LaZagne v2.4.3 releases: Credentials recovery project
The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software.
The Lazagne project has been added to pupy as a post-exploitation module. Python code will be interpreted in memory without touching the disk and it works on Windows and Linux host. The last Linux release is not up to date so I recommend using pupy to use it.
- Windows / Linux / Mac
- Big code review and lots of bug fixed
- PEP8 Style (thanks to @ingested)
- Pycrypto denpendency removed
- Work with Python 3
- Removing external libs to decrypt KDE secrets (only use dbus)
- Bug fix
Standalones are now available here.
- Retrieve version
- Launch all modules
- Launch only a specific module
- Launch only a specific software script
- Write all passwords found into a file (-oN for Normal txt, -oJ for Json, -oA for All)
- Get help
- Use a file for dictionary attacks (used only when it’s necessary: Mozilla masterpassword, system hahes, etc.). The file has to be a wordlist in cleartext (no rainbow), it has not been optimized to be fast but could use for basic passwords.
- Change verbosity mode (2 different levels)
- Quiet mode (nothing will be printed on the standard output)
- Retrieve passwords on another drive (default: C)
Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication / sudo)
(*) used by many tools to store passwords: Chrome, Owncloud, Evolution, KMail, etc.
Please refer to the wiki before opening an issue to understand how to compile the project or to develop a new module.