def run_modules(category_selected, subcategories):
"""
Run modules
"""
modules = create_module_dic()
categories = {category_selected: get_categories()[category_selected]} \
if category_selected != 'all' else get_categories()
# Sort dict in reverse mode to run libsecrets as first module
for cat in OrderedDict(
reversed(sorted(categories.items(), key=lambda t: t[0]))):
for r in run_module(modules[cat], subcategories):
yield r
def run_category(category_selected, subcategories={}, system_module=False):
constant.module_to_exec_at_end = {
"winapi": [],
"dpapi": [],
}
modules = create_module_dic()
categories = [category_selected] if category_selected != 'all' else get_categories()
for category in categories:
for r in run_modules(modules[category], subcategories, system_module):
yield r
if not system_module:
if constant.is_current_user:
# Modules using Windows API (CryptUnprotectData) can be called from the current session
for module in constant.module_to_exec_at_end.get('winapi', []):
for m in run_module(title=module['title'], module=module['module']):
yield m
if constant.module_to_exec_at_end.get('dpapi', []):
if are_masterkeys_retrieved():
for module in constant.module_to_exec_at_end.get('dpapi', []):
for m in run_module(title=module['title'], module=module['module']):
yield m
else:
if constant.module_to_exec_at_end.get('dpapi', []) or constant.module_to_exec_at_end.get('winapi', []):
if are_masterkeys_retrieved():
# Execute winapi/dpapi modules - winapi decrypt blob using dpapi without calling CryptUnprotectData
for i in ['winapi', 'dpapi']:
for module in constant.module_to_exec_at_end.get(i, []):
for m in run_module(title=module['title'], module=module['module']):
yield m
def run_category(category_selected, subcategories={}, system_module=False):
constant.module_to_exec_at_end = {
"winapi": [],
"dpapi": [],
}
modules = create_module_dic()
categories = [category_selected] if category_selected != 'all' else get_categories()
for category in categories:
for r in run_modules(modules[category], subcategories, system_module):
yield r
if not system_module:
if constant.is_current_user:
# Modules using Windows API (CryptUnprotectData) can be called from the current session
for module in constant.module_to_exec_at_end.get('winapi', []):
for m in run_module(title=module['title'], module=module['module']):
yield m
if constant.module_to_exec_at_end.get('dpapi', []):
if are_masterkeys_retrieved():
for module in constant.module_to_exec_at_end.get('dpapi', []):
for m in run_module(title=module['title'], module=module['module']):
yield m
else:
if constant.module_to_exec_at_end.get('dpapi', []) or constant.module_to_exec_at_end.get('winapi', []):
if are_masterkeys_retrieved():
# Execute winapi/dpapi modules - winapi decrypt blob using dpapi without calling CryptUnprotectData
for i in ['winapi', 'dpapi']:
for module in constant.module_to_exec_at_end.get(i, []):
for m in run_module(title=module['title'], module=module['module']):
yield m
def run_modules(category_selected, subcategories):
"""
Run modules
"""
modules = create_module_dic()
categories = [category_selected] if category_selected != 'all' else get_categories()
for cat in categories:
for r in run_module(modules[cat], subcategories):
yield r
def runModule(category_choosed,
need_high_privileges=False,
need_system_privileges=False,
not_need_to_be_in_env=False,
cannot_be_impersonate_using_tokens=False):
categories = [category_choosed
] if category_choosed != 'all' else get_categories()
for category in categories:
for r in launch_module(modules[category]):
yield r
def run_category(category_selected, system_module=False):
module_to_exec_at_end = constant.module_to_exec_at_end
categories = [category_selected
] if category_selected != 'all' else get_categories()
for category in categories:
for r in run_modules(modules[category], system_module):
yield r
if not system_module:
if constant.is_current_user:
# Modules using Windows API (CryptUnprotectData) can be called from the current session
for module in constant.module_to_exec_at_end.get('winapi', []):
for m in run_module(title=module['title'],
module=module['module']):
yield m
if constant.module_to_exec_at_end.get('dpapi', []):
# These modules will need the windows user password to be able to decrypt dpapi blobs
constant.user_dpapi = UserDpapi(
password=constant.user_password)
# Add username to check username equals passwords
constant.password_found.append(constant.username)
constant.user_dpapi.check_credentials(constant.password_found)
if constant.user_dpapi.unlocked:
for module in constant.module_to_exec_at_end.get(
'dpapi', []):
for m in run_module(title=module['title'],
module=module['module']):
yield m
else:
if constant.module_to_exec_at_end.get(
'dpapi', []) or constant.module_to_exec_at_end.get(
'winapi', []):
# These modules will need the windows user password to be able to decrypt dpapi blobs
constant.user_dpapi = UserDpapi(
password=constant.user_password)
# Add username to check username equals passwords
constant.password_found.append(constant.username)
constant.user_dpapi.check_credentials(constant.password_found)
if constant.user_dpapi.unlocked:
# Execute winapi and dpapi modules (winapi will decrypt blob using dpapi without calling CryptUnprotectData)
for i in ['winapi', 'dpapi']:
for module in constant.module_to_exec_at_end.get(
i, []):
for m in run_module(title=module['title'],
module=module['module']):
yield m
def create_module_dic():
if constant.modules_dic:
return constant.modules_dic
modules = {}
# Define a dictionary for all modules
for category in get_categories():
modules[category] = {}
# Add all modules to the dictionary
for m in get_modules():
modules[m.category][m.options['dest']] = m
constant.modules_dic = modules
return modules
def create_module_dic():
if constant.modules_dic:
return constant.modules_dic
modules = {}
# Define a dictionary for all modules
for category in get_categories():
modules[category] = {}
# Add all modules to the dictionary
for m in get_modules():
modules[m.category][m.options['dest']] = m
constant.modules_dic = modules
return modules
def run_category(category_selected,
dpapi_used=True,
registry_used=True,
system_module=False):
constant.module_to_exec_at_end = []
categories = [category_selected
] if category_selected != 'all' else get_categories()
for category in categories:
for r in run_modules(modules[category], dpapi_used, registry_used,
system_module):
yield r
if constant.module_to_exec_at_end:
# These modules will need the windows user password to be able to decrypt dpapi blobs
constant.dpapi = Decrypt_DPAPI(password=constant.user_password)
# Add username to check username equals passwords
constant.passwordFound.append(constant.username)
constant.dpapi.check_credentials(constant.passwordFound)
for module in constant.module_to_exec_at_end:
for m in run_module(title=module['title'],
module=module['module']):
yield m
help='destination path to store results (default:.)')
# Windows user password
PPwd = argparse.ArgumentParser(
add_help=False,
formatter_class=lambda prog: argparse.HelpFormatter(
prog,
max_help_position=constant.MAX_HELP_POSITION)
)
PPwd._optionals.title = 'Windows User Password'
PPwd.add_argument('-password', dest='password', action='store',
help='Windows user password (used to decrypt creds files)')
# -------------------------- Add options and suboptions to all modules --------------------------
all_subparser = []
all_categories = get_categories()
for c in all_categories:
all_categories[c]['parser'] = argparse.ArgumentParser(
add_help=False,
formatter_class=lambda prog: argparse.HelpFormatter(prog,
max_help_position=constant.MAX_HELP_POSITION)
)
all_categories[c]['parser']._optionals.title = all_categories[c]['help']
# Manage options
all_categories[c]['subparser'] = []
for module in modules[c]:
m = modules[c][module]
all_categories[c]['parser'].add_argument(m.options['command'], action=m.options['action'],
dest=m.options['dest'], help=m.options['help'])
def run_module(category_selected):
categories = [category_selected] if category_selected != 'all' else get_categories()
for cat in categories:
for r in launch_module(modules[cat]):
yield r
from lazagne.config.write_output import parse_json_result_to_buffer, print_debug, StandardOutput
from lazagne.config.manage_modules import get_categories, get_modules
from lazagne.config.constant import *
import time
# Object used to manage the output / write functions (cf write_output file)
constant.st = StandardOutput()
# Tab containing all passwords
stdoutRes = []
modules = {}
# Define a dictionary for all modules
for c in get_categories():
modules[c] = {}
# Add all modules to the dictionary
for m in get_modules():
modules[m.category][m.options['dest']] = m
def output():
if args['output']:
if os.path.isdir(args['output']):
constant.folder_name = args['output']
else:
print('[!] Specify a directory, not a file !')
if args['write_normal']:
import logging
import getpass
import time
import json
import sys
import os
# Object used to manage the output / write functions (cf write_output file)
constant.st = StandartOutput()
# Tab containing all passwords
stdoutRes = []
modules = {}
# Define a dictionary for all modules
for category in get_categories():
modules[category] = {}
# Add all modules to the dictionary
for module in get_modules():
modules[module.category][module.options['dest']] = module
modules['mails']['thunderbird'] = Mozilla(
True) # For thunderbird (firefox and thunderbird use the same class)
def output():
if args['output']:
if os.path.isdir(args['output']):
constant.folder_name = args['output']
else:
print('[!] Specify a directory, not a file !')
import logging
import getpass
import time
import json
import sys
import os
# Configuration
from lazagne.config.write_output import parseJsonResultToBuffer, print_debug, StandartOutput
from lazagne.config.manage_modules import get_categories, get_modules
from lazagne.config.constant import *
# Object used to manage the output / write functions (cf write_output file)
constant.st = StandartOutput()
category = get_categories()
moduleNames = get_modules()
# Tab containing all passwords
stdoutRes = []
# Define a dictionary for all modules
modules = {}
for categoryName in category:
modules[categoryName] = {}
# Add all modules to the dictionary
for module in moduleNames:
modules[module.category][module.options['dest']] = module
modules['mails']['thunderbird'] = Mozilla(
True) # For thunderbird (firefox and thunderbird use the same class)
help='destination path to store results (default:.)')
# Windows user password
PPwd = argparse.ArgumentParser(
add_help=False,
formatter_class=lambda prog: argparse.HelpFormatter(
prog,
max_help_position=constant.max_help)
)
PPwd._optionals.title = 'Windows User Password'
PPwd.add_argument('-password', dest='password', action='store',
help='Windows user password (used to decrypt creds files)')
# -------------------------- Add options and suboptions to all modules --------------------------
all_subparser = []
all_categories = get_categories()
for c in all_categories:
all_categories[c]['parser'] = argparse.ArgumentParser(
add_help=False,
formatter_class=lambda prog: argparse.HelpFormatter(prog,
max_help_position=constant.max_help)
)
all_categories[c]['parser']._optionals.title = all_categories[c]['help']
# Manage options
all_categories[c]['subparser'] = []
for module in modules[c]:
m = modules[c][module]
all_categories[c]['parser'].add_argument(m.options['command'], action=m.options['action'],
dest=m.options['dest'], help=m.options['help'])
# Configuration
from lazagne.config.write_output import parse_json_result_to_buffer, print_debug, StandardOutput
from lazagne.config.manage_modules import get_categories, get_modules
from lazagne.config.constant import constant
from lazagne.softwares.browsers.chrome import Chrome
# Object used to manage the output / write functions (cf write_output file)
constant.st = StandardOutput()
# Tab containing all passwords
stdoutRes = []
modules = {}
# Define a dictionary for all modules
for category_name in get_categories():
modules[category_name] = {}
# Add all modules to the dictionary
for module in get_modules():
modules[module.category][module.options['dest']] = module
def output():
if args['output']:
if os.path.isdir(args['output']):
constant.folder_name = args['output']
else:
print_debug('ERROR', '[!] Specify a directory, not a file !')
if args['write_normal']:
