 'browsers', options) - self.CIPHERED_FILE = '' + self.CIPHERED_FILE = u'' def run(self, software_name = None): # retrieve opera folder @@ -27,9 +27,9 @@ def run(self, software_name = None): passwords = '' # old versions - if self.CIPHERED_FILE == 'wand.dat': + if self.CIPHERED_FILE == u'wand.dat': # check the use of master password - if not os.path.exists(os.path.join(path, 'operaprefs.ini')): + if not os.path.exists(os.path.join(path, u'operaprefs.ini')): print_debug('WARNING', 'The preference file operaprefs.ini has not been found.') return else: @@ -50,31 +50,30 @@ def run(self, software_name = None): def get_path(self): # version less than 10 - if os.path.exists(constant.profile['APPDATA'] + '\Opera\Opera\profile'): - self.CIPHERED_FILE = 'wand.dat' - return constant.profile['APPDATA'] + '\Opera\Opera\profile' + if os.path.exists(constant.profile['APPDATA'] + u'\Opera\Opera\profile'): + self.CIPHERED_FILE = u'wand.dat' + return constant.profile['APPDATA'] + u'\Opera\Opera\profile' # version more than 10 - if os.path.exists(constant.profile['APPDATA'] + '\Opera\Opera'): - self.CIPHERED_FILE = 'wand.dat' - return constant.profile['APPDATA'] + '\Opera\Opera' + if os.path.exists(constant.profile['APPDATA'] + u'\Opera\Opera'): + self.CIPHERED_FILE = u'wand.dat' + return constant.profile['APPDATA'] + u'\Opera\Opera' # new versions - elif os.path.exists(constant.profile['APPDATA'] + '\Opera Software\Opera Stable'): - self.CIPHERED_FILE = 'Login Data' - return constant.profile['APPDATA'] + '\Opera Software\Opera Stable' - + elif os.path.exists(constant.profile['APPDATA'] + u'\Opera Software\Opera Stable'): + self.CIPHERED_FILE = u'Login Data' + return constant.profile['APPDATA'] + u'\Opera Software\Opera Stable' def decipher_old_version(self, path): salt = '837DFC0F8EB3E86973AFFF' # retrieve wand.dat file - if not os.path.exists(path + os.sep + 'wand.dat'): + if not os.path.exists(os.path.join(path, u'wand.dat')): print_debug('WARNING', 'wand.dat file has not been found.') return # read wand.dat - f = open(path + os.sep + 'wand.dat', 'rb') + f = open(os.path.join(path, u'wand.dat'), 'rb') file = f.read() fileSize = len(file) @@ -117,7 +116,7 @@ def decipher_old_version(self, path): return passwords def decipher_new_version(self, path): - database_path = path + os.sep + 'Login Data' + database_path = os.path.join(path, u'Login Data') if os.path.exists(database_path): # Connect to the Database @@ -139,9 +138,9 @@ def decipher_new_version(self, path): # Decrypt the Password password = Win32CryptUnprotectData(result[2]) if password: - values['URL'] = result[0] - values['Login'] = result[1] - values['Password'] = password + values['URL'] = result[0] + values['Login'] = result[1] + values['Password'] = password pwdFound.append(values) return pwdFound @@ -152,7 +151,7 @@ def masterPasswordUsed(self, path): # the init file is not well defined so lines have to be removed before to parse it cp = RawConfigParser() - f = open(os.path.join(path, 'operaprefs.ini', 'rb')) + f = open(os.path.join(path, u'operaprefs.ini', 'rb')) f.readline() # discard first line while 1: diff --git a/Windows/lazagne/softwares/chats/jitsi.py b/Windows/lazagne/softwares/chats/jitsi.py index d0b93234..2c01aae7 100755 --- a/Windows/lazagne/softwares/chats/jitsi.py +++ b/Windows/lazagne/softwares/chats/jitsi.py @@ -17,12 +17,12 @@ def __init__(self): suboptions = [{'command': '-ma', 'action': 'store', 'dest': 'master_pwd', 'help': 'enter the master password manually', 'title': 'Advanced jitsi option'}] ModuleInfo.__init__(self, 'jitsi', 'chats', options, suboptions, need_to_be_in_env=False) - self.keylen = 16 - self.iterations = 1024 - self.padding = '\f' - self.account_id = '' - self.master_password_used = False - self.masterpass = ' ' + self.keylen = 16 + self.iterations = 1024 + self.padding = '\f' + self.account_id = '' + self.master_password_used = False + self.masterpass = ' ' def get_salt(self): salt_array = [12, 10, 15, 14, 11, 14, 14, 15] @@ -31,7 +31,7 @@ def get_salt(self): return binascii.unhexlify(hexsalt) def get_path(self): - directory = os.path.join(constant.profile['APPDATA'], 'Jitsi', 'sip-communicator.properties') + directory = os.path.join(constant.profile['APPDATA'], u'Jitsi', u'sip-communicator.properties') if os.path.exists(directory): return directory else: @@ -40,7 +40,7 @@ def get_path(self): def get_info(self, file_properties): values = {} - f = open(file_properties,'r') + f = open(file_properties, 'r') line = f.readline() cpt = 0 diff --git a/Windows/lazagne/softwares/chats/pidgin.py b/Windows/lazagne/softwares/chats/pidgin.py index f2402475..5ba43825 100755 --- a/Windows/lazagne/softwares/chats/pidgin.py +++ b/Windows/lazagne/softwares/chats/pidgin.py @@ -10,7 +10,7 @@ def __init__(self): ModuleInfo.__init__(self, 'pidgin', 'chats', options, need_to_be_in_env=False) def run(self, software_name = None): - path = os.path.join(constant.profile['APPDATA'], '.purple', 'accounts.xml') + path = os.path.join(constant.profile['APPDATA'], u'.purple', u'accounts.xml') if os.path.exists(path): tree = ET.ElementTree(file=path) diff --git a/Windows/lazagne/softwares/chats/skype.py b/Windows/lazagne/softwares/chats/skype.py index 0e06f11b..f9f41af3 100755 --- a/Windows/lazagne/softwares/chats/skype.py +++ b/Windows/lazagne/softwares/chats/skype.py @@ -78,7 +78,7 @@ def get_dic_file(self, dictionary_path): words = [] if dictionary_path: try: - dicFile = open (dictionary_path,'r') + dicFile = open (dictionary_path, 'r') except Exception,e: print_debug('DEBUG', '{0}'.format(e)) print_debug('ERROR', 'Unable to open passwords file: %s' % str(dictionary_path)) @@ -103,32 +103,32 @@ def dictionary_attack(self, login, md5): return False def get_username(self, path): - xml_file = os.path.join(path, 'shared.xml') + xml_file = os.path.join(path, u'shared.xml') if os.path.exists(xml_file): tree = ET.ElementTree(file=xml_file) username = tree.find('Lib/Account/Default') try: - return username.text + return unicode(username.text) except: pass return False def get_info(self, key, username, path): - if os.path.exists(os.path.join(path, 'config.xml')): + if os.path.exists(os.path.join(path, u'config.xml')): values = {} try: values['Login'] = username # get encrypted hash from the config file - enc_hex = self.get_hash_credential(os.path.join(path, 'config.xml')) + enc_hex = self.get_hash_credential(os.path.join(path, u'config.xml')) if not enc_hex: print_debug('WARNING', 'No credential stored on the config.xml file.') else: # decrypt the hash to get the md5 to brue force values['Hash'] = self.get_md5_hash(enc_hex, key) - values['shema to bruteforce using md5'] = values['Login'] + '\\nskyper\\n' + values['Pattern to bruteforce using md5'] = unicode(values['Login']) + u'\\nskyper\\n' # Try a dictionary attack on the hash password = self.dictionary_attack(values['Login'], values['Hash']) @@ -141,7 +141,7 @@ def get_info(self, key, username, path): # main function def run(self, software_name = None): - directory = constant.profile['APPDATA'] + '\Skype' + directory = constant.profile['APPDATA'] + u'\Skype' if os.path.exists(directory): # retrieve the key used to build the salt diff --git a/Windows/lazagne/softwares/databases/dbvis.py b/Windows/lazagne/softwares/databases/dbvis.py index be548729..7598f0ea 100755 --- a/Windows/lazagne/softwares/databases/dbvis.py +++ b/Windows/lazagne/softwares/databases/dbvis.py @@ -16,15 +16,15 @@ def __init__(self): options = {'command': '-d', 'action': 'store_true', 'dest': 'dbvis', 'help': 'dbvisualizer'} ModuleInfo.__init__(self, 'dbvis', 'database', options, need_to_be_in_env=False) - self._salt = self.get_salt() - self._passphrase = 'qinda' - self._iteration = 10 + self._salt = self.get_salt() + self._passphrase = 'qinda' + self._iteration = 10 # ---- functions used to decrypt the password ---- def get_salt(self): - salt_array = [-114,18,57,-100,7,114,111,90] - salt = array.array('b', salt_array) - hexsalt = binascii.hexlify(salt) + salt_array = [-114,18,57,-100,7,114,111,90] + salt = array.array('b', salt_array) + hexsalt = binascii.hexlify(salt) return binascii.unhexlify(hexsalt) def get_derived_key(self, password, salt, count): @@ -45,7 +45,7 @@ def decrypt(self, msg): # ---- end of the functions block ---- def get_infos(self, path): - xml_file = os.path.join(path, 'config70/dbvis.xml') + xml_file = os.path.join(path, u'config70/dbvis.xml') if os.path.exists(xml_file): tree = ET.ElementTree(file=xml_file) @@ -64,10 +64,10 @@ def get_infos(self, path): pass try: - ciphered_password = e.find('Password').text - password = self.decrypt(ciphered_password) - values['Password'] = password - passwordFound = True + ciphered_password = e.find('Password').text + password = self.decrypt(ciphered_password) + values['Password'] = password + passwordFound = True except: pass @@ -95,7 +95,7 @@ def get_infos(self, path): return pwdFound def get_application_path(self): - path = os.path.join(constant.profile['HOMEPATH'], '.dbvis') + path = os.path.join(constant.profile['HOMEPATH'], u'.dbvis') if os.path.exists(path): return path else: diff --git a/Windows/lazagne/softwares/databases/robomongo.py b/Windows/lazagne/softwares/databases/robomongo.py index d9fb40e8..996de635 100755 --- a/Windows/lazagne/softwares/databases/robomongo.py +++ b/Windows/lazagne/softwares/databases/robomongo.py @@ -10,8 +10,8 @@ class Robomongo(ModuleInfo): def __init__(self): options = {'command': '-rbm', 'action': 'store_true', 'dest': 'robomongo', 'help': 'robomongo'} ModuleInfo.__init__(self, 'robomongo', 'database', options) - self.connections_file_location = constant.profile['USERPROFILE'] + "\\.config\\robomongo" - self.connections_file_name = "robomongo.json" + self.connections_file_location = constant.profile['USERPROFILE'] + u'\\.config\\robomongo' + self.connections_file_name = u'robomongo.json' def read_file_content(self, file_path): """ @@ -23,7 +23,7 @@ def read_file_content(self, file_path): """ content = "" if isfile(file_path): - with open(file_path, "r") as file_handle: + with open(file_path, 'r') as file_handle: content = file_handle.read() return content diff --git a/Windows/lazagne/softwares/databases/sqldeveloper.py b/Windows/lazagne/softwares/databases/sqldeveloper.py index a0db3494..f974518c 100755 --- a/Windows/lazagne/softwares/databases/sqldeveloper.py +++ b/Windows/lazagne/softwares/databases/sqldeveloper.py @@ -15,14 +15,14 @@ def __init__(self): options = {'command': '-s', 'action': 'store_true', 'dest': 'sqldeveloper', 'help': 'sqldeveloper'} ModuleInfo.__init__(self, 'sqldeveloper', 'database', options, need_to_be_in_env=False) - self._salt = self.get_salt() - self._passphrase = None - self._iteration = 42 + self._salt = self.get_salt() + self._passphrase = None + self._iteration = 42 def get_salt(self): - salt_array = [5, 19, -103, 66, -109, 114, -24, -83] - salt = array.array('b', salt_array) - hexsalt = binascii.hexlify(salt) + salt_array = [5, 19, -103, 66, -109, 114, -24, -83] + salt = array.array('b', salt_array) + hexsalt = binascii.hexlify(salt) return binascii.unhexlify(hexsalt) def get_iteration(self): @@ -36,17 +36,17 @@ def get_derived_key(self, password, salt, count): return (key[:8], key[8:]) def decrypt(self, msg): - enc_text = base64.b64decode(msg) - (dk, iv) = self.get_derived_key(self._passphrase, self._salt, self._iteration) - crypter = DES.new(dk, DES.MODE_CBC, iv) - text = crypter.decrypt(enc_text) + enc_text = base64.b64decode(msg) + (dk, iv) = self.get_derived_key(self._passphrase, self._salt, self._iteration) + crypter = DES.new(dk, DES.MODE_CBC, iv) + text = crypter.decrypt(enc_text) return re.sub(r'[\x01-\x08]','',text) def get_application_path(self): - directory = os.path.join(constant.profile['APPDATA'], 'SQL Developer') + directory = os.path.join(constant.profile['APPDATA'], u'SQL Developer') if os.path.exists(directory): for d in os.listdir(directory): - if d.startswith('system'): + if d.startswith(u'system'): directory += os.sep + d return directory return 'SQL_NO_PASSWD' @@ -56,11 +56,11 @@ def get_application_path(self): def get_passphrase(self, path): for p in os.listdir(path): - if p.startswith('o.sqldeveloper.12'): + if p.startswith(u'o.sqldeveloper.12'): path += os.sep + p break - xml_file = path + os.sep + 'product-preferences.xml' + xml_file = os.path.join(path, u'product-preferences.xml') if os.path.exists(xml_file): tree = ET.ElementTree(file=xml_file) for elem in tree.iter(): @@ -73,11 +73,11 @@ def get_passphrase(self, path): def get_infos(self, path): for p in os.listdir(path): - if p.startswith('o.jdeveloper.db.connection'): + if p.startswith(u'o.jdeveloper.db.connection'): path += os.sep + p break - xml_file = os.path.join(path, 'connections.xml') + xml_file = os.path.join(path, u'connections.xml') if os.path.exists(xml_file): tree = ET.ElementTree(file=xml_file) pwdFound = [] diff --git a/Windows/lazagne/softwares/databases/squirrel.py b/Windows/lazagne/softwares/databases/squirrel.py index dcd035a9..f101614a 100755 --- a/Windows/lazagne/softwares/databases/squirrel.py +++ b/Windows/lazagne/softwares/databases/squirrel.py @@ -10,7 +10,7 @@ def __init__(self): ModuleInfo.__init__(self, 'squirrel', 'database', options) def get_application_path(self): - path = os.path.join(constant.profile['USERPROFILE'], '.squirrel-sql') + path = os.path.join(constant.profile['USERPROFILE'], u'.squirrel-sql') if os.path.exists(path): return path else: @@ -45,7 +45,7 @@ def run(self, software_name = None): if not path: print_debug('INFO', 'Squirrel not installed') else: - path = os.path.join(path, 'SQLAliases23.xml') + path = os.path.join(path, u'SQLAliases23.xml') if os.path.exists(path): return self.parse_xml(path) else: diff --git a/Windows/lazagne/softwares/games/galconfusion.py b/Windows/lazagne/softwares/games/galconfusion.py index d6d4752b..ebdc6203 100755 --- a/Windows/lazagne/softwares/games/galconfusion.py +++ b/Windows/lazagne/softwares/games/galconfusion.py @@ -26,8 +26,8 @@ def run(self, software_name = None): print_debug('INFO', 'Steam does not appear to be installed.') return - steampath = results[0] - userdata = steampath + '\\userdata' + steampath = unicode(results[0]) + userdata = steampath + u'\\userdata' # Check that we have a userdata directory if not os.path.exists(userdata): @@ -38,7 +38,7 @@ def run(self, software_name = None): files = os.listdir(userdata) for file in files: - filepath = userdata + '\\' + file + '\\44200\\remote\\galcon.cfg' + filepath = userdata + u'\\' + unicode(file) + u'\\44200\\remote\\galcon.cfg' if not os.path.exists(filepath): continue diff --git a/Windows/lazagne/softwares/games/kalypsomedia.py b/Windows/lazagne/softwares/games/kalypsomedia.py index eb4cd67d..103b3f9c 100755 --- a/Windows/lazagne/softwares/games/kalypsomedia.py +++ b/Windows/lazagne/softwares/games/kalypsomedia.py @@ -16,9 +16,9 @@ def xorstring(self, s, k): return "".join(chr(ord(x) ^ ord(y)) for x, y in zip(s,k)) def run(self, software_name = None): - creds = [] - key = 'lwSDFSG34WE8znDSmvtwGSDF438nvtzVnt4IUv89' - inifile = constant.profile['APPDATA'] + '\\Kalypso Media\\Launcher\\launcher.ini' + creds = [] + key = 'lwSDFSG34WE8znDSmvtwGSDF438nvtzVnt4IUv89' + inifile = constant.profile['APPDATA'] + u'\\Kalypso Media\\Launcher\\launcher.ini' # The actual user details are stored in *.userdata files if not os.path.exists(inifile): diff --git a/Windows/lazagne/softwares/games/roguestale.py b/Windows/lazagne/softwares/games/roguestale.py index 7ebec085..3544617b 100755 --- a/Windows/lazagne/softwares/games/roguestale.py +++ b/Windows/lazagne/softwares/games/roguestale.py @@ -11,8 +11,8 @@ def __init__(self): ModuleInfo.__init__(self, 'roguestale', 'games', options, need_to_be_in_env=False) def run(self, software_name = None): - creds = [] - directory = constant.profile['USERPROFILE'] + '\\Documents\\Rogue\'s Tale\\users' + creds = [] + directory = constant.profile['USERPROFILE'] + u'\\Documents\\Rogue\'s Tale\\users' # The actual user details are stored in *.userdata files if not os.path.exists(directory): diff --git a/Windows/lazagne/softwares/games/turba.py b/Windows/lazagne/softwares/games/turba.py index c8692710..ca1f4d7e 100755 --- a/Windows/lazagne/softwares/games/turba.py +++ b/Windows/lazagne/softwares/games/turba.py @@ -26,15 +26,15 @@ def run(self, software_name = None): print_debug('INFO', 'Steam does not appear to be installed.') return - steampath = results[0] - steamapps = steampath + '\\SteamApps\common' + steampath = unicode(results[0]) + steamapps = steampath + u'\\SteamApps\common' # Check that we have a SteamApps directory if not os.path.exists(steamapps): print_debug('ERROR', 'Steam doesn\'t have a SteamApps directory.') return - filepath = steamapps + '\\Turba\\Assets\\Settings.bin' + filepath = steamapps + u'\\Turba\\Assets\\Settings.bin' if not os.path.exists(filepath): print_debug('INFO', 'Turba doesn\'t appear to be installed.') diff --git a/Windows/lazagne/softwares/git/gitforwindows.py b/Windows/lazagne/softwares/git/gitforwindows.py index 7974b119..edef6db2 100755 --- a/Windows/lazagne/softwares/git/gitforwindows.py +++ b/Windows/lazagne/softwares/git/gitforwindows.py @@ -43,11 +43,11 @@ def run(self, software_name = None): # According to the "git-credential-store" documentation: # Build a list of locations in which git credentials can be stored locations = [ - constant.profile["USERPROFILE"] + "\\.git-credentials", - constant.profile["USERPROFILE"] + "\\.config\\git\\credentials" + constant.profile["USERPROFILE"] + u'\\.git-credentials', + constant.profile["USERPROFILE"] + u'\\.config\\git\\credentials' ] if "XDG_CONFIG_HOME" in os.environ: - locations.append(os.environ.get("XDG_CONFIG_HOME") + "\\git\\credentials") + locations.append(unicode(os.environ.get('XDG_CONFIG_HOME')) + u'\\git\\credentials') # Apply the password extraction on the defined locations pwd_found = [] diff --git a/Windows/lazagne/softwares/maven/mavenrepositories.py b/Windows/lazagne/softwares/maven/mavenrepositories.py index 5ff3ebf8..b9f4f079 100755 --- a/Windows/lazagne/softwares/maven/mavenrepositories.py +++ b/Windows/lazagne/softwares/maven/mavenrepositories.py @@ -22,7 +22,7 @@ def extract_master_password(self): :return: The master password value or None if no master password exists. """ master_password = None - master_password_file_location = constant.profile["USERPROFILE"] + "\\.m2\\settings-security.xml" + master_password_file_location = constant.profile["USERPROFILE"] + u'\\.m2\\settings-security.xml' if os.path.isfile(master_password_file_location): try: config = ET.parse(master_password_file_location).getroot() @@ -45,7 +45,7 @@ def extract_repositories_credentials(self): :return: List of dict in which one dict contains all information for a repository. """ repos_creds = [] - maven_settings_file_location = constant.profile["USERPROFILE"] + "\\.m2\\settings.xml" + maven_settings_file_location = constant.profile["USERPROFILE"] + u'\\.m2\\settings.xml' if os.path.isfile(maven_settings_file_location): try: settings = ET.parse(maven_settings_file_location).getroot() diff --git a/Windows/lazagne/softwares/memory/keethief.py b/Windows/lazagne/softwares/memory/keethief.py index 86660702..26d3987c 100755 --- a/Windows/lazagne/softwares/memory/keethief.py +++ b/Windows/lazagne/softwares/memory/keethief.py @@ -82,9 +82,9 @@ def launch_keeThief(self): def check_if_version_2x(self): p = psutil.Process(self._pid) - dirname = os.path.dirname(p.exe()) + dirname = os.path.dirname(unicode(p.exe())) # version 1 use an ini configuration file - if os.path.exists(os.path.join(dirname, 'KeePass.config.xml')): + if os.path.exists(os.path.join(dirname, u'KeePass.config.xml')): return True else: return False diff --git a/Windows/lazagne/softwares/memory/memorydump.py b/Windows/lazagne/softwares/memory/memorydump.py index 5ccaf969..68c72d42 100755 --- a/Windows/lazagne/softwares/memory/memorydump.py +++ b/Windows/lazagne/softwares/memory/memorydump.py @@ -26,35 +26,35 @@ # "(?Phttp[s]?:\/\/[a-zA-Z0-9-]{1,61}(\.[a-zA-Z]{2,})+)" # ] -password_regex=[ - ("Gmail","&Email=(?P.{1,99})?&Passwd=(?P.{1,99})?&PersistentCookie="), - ("Dropbox","login_email=(?P.{1,99})&login_password=(?P.{1,99})&"), - ("SalesForce","&display=page&username=(?P.{1,32})&pw=(?P.{1,16})&Login="), - ("Office365","login=(?P.{1,32})&passwd=(?P.{1,22})&PPSX="), - ("MicrosoftOneDrive","login=(?P.{1,42})&passwd=(?P.{1,22})&type=.{1,2}&PPFT="), - ("PayPal","login_email=(?P.{1,48})&login_password=(?P.{1,16})&submit=Log\+In&browser_name"), - ("awsWebServices","&email=(?P.{1,48})&create=.{1,2}&password=(?P.{1,22})&metadata1="), - ("OutlookWeb","&username=(?P.{1,48})&password=(?P.{1,48})&passwordText"), - ("Slack","&crumb=.{1,70}&email=(?P.{1,50})&password=(?P.{1,48})"), - ("CitrixOnline","emailAddress=(?P.{1,50})&password=(?P.{1,50})&submit"), - ("Xero ","fragment=&userName=(?P.{1,32})&password=(?P.{1,22})&__RequestVerificationToken="), - ("MYOB","UserName=(?P.{1,50})&Password=(?P.{1,50})&RememberMe="), - ("JuniperSSLVPN","tz_offset=-.{1,6}&username=(?P.{1,22})&password=(?P.{1,22})&realm=.{1,22}&btnSubmit="), - ("Twitter","username_or_email%5D=(?P.{1,42})&session%5Bpassword%5D=(?P.{1,22})&remember_me="), - ("Facebook","lsd=.{1,10}&email=(?P.{1,42})&pass=(?P.{1,22})&(?:default_)?persistent="), - ("LinkedIN","session_key=(?P.{1,50})&session_password=(?P.{1,50})&isJsEnabled"), - ("Malwr","&username=(?P.{1,32})&password=(?P.{1,22})&next="), - ("VirusTotal","password=(?P.{1,22})&username=(?P.{1,42})&next=%2Fen%2F&response_format=json"), - ("AnubisLabs","username=(?P.{1,42})&password=(?P.{1,22})&login=login"), - ("CitrixNetScaler","login=(?P.{1,22})&passwd=(?P.{1,42})"), - ("RDPWeb","DomainUserName=(?P.{1,52})&UserPass=(?P.{1,42})&MachineType"), - ("JIRA","username=(?P.{1,50})&password=(?P.{1,50})&rememberMe"), - ("Redmine","username=(?P.{1,50})&password=(?P.{1,50})&login=Login"), - ("Github","%3D%3D&login=(?P.{1,50})&password=(?P.{1,50})"), - ("BugZilla","Bugzilla_login=(?P.{1,50})&Bugzilla_password=(?P.{1,50})"), - ("Zendesk","user%5Bemail%5D=(?P.{1,50})&user%5Bpassword%5D=(?P.{1,50})"), - ("Cpanel","user=(?P.{1,50})&pass=(?P.{1,50})"), -] +# password_regex=[ +# ("Gmail","&Email=(?P.{1,99})?&Passwd=(?P.{1,99})?&PersistentCookie="), +# ("Dropbox","login_email=(?P.