def fetch_lastpass_vault(username, password):
DEVICE_ID = "My Python Script"
vault = None
try:
# First try without a multifactor password
vault = Vault.open_remote(username, password, None, DEVICE_ID)
except LastPassIncorrectGoogleAuthenticatorCodeError as e:
# Get the code
multifactor_password = input('Enter Google Authenticator code:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password,
DEVICE_ID)
except LastPassIncorrectYubikeyPasswordError as e:
# Get the code
multifactor_password = input('Enter Yubikey password:'******'Multifactor authentication required!' in str(e):
print('Use lastpass authenticator app to accept login')
if vault is None:
print('{Error] Unable to initialize vault')
sys.exit(1)
return vault
def main():
username = raw_input("Enter your LastPass Username: "******"Enter your LastPass Master Password (will not be shown): ")
try:
# First try without a multifactor password
vault = Vault.open_remote(username, password)
except LastPassIncorrectGoogleAuthenticatorCodeError as e:
# Get the code
multifactor_password = input('Enter Google Authenticator code:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password)
except LastPassIncorrectYubikeyPasswordError as e:
# Get the code
multifactor_password = input('Enter Yubikey password:'******'content-length')
if total_length is None: # no content length header
f.write(response.content)
else:
dl = 0
total_length = int(total_length)
for data in response.iter_content(chunk_size=total_length/100):
dl += len(data)
f.write(data)
done = int(50 * dl / total_length)
sys.stdout.write("\r[%s%s]" % ('=' * done, ' ' * (50-done)) )
sys.stdout.flush()
sys.stdout.write("\n")
compromised_sites = []
with open("leaked_sites.txt", "r") as f:
lines = f.read().splitlines()
for line in lines:
try:
site_name = line if accounts[line] else None
if site_name not in compromised_sites:
compromised_sites.append(site_name)
print "{0} may have been compromised.".format(site_name)
except KeyError:
pass
def load_lpass_vault(device_id="data_catalog"):
try:
# First try without a multifactor password
return Vault.open_remote(LPASS_USERNAME, LPASS_PASSWORD, None,
device_id)
except LastPassIncorrectGoogleAuthenticatorCodeError as e:
# Get the code
multifactor_password = input('Enter Google Authenticator code:')
# And now retry with the code
return Vault.open_remote(LPASS_USERNAME, LPASS_PASSWORD,
multifactor_password, device_id)
except LastPassIncorrectYubikeyPasswordError as e:
# Get the code
multifactor_password = input('Enter Yubikey