def run(self):
"""
Main function
"""
pwd_found = []
profile_list = (
item for sublist in (
self.get_firefox_profiles(path) for path in homes.get(directory=self.path)
) for item in sublist
)
for profile in profile_list:
self.info(u'Profile path found: {profile}'.format(profile=profile))
for key in self.get_key(profile):
credentials = self.get_login_data(profile)
for user, password, url in credentials:
try:
pwd_found.append(
{
'URL': url,
'Login': self.decrypt(key=key, iv=user[1], ciphertext=user[2]),
'Password': self.decrypt(key=key, iv=password[1], ciphertext=password[2]),
}
)
except Exception:
self.debug(u'An error occured decrypting the password: {error}'.format(
error=traceback.format_exc()))
return pwd_found
def run(self, software_name=None):
pwdFound = []
try:
pwdTab = self.check_if_pidgin_started()
if pwdTab != False:
pwdFound = pwdTab
except:
pass
for path in homes.get(file=os.path.join('.purple', 'accounts.xml')):
tree = ET.ElementTree(file=path)
root = tree.getroot()
accounts = root.getchildren()
for a in accounts:
values = {}
aa = a.getchildren()
for tag in aa:
cpt = 0
if tag.tag == 'name':
cpt = 1
values['Login'] = tag.text
if tag.tag == 'password':
values['Password'] = tag.text
if len(values) != 0:
pwdFound.append(values)
return pwdFound
def get_paths(self, software_name):
path = ''
if software_name == 'Firefox':
path = os.path.expanduser(".mozilla/firefox")
elif software_name == 'Thunderbird':
path = os.path.expanduser(".thunderbird")
return homes.get(dir=path)
def run(self):
"""
Main function
"""
pwd_found = []
profile_list = (
item for sublist in (
self.get_firefox_profiles(path) for path in homes.get(directory=self.path)
) for item in sublist
)
for profile in profile_list:
self.info(u'Profile path found: {profile}'.format(profile=profile))
credentials = self.get_login_data(profile)
if credentials:
for key in self.get_key(profile):
for user, password, url in credentials:
try:
pwd_found.append(
{
'URL': url,
'Login': self.decrypt(key=key, iv=user[1], ciphertext=user[2]).decode('utf8'),
'Password': self.decrypt(key=key, iv=password[1], ciphertext=password[2]).decode('utf8'),
}
)
except Exception:
self.debug(u'An error occured decrypting the password: {error}'.format(
error=traceback.format_exc()))
else:
self.info(u'Database empty')
return pwd_found
def get_paths(self, software_name):
path = ''
if software_name == 'Firefox':
path = os.path.expanduser(".mozilla/firefox")
elif software_name == 'Thunderbird':
path = os.path.expanduser(".thunderbird")
return homes.get(dir=path)
def extract_connections_credentials(self):
"""
Extract all connection's credentials.
:return: List of dict in which one dict contains all information for a connection.
"""
repos_creds = []
for connection_file_directory in homes.get(directory=u'.ApacheDirectoryStudio'):
connection_file_location = os.path.join(connection_file_directory, u'.metadata/.plugins/org.apache.directory.studio.connection.core/connections.xml')
if os.path.isfile(connection_file_location):
try:
connections = parse(connection_file_location).getroot()
connection_nodes = connections.findall(".//connection")
for connection_node in connection_nodes:
creds = {}
for connection_attr_name in connection_node.attrib:
if connection_attr_name in self.attr_to_extract:
creds[connection_attr_name] = connection_node.attrib[connection_attr_name].strip()
if creds:
repos_creds.append(creds)
except Exception as e:
self.error(u"Cannot retrieve connections credentials '%s'" % e)
return repos_creds
def run(self, software_name=None):
all_passwords = []
salt = self.get_salt()
for path in homes.get(dir='.sqldeveloper'):
mainPath = self.get_mainPath(path)
if mainPath == 'SQL_NOT_EXISTS':
print_debug('INFO', 'SQL Developer not installed.')
continue
elif mainPath == 'SQL_NO_PASSWD':
print_debug('INFO', 'No passwords found.')
continue
else:
passphrase = self.get_passphrase(mainPath)
if passphrase == 'Not_Found':
print_debug(
'WARNING',
'The passphrase used to encrypt has not been found.')
continue
elif passphrase == 'xml_Not_Found':
print_debug(
'WARNING',
'The xml file containing the passphrase has not been found.'
)
continue
else:
all_passwords += self.get_infos(mainPath, passphrase, salt)
return all_passwords
def run(self, software_name = None):
all_passwords = []
salt = self.get_salt()
for path in homes.get(dir='.sqldeveloper'):
mainPath = self.get_mainPath(path)
if mainPath == 'SQL_NOT_EXISTS':
print_debug('INFO', 'SQL Developer not installed.')
continue
elif mainPath == 'SQL_NO_PASSWD':
print_debug('INFO', 'No passwords found.')
continue
else:
passphrase = self.get_passphrase(mainPath)
if passphrase == 'Not_Found':
print_debug('WARNING', 'The passphrase used to encrypt has not been found.')
continue
elif passphrase == 'xml_Not_Found':
print_debug('WARNING', 'The xml file containing the passphrase has not been found.')
continue
else:
all_passwords += self.get_infos(mainPath, passphrase, salt)
return all_passwords
def run(self, software_name=None):
pwdFound = []
try:
pwdTab = self.check_if_pidgin_started()
if pwdTab:
pwdFound = pwdTab
except:
pass
for path in homes.get(file=os.path.join('.purple', 'accounts.xml')):
tree = ET.ElementTree(file=path)
root = tree.getroot()
for account in root.findall('account'):
if account.find('name') is not None:
name = account.find('name')
password = account.find('password')
if name is not None and password is not None:
pwdFound.append({
'Login': name.text,
'Password': password.text
})
return pwdFound
def run(self, software_name = None): all_passwords = [] salt = self.get_salt() passphrase = self.get_passphrase() for path in homes.get(dir='.dbvis'): all_passwords += self.get_infos(path, passphrase, salt) return all_passwords
def run(self, software_name=None):
all_passwords = []
salt = self.get_salt()
passphrase = self.get_passphrase()
for path in homes.get(dir='.dbvis'):
all_passwords += self.get_infos(path, passphrase, salt)
return all_passwords
def get_path(self, software_name):
"""
Returns path depending on the software wanted (Firefox and Thunderbird share the same code)
"""
path = ''
if software_name == 'Firefox':
path = os.path.expanduser(".mozilla/firefox")
elif software_name == 'Thunderbird':
path = os.path.expanduser(".thunderbird")
return homes.get(dir=path)
def get_paths(self):
for profile_dir in homes.get(directory=self.path):
try:
subdirs = os.listdir(profile_dir)
except Exception:
continue
for subdir in subdirs:
login_data = os.path.join(profile_dir, subdir, 'Login Data')
if os.path.isfile(login_data):
yield login_data
def run(self, software_name=None):
pwdFound = []
# legend = {
# 'sitemanager.xml': 'Stores all saved sites server info including password in plaintext',
# 'recentservers.xml': 'Stores all recent server info including password in plaintext',
# 'filezilla.xml': 'Stores most recent server info including password in plaintext'
# }
for xml_file in homes.get(file=[
os.path.join(d, f) for d in ('.filezilla', '.config/filezilla')
for f in ('sitemanager.xml', 'recentservers.xml',
'filezilla.xml')
]):
print_debug('INFO', '%s' % (xml_file))
tree = ET.ElementTree(file=xml_file)
root = tree.getroot()
servers = root.getchildren()
for ss in servers:
server = ss.getchildren()
jump_line = 0
for s in server:
s1 = s.getchildren()
values = {}
for s11 in s1:
if s11.tag == 'Host':
values['Host'] = s11.text
if s11.tag == 'Port':
values['Port'] = s11.text
if s11.tag == 'User':
values['Login'] = s11.text
if s11.tag == 'Pass':
try:
# if base64 encoding
if 'encoding' in s11.attrib:
if s11.attrib['encoding'] == 'base64':
values['Password'] = base64.b64decode(
s11.text)
else:
values['Password'] = s11.text
except:
values['Password'] = s11.text
# write credentials into a text file
if len(values) != 0:
pwdFound.append(values)
return pwdFound
def get_paths(self):
for profile_dir in homes.get(directory=[u'.config/google-chrome', u'.config/chromium']):
try:
subdirs = os.listdir(profile_dir)
except Exception:
continue
for subdir in subdirs:
login_data = os.path.join(profile_dir, subdir, 'Login Data')
if os.path.isfile(login_data):
yield login_data
def get_profiles_files(self):
for profile_dir in homes.get(
directory=[u'.config/psi/profiles', u'.local/psi+/profiles']):
try:
subdirs = os.listdir(profile_dir)
except Exception:
continue
for subdir in subdirs:
login_data = os.path.join(profile_dir, subdir, 'accounts.xml')
if os.path.isfile(login_data):
yield login_data
def run(self, software_name=None):
pwdFound = []
for home in homes.get(dir='.dbvis'):
path = os.path.join(home, u'config70', u'dbvis.xml')
if os.path.exists(path):
tree = ET.ElementTree(file=path)
for e in tree.findall('Databases/Database'):
values = {}
try:
values['Name'] = e.find('Alias').text
except:
pass
try:
values['Login'] = e.find('Userid').text
except:
pass
try:
ciphered_password = e.find('Password').text
password = self.decrypt(ciphered_password)
values['Password'] = password
except:
pass
try:
values['Driver'] = e.find(
'UrlVariables//Driver').text.strip()
except:
pass
try:
elem = e.find('UrlVariables')
for ee in elem.getchildren():
for ele in ee.getchildren():
if 'Server' == ele.attrib['UrlVariableName']:
values['Host'] = str(ele.text)
if 'Port' == ele.attrib['UrlVariableName']:
values['Port'] = str(ele.text)
if 'SID' == ele.attrib['UrlVariableName']:
values['SID'] = str(ele.text)
except:
pass
if values:
pwdFound.append(values)
return pwdFound
def run(self):
pwd_found = []
for home in homes.get(directory=u'.dbvis'):
path = os.path.join(home, u'config70', u'dbvis.xml')
if os.path.exists(path):
tree = ElementTree(file=path)
elements = {
'Alias': 'Name',
'Userid': 'Login',
'Password': '******',
'UrlVariables//Driver': 'Driver'
}
for e in tree.findall('Databases/Database'):
values = {}
for elem in elements:
try:
if elem != "Password":
values[elements[elem]] = e.find(elem).text
else:
values[elements[elem]] = self.decrypt(
e.find(elem).text)
except Exception:
pass
try:
elem = e.find('UrlVariables')
for ee in elem.getchildren():
for ele in ee.getchildren():
if 'Server' == ele.attrib['UrlVariableName']:
values['Host'] = str(ele.text)
if 'Port' == ele.attrib['UrlVariableName']:
values['Port'] = str(ele.text)
if 'SID' == ele.attrib['UrlVariableName']:
values['SID'] = str(ele.text)
except Exception:
pass
if values:
pwd_found.append(values)
return pwd_found
def run(self):
pwd_found = []
for home in homes.get(directory=u'.sqldeveloper'):
path = os.path.join(home, u'SQL Developer')
if os.path.exists(path):
self._passphrase = self.get_passphrase(path)
if self._passphrase:
self.info(u'Passphrase found: {passphrase}'.format(passphrase=self._passphrase))
xml_name = u'connections.xml'
xml_file = None
if os.path.exists(os.path.join(path, xml_name)):
xml_file = os.path.join(path, xml_name)
else:
for p in os.listdir(path):
if p.startswith('system'):
new_directory = os.path.join(path, p)
for pp in os.listdir(new_directory):
if pp.startswith(u'o.jdeveloper.db.connection'):
if os.path.exists(os.path.join(new_directory, pp, xml_name)):
xml_file = os.path.join(new_directory, pp, xml_name)
break
if xml_file:
wanted_value = ['sid', 'port', 'hostname', 'user', 'password', 'ConnName', 'customUrl',
'SavePassword', 'driver']
renamed_value = {'sid': 'SID', 'port': 'Port', 'hostname': 'Host', 'user': '******',
'password': '******', 'ConnName': 'Name', 'customUrl': 'URL',
'SavePassword': '******', 'driver': 'Driver'}
tree = ElementTree(file=xml_file)
for e in tree.findall('Reference'):
values = {}
for ee in e.findall('RefAddresses/StringRefAddr'):
if ee.attrib['addrType'] in wanted_value and ee.find('Contents').text is not None:
name = renamed_value[ee.attrib['addrType']]
value = ee.find('Contents').text if name != 'Password' else self.decrypt(
ee.find('Contents').text)
values[name] = value
pwd_found.append(values)
return pwd_found
def run(self):
pwd_found = self.get_password_from_dbus()
for path in homes.get(file=os.path.join('.purple', 'accounts.xml')):
tree = ElementTree(file=path)
root = tree.getroot()
for account in root.findall('account'):
if account.find('name') is not None:
name = account.find('name')
password = account.find('password')
if name is not None and password is not None:
pwd_found.append({
'Login': name.text,
'Password': password.text
})
return pwd_found
def run(self):
pwd_found = []
for home in homes.get(directory=u'.dbvis'):
path = os.path.join(home, u'config70', u'dbvis.xml')
if os.path.exists(path):
tree = ElementTree(file=path)
elements = {'Alias': 'Name', 'Userid': 'Login', 'Password': '******',
'UrlVariables//Driver': 'Driver'}
for e in tree.findall('Databases/Database'):
values = {}
for elem in elements:
try:
if elem != "Password":
values[elements[elem]] = e.find(elem).text
else:
values[elements[elem]] = self.decrypt(e.find(elem).text)
except Exception:
pass
try:
elem = e.find('UrlVariables')
for ee in elem.getchildren():
for ele in ee.getchildren():
if 'Server' == ele.attrib['UrlVariableName']:
values['Host'] = str(ele.text)
if 'Port' == ele.attrib['UrlVariableName']:
values['Port'] = str(ele.text)
if 'SID' == ele.attrib['UrlVariableName']:
values['SID'] = str(ele.text)
except Exception:
pass
if values:
pwd_found.append(values)
return pwd_found
def run(self):
pwd_found = self.get_password_from_dbus()
for path in homes.get(file=os.path.join('.purple', 'accounts.xml')):
tree = ElementTree(file=path)
root = tree.getroot()
for account in root.findall('account'):
if account.find('name') is not None:
name = account.find('name')
password = account.find('password')
if name is not None and password is not None:
pwd_found.append(
{
'Login': name.text,
'Password': password.text
}
)
return pwd_found
def run(self):
"""
Main function
"""
known_locations = set()
# According to the "git-credential-store" documentation:
# Build a list of locations in which git credentials can be stored
# Apply the password extraction on the defined locations
pwd_found = []
for location in homes.get(
directory=[u'.git-credentials', u'.config/git/credentials']):
pwd_found += self.extract_credentials(location)
known_locations.add(location)
# Read Env variable from another user
for process in psutil.process_iter():
try:
environ = process.environ()
except Exception:
continue
for var in ('XDG_CONFIG_HOME'):
if var not in environ or environ[var] in known_locations:
continue
# Env variable found
location = environ[var]
known_locations.add(location)
pwd_found += self.extract_credentials(
os.path.join(location, 'git/credentials'))
# Filter duplicates
return [{
'URL': url,
'Login': login,
'Password': password
} for url, login, password in set(pwd_found)]
def run(self):
pwd_found = []
for xml_file in homes.get(file=[
os.path.join(d, f) for d in ('.filezilla', '.config/filezilla')
for f in ('sitemanager.xml', 'recentservers.xml',
'filezilla.xml')
]):
if os.path.exists(xml_file):
tree = ElementTree(file=xml_file)
servers = tree.findall('Servers/Server') if tree.findall(
'Servers/Server') else tree.findall('RecentServers/Server')
for server in servers:
host = server.find('Host')
port = server.find('Port')
login = server.find('User')
password = server.find('Pass')
if host is not None and port is not None and login is not None:
values = {
'Host': host.text,
'Port': port.text,
'Login': login.text,
}
if password is not None:
if 'encoding' in password.attrib and password.attrib[
'encoding'] == 'base64':
values['Password'] = base64.b64decode(
password.text)
else:
values['Password'] = password.text
pwd_found.append(values)
return pwd_found
def run(self):
pwd_found = []
for xml_file in homes.get(file=[
os.path.join(d, f)
for d in ('.filezilla', '.config/filezilla')
for f in ('sitemanager.xml', 'recentservers.xml', 'filezilla.xml')
]):
if os.path.exists(xml_file):
tree = ElementTree(file=xml_file)
servers = tree.findall('Servers/Server') if tree.findall('Servers/Server') else tree.findall(
'RecentServers/Server')
for server in servers:
host = server.find('Host')
port = server.find('Port')
login = server.find('User')
password = server.find('Pass')
if host is not None and port is not None and login is not None:
values = {
'Host': host.text,
'Port': port.text,
'Login': login.text,
}
if password is not None:
if 'encoding' in password.attrib and password.attrib['encoding'] == 'base64':
values['Password'] = base64.b64decode(password.text)
else:
values['Password'] = password.text
pwd_found.append(values)
return pwd_found
def get_paths(self):
return homes.get(file=os.path.join('.aws', 'credentials'))
def get_paths(self):
return homes.get(file=os.path.join('.docker', 'config.json'))
def get_paths(self):
return homes.get(
file=os.path.join('.squirrel-sql', 'SQLAliases23.xml'))
def get_paths(self):
return homes.get(file=os.path.join('.jitsi', 'sip-communicator.properties'))
def get_paths(self):
return homes.get(directory=u'.opera')
def get_paths(self):
return homes.get(directory=u'.claws-mail')
def get_paths(self):
return homes.get(file=os.path.join('.aws', 'credentials'))
def get_paths(self):
return homes.get(file=os.path.join('.squirrel-sql', 'SQLAliases23.xml'))
def get_paths(self): return homes.get(dir='.opera')
def run(self):
"""
Main function
"""
# Extract all available connections credentials
pwd_found = []
for connection_file_directory in homes.get(directory=u'.gftp'):
connection_file_location = os.path.join(connection_file_directory,
u'bookmarks')
if os.path.isfile(connection_file_location):
cp = RawConfigParser()
cp.read(connection_file_location)
for elmt in cp.sections():
username = cp.get(elmt, "username")
if username != "anonymous":
host = cp.get(elmt, "hostname")
port = cp.get(elmt, "port")
protocol = cp.get(elmt, "protocol")
password = self.decode_password(cp.get(elmt, "password"))
account = cp.get(elmt, "account")
pwd_found.append({
'Entry': "Server",
'Host': host,
'Username': username,
'Password': password,
'Port': port,
'Protocol': protocol,
'Account': account,
})
# Extract Proxy data from another file
connection_file_location = os.path.join(connection_file_directory,
u'gftprc')
if os.path.isfile(connection_file_location):
preferences = open(connection_file_location, 'r').read()
# FTP Proxy
ftp_proxy_host = self.get_parameter("ftp_proxy_host",
preferences)
if ftp_proxy_host != "":
ftp_proxy_port = self.get_parameter(
"ftp_proxy_port", preferences)
ftp_proxy_username = self.get_parameter(
"ftp_proxy_username", preferences)
ftp_proxy_password = self.get_parameter(
"ftp_proxy_password", preferences)
ftp_proxy_account = self.get_parameter(
"ftp_proxy_account", preferences)
if ftp_proxy_username != "" and ftp_proxy_password != "":
pwd_found.append({
'Entry': 'FTP Proxy',
'Protocol': 'FTP',
'Host': ftp_proxy_host,
'Port': ftp_proxy_port,
'Username': ftp_proxy_username,
'Password': ftp_proxy_password,
'Account': ftp_proxy_account
})
# HTTP Proxy
http_proxy_host = self.get_parameter("http_proxy_host",
preferences)
if http_proxy_host != "":
http_proxy_port = self.get_parameter(
"http_proxy_port", preferences)
http_proxy_username = self.get_parameter(
"http_proxy_username", preferences)
http_proxy_password = self.get_parameter(
"http_proxy_password", preferences)
http_proxy_account = self.get_parameter(
"http_proxy_account", preferences)
if http_proxy_username != "" and http_proxy_password != "":
pwd_found.append({
'Entry': "HTTP Proxy",
'Protocol': "HTTP",
'Host': http_proxy_host,
'Port': http_proxy_port,
'Username': http_proxy_username,
'Password': http_proxy_password,
'Account': http_proxy_account
})
return pwd_found
def get_paths(self):
return homes.get(file=os.path.join('.docker', 'config.json'))
def get_paths(self):
return homes.get(file=u'.claws-mail/accountrc')
def run(self):
"""
Main function
"""
pwd_found = []
#KeepassX
for connection_file_directory in homes.get(directory=u'.config/keepassx'):
#Used to replace ./ by the home path
home = connection_file_directory.partition('./config')[0]
connection_file_location = os.path.join(connection_file_directory, u'config.ini')
if os.path.isfile(connection_file_location):
cp = RawConfigParser()
cp.read(connection_file_location)
try:
database = cp.get("Options", "LastFile").replace('./', home)
keyfile = cp.get("Options", "LastKeyLocation").replace('./', home)
keytype = cp.get("Options", "LastKeyType")
if keytype == "Password":
keyfile = "No keyfile needed"
elif keyfile == "":
keyfile = "No keyfile found"
pwd_found.append({
'Keyfile': keyfile,
'Database': database
})
except:
pass
#Keepass2
for connection_file_directory in homes.get(directory=u'.config/KeePass'):
home = connection_file_directory.partition('./config')[0]
connection_file_location = os.path.join(connection_file_directory, u'KeePass.config.xml')
if os.path.isfile(connection_file_location):
try:
connections = parse(connection_file_location).getroot()
connection_nodes = connections.findall(".//Association")
for connection_node in connection_nodes:
database = connection_node.find('DatabasePath').text.replace("../../../", home)
keyfile = connection_node.find('KeyFilePath').text.replace("../../../", home)
pwd_found.append({
'Keyfile': keyfile,
'Database': database
})
except:
pass
try:
connections = parse(connection_file_location).getroot()
connection_nodes = connections.findall(".//LastUsedFile")
for connection_node in connection_nodes:
database = connection_node.find('Path').text.replace("../../../", home)
already_in_pwd_found = 0
for elmt in pwd_found:
if database == elmt['Database']:
already_in_pwd_found = 1
if already_in_pwd_found == 0:
pwd_found.append({
'Keyfile': "No keyfile found",
'Database': database
})
except:
pass
try:
connections = parse(connection_file_location).getroot()
connection_nodes = connections.findall(".//ConnectionInfo")
for connection_node in connection_nodes:
database = connection_node.find('Path').text.replace("../../../", home)
already_in_pwd_found = 0
for elmt in pwd_found:
if database == elmt['Database']:
already_in_pwd_found = 1
if already_in_pwd_found == 0:
pwd_found.append({
'Keyfile': "No keyfile found",
'Database': database
})
except:
pass
return pwd_found
def get_paths(self):
return homes.get(directory=u'.opera')
def get_paths(self):
return homes.get(dir='.opera')