{1,99})&login_password=(?P.{1,99})&"), +# ("SalesForce","&display=page&username=(?P.{1,32})&pw=(?P.{1,16})&Login="), +# ("Office365","login=(?P.{1,32})&passwd=(?P.{1,22})&PPSX="), +# ("MicrosoftOneDrive","login=(?P.{1,42})&passwd=(?P.{1,22})&type=.{1,2}&PPFT="), +# ("PayPal","login_email=(?P.{1,48})&login_password=(?P.{1,16})&submit=Log\+In&browser_name"), +# ("awsWebServices","&email=(?P.{1,48})&create=.{1,2}&password=(?P.{1,22})&metadata1="), +# ("OutlookWeb","&username=(?P.{1,48})&password=(?P.{1,48})&passwordText"), +# ("Slack","&crumb=.{1,70}&email=(?P.{1,50})&password=(?P.{1,48})"), +# ("CitrixOnline","emailAddress=(?P.{1,50})&password=(?P.{1,50})&submit"), +# ("Xero ","fragment=&userName=(?P.{1,32})&password=(?P.{1,22})&__RequestVerificationToken="), +# ("MYOB","UserName=(?P.{1,50})&Password=(?P.{1,50})&RememberMe="), +# ("JuniperSSLVPN","tz_offset=-.{1,6}&username=(?P.{1,22})&password=(?P.{1,22})&realm=.{1,22}&btnSubmit="), +# ("Twitter","username_or_email%5D=(?P.{1,42})&session%5Bpassword%5D=(?P.{1,22})&remember_me="), +# ("Facebook","lsd=.{1,10}&email=(?P.{1,42})&pass=(?P.{1,22})&(?:default_)?persistent="), +# ("LinkedIN","session_key=(?P.{1,50})&session_password=(?P.{1,50})&isJsEnabled"), +# ("Malwr","&username=(?P.{1,32})&password=(?P.{1,22})&next="), +# ("VirusTotal","password=(?P.{1,22})&username=(?P.{1,42})&next=%2Fen%2F&response_format=json"), +# ("AnubisLabs","username=(?P.{1,42})&password=(?P.{1,22})&login=login"), +# ("CitrixNetScaler","login=(?P.{1,22})&passwd=(?P.{1,42})"), +# ("RDPWeb","DomainUserName=(?P.{1,52})&UserPass=(?P.{1,42})&MachineType"), +# ("JIRA","username=(?P.{1,50})&password=(?P.{1,50})&rememberMe"), +# ("Redmine","username=(?P.{1,50})&password=(?P.{1,50})&login=Login"), +# ("Github","%3D%3D&login=(?P.{1,50})&password=(?P.{1,50})"), +# ("BugZilla","Bugzilla_login=(?P.{1,50})&Bugzilla_password=(?P.{1,50})"), +# ("Zendesk","user%5Bemail%5D=(?P.{1,50})&user%5Bpassword%5D=(?P.{1,50})"), +# ("Cpanel","user=(?P.{1,50})&pass=(?P.{1,50})"), +# ] browser_list=["iexplore.exe", "firefox.exe", "chrome.exe", "opera.exe", "MicrosoftEdge.exe", "microsoftedgecp.exe"] keepass_process = 'keepass.exe' @@ -98,7 +98,7 @@ def run(self, software_name = None): if k.run(process.get('pid')): pwdFound.append( { - 'Catehory' : 'KeePass', + 'Category' : 'KeePass', 'KeyType' : constant.keepass['KeyType'], 'Login' : constant.keepass['Database'], 'Password' : constant.keepass['Password'] diff --git a/Windows/lazagne/softwares/php/composer.py b/Windows/lazagne/softwares/php/composer.py index eb89db1e..0dfb92de 100755 --- a/Windows/lazagne/softwares/php/composer.py +++ b/Windows/lazagne/softwares/php/composer.py @@ -45,8 +45,8 @@ def run(self, software_name=None): # See "https://seld.be/notes/authentication-management-in-composer" location = '' tmp_location = [ - constant.profile["COMPOSER_HOME"] + "\\auth.json", - constant.profile["APPDATA"] + "\\Composer\\auth.json" + constant.profile["COMPOSER_HOME"] + u'\\auth.json', + constant.profile["APPDATA"] + u'\\Composer\\auth.json' ] for tmp in tmp_location: if os.path.isfile(tmp): diff --git a/Windows/lazagne/softwares/svn/tortoise.py b/Windows/lazagne/softwares/svn/tortoise.py index 95857f8d..2b521588 100755 --- a/Windows/lazagne/softwares/svn/tortoise.py +++ b/Windows/lazagne/softwares/svn/tortoise.py @@ -14,7 +14,7 @@ def __init__(self): def run(self, software_name = None): pwdFound = [] - file_path = os.path.join(constant.profile["APPDATA"], 'Subversion\\auth\\svn.simple') + file_path = os.path.join(constant.profile["APPDATA"], u'Subversion\\auth\\svn.simple') if os.path.exists(file_path): for root, dirs, files in os.walk(file_path + os.sep): for name_file in files: diff --git a/Windows/lazagne/softwares/sysadmin/apachedirectorystudio.py b/Windows/lazagne/softwares/sysadmin/apachedirectorystudio.py index 4726d3fe..5a4fd9d2 100755 --- a/Windows/lazagne/softwares/sysadmin/apachedirectorystudio.py +++ b/Windows/lazagne/softwares/sysadmin/apachedirectorystudio.py @@ -20,7 +20,7 @@ def extract_connections_credentials(self): :return: List of dict in which one dict contains all information for a connection. """ repos_creds = [] - connection_file_location = os.path.join(constant.profile["USERPROFILE"], ".ApacheDirectoryStudio\\.metadata\\.plugins\\org.apache.directory.studio.connection.core\\connections.xml") + connection_file_location = os.path.join(constant.profile["USERPROFILE"], u'.ApacheDirectoryStudio\\.metadata\\.plugins\\org.apache.directory.studio.connection.core\\connections.xml') if os.path.isfile(connection_file_location): try: connections = ET.parse(connection_file_location).getroot() diff --git a/Windows/lazagne/softwares/sysadmin/cyberduck.py b/Windows/lazagne/softwares/sysadmin/cyberduck.py index afd417e4..edeac34d 100755 --- a/Windows/lazagne/softwares/sysadmin/cyberduck.py +++ b/Windows/lazagne/softwares/sysadmin/cyberduck.py @@ -13,12 +13,12 @@ def __init__(self): # find the user.config file containing passwords def get_application_path(self): - directory = os.path.join(constant.profile['APPDATA'], '\Cyberduck') + directory = os.path.join(constant.profile['APPDATA'], u'\Cyberduck') if os.path.exists(directory): - for dir in os.listdir(directory): - if dir.startswith('Cyberduck'): - for d in os.listdir(directory + os.sep + dir): - path = directory + os.sep + dir + os.sep + d + os.sep + 'user.config' + for dr in os.listdir(directory): + if dr.startswith(u'Cyberduck'): + for d in os.listdir(os.path.join(directory, unicode(dr))): + path = os.path.join(directory, unicode(dr), unicode(d), u'user.config') if os.path.exists(path): return path diff --git a/Windows/lazagne/softwares/sysadmin/filezilla.py b/Windows/lazagne/softwares/sysadmin/filezilla.py index e446a580..948b47b5 100755 --- a/Windows/lazagne/softwares/sysadmin/filezilla.py +++ b/Windows/lazagne/softwares/sysadmin/filezilla.py @@ -11,19 +11,19 @@ def __init__(self): ModuleInfo.__init__(self, 'filezilla', 'sysadmin', options, need_to_be_in_env=False) def run(self, software_name = None): - directory = os.path.join(constant.profile['APPDATA'], '\FileZilla') + directory = os.path.join(constant.profile['APPDATA'], u'\FileZilla') interesting_xml_file = [] info_xml_file = [] - if os.path.exists(os.path.join(directory, 'sitemanager.xml')): + if os.path.exists(os.path.join(directory, u'sitemanager.xml')): interesting_xml_file.append('sitemanager.xml') info_xml_file.append('Stores all saved sites server info including password in plaintext') - if os.path.exists(os.path.join(directory, 'recentservers.xml')): + if os.path.exists(os.path.join(directory, u'recentservers.xml')): interesting_xml_file.append('recentservers.xml') info_xml_file.append('Stores all recent server info including password in plaintext') - if os.path.exists(os.path.join(directory, 'filezilla.xml')): + if os.path.exists(os.path.join(directory, u'filezilla.xml')): interesting_xml_file.append('filezilla.xml') info_xml_file.append('Stores most recent server info including password in plaintext') @@ -34,7 +34,7 @@ def run(self, software_name = None): for i in range(len(interesting_xml_file)): print_debug('INFO', '%s: %s' % (interesting_xml_file[i], info_xml_file[i])) - xml_file = os.path.expanduser(directory + os.sep + interesting_xml_file[i]) + xml_file = os.path.expanduser(os.path.join(directory, interesting_xml_file[i])) tree = ET.ElementTree(file=xml_file) root = tree.getroot() diff --git a/Windows/lazagne/softwares/sysadmin/ftpnavigator.py b/Windows/lazagne/softwares/sysadmin/ftpnavigator.py index f4ea50ee..cd8c2647 100755 --- a/Windows/lazagne/softwares/sysadmin/ftpnavigator.py +++ b/Windows/lazagne/softwares/sysadmin/ftpnavigator.py @@ -44,7 +44,7 @@ def read_file(self, filepath): return pwdFound def run(self, software_name = None): - path = os.path.join(constant.profile['HOMEDRIVE'], 'FTP Navigator\\Ftplist.txt') + path = os.path.join(constant.profile['HOMEDRIVE'], u'FTP Navigator\\Ftplist.txt') if os.path.exists(path): return self.read_file(path) else: diff --git a/Windows/lazagne/softwares/sysadmin/opensshforwindows.py b/Windows/lazagne/softwares/sysadmin/opensshforwindows.py index 4bbaeb0c..a1368326 100755 --- a/Windows/lazagne/softwares/sysadmin/opensshforwindows.py +++ b/Windows/lazagne/softwares/sysadmin/opensshforwindows.py @@ -3,15 +3,14 @@ from lazagne.config.constant import * from Crypto.PublicKey import RSA from Crypto.PublicKey import DSA -from os.path import isdir, isfile, join -from os import environ, walk +import os class OpenSSHForWindows(ModuleInfo): def __init__(self): options = {'command': '-winssh', 'action': 'store_true', 'dest': 'opensshforwindows', 'help': 'OpenSSH for Windows'} ModuleInfo.__init__(self, 'opensshforwindows', 'sysadmin', options) - self.key_files_location = constant.profile["USERPROFILE"] + "\\.ssh" + self.key_files_location = os.path.join(constant.profile["USERPROFILE"], u'.ssh') def is_private_key_unprotected(self, key_content_encoded, key_algorithm): """ @@ -46,11 +45,11 @@ def extract_private_keys_unprotected(self): :return: List of encoded key (key file content) """ keys = [] - if isdir(self.key_files_location): - for (dirpath, dirnames, filenames) in walk(self.key_files_location, followlinks=True): + if os.path.isdir(self.key_files_location): + for (dirpath, dirnames, filenames) in os.walk(self.key_files_location, followlinks=True): for f in filenames: - key_file_path = join(dirpath, f) - if isfile(key_file_path): + key_file_path = os.path.join(dirpath, f) + if os.path.isfile(key_file_path): try: # Read encoded content of the key with open(key_file_path, "r") as key_file: diff --git a/Windows/lazagne/softwares/sysadmin/puttycm.py b/Windows/lazagne/softwares/sysadmin/puttycm.py index aebbcc11..99b20b4f 100755 --- a/Windows/lazagne/softwares/sysadmin/puttycm.py +++ b/Windows/lazagne/softwares/sysadmin/puttycm.py @@ -26,7 +26,7 @@ def run(self, software_name = None): def get_default_database(self): key = OpenKey(HKEY_CURRENT_USER, 'Software\\ACS\\PuTTY Connection Manager') - db = str(_winreg.QueryValueEx(key, 'DefaultDatabase')[0]) + db = unicode(_winreg.QueryValueEx(key, 'DefaultDatabase')[0]) _winreg.CloseKey(key) if db: return db diff --git a/Windows/lazagne/softwares/sysadmin/rdpmanager.py b/Windows/lazagne/softwares/sysadmin/rdpmanager.py index 7d209734..666ce29a 100755 --- a/Windows/lazagne/softwares/sysadmin/rdpmanager.py +++ b/Windows/lazagne/softwares/sysadmin/rdpmanager.py @@ -84,8 +84,8 @@ def parse_xml(self, setting): def run(self, software_name = None): settings = [ - '%s\\Microsoft Corporation\\Remote Desktop Connection Manager\\RDCMan.settings' % constant.profile['LOCALAPPDATA'], - '%s\\Microsoft\\Remote Desktop Connection Manager\\RDCMan.settings' % constant.profile['LOCALAPPDATA'] + os.path.join(constant.profile['LOCALAPPDATA'], u'Microsoft Corporation\\Remote Desktop Connection Manager\\RDCMan.settings'), + os.path.join(constant.profile['LOCALAPPDATA'], u'Microsoft\\Remote Desktop Connection Manager\\RDCMan.settings') ] for setting in settings: diff --git a/Windows/lazagne/softwares/sysadmin/unattended.py b/Windows/lazagne/softwares/sysadmin/unattended.py index 54cc44d5..67a99dda 100755 --- a/Windows/lazagne/softwares/sysadmin/unattended.py +++ b/Windows/lazagne/softwares/sysadmin/unattended.py @@ -23,20 +23,20 @@ def run(self, software_name = None): return constant.checkUnattended = True - windir = os.path.join(constant.profile['HOMEDRIVE'], '\Windows') + windir = os.path.join(constant.profile['HOMEDRIVE'], unicode(os.sep), u'Windows') files = [ - "\Panther\Unattend.xml", - "\Panther\Unattended.xml", - "\Panther\Unattend\Unattended.xml", - "\Panther\Unattend\Unattend.xml", - "\System32\Sysprep\unattend.xml", - "\System32\Sysprep\Panther\unattend.xml" + 'Panther\Unattend.xml', + 'Panther\Unattended.xml', + 'Panther\Unattend\Unattended.xml', + 'Panther\Unattend\Unattend.xml', + 'System32\Sysprep\unattend.xml', + 'System32\Sysprep\Panther\unattend.xml' ] pwdFound = [] xmlns = '{urn:schemas-microsoft-com:unattend}' for file in files: - path = '%s%s' % (windir, file) + path = os.path.join(windir, unicode(file)) if os.path.exists(path): print_debug('INFO', 'Unattended file found: %s' % path) tree = ET.ElementTree(file=path) diff --git a/Windows/lazagne/softwares/sysadmin/winscp.py b/Windows/lazagne/softwares/sysadmin/winscp.py index 331f5da7..99319951 100755 --- a/Windows/lazagne/softwares/sysadmin/winscp.py +++ b/Windows/lazagne/softwares/sysadmin/winscp.py @@ -88,8 +88,8 @@ def get_logins_info(self): except Exception,e: print_debug('DEBUG', '{0}'.format(e)) - values['URL'] = self.hostname - values['Port'] = port + values['URL'] = self.hostname + values['Port'] = port values['Login'] = self.username pwdFound.append(values) diff --git a/Windows/lazagne/softwares/wifi/wifi.py b/Windows/lazagne/softwares/wifi/wifi.py index fc965ebd..4828f1f8 100755 --- a/Windows/lazagne/softwares/wifi/wifi.py +++ b/Windows/lazagne/softwares/wifi/wifi.py @@ -20,7 +20,7 @@ def run(self, software_name = None): print_debug('WARNING', '[!] This script should be run as admin!') return else: - directory = constant.profile['ALLUSERSPROFILE'] + os.sep + 'Microsoft\Wlansvc\Profiles\Interfaces' + directory = os.path.join(constant.profile['ALLUSERSPROFILE'], u'Microsoft\Wlansvc\Profiles\Interfaces') # for windows Vista or higher if os.path.exists(directory):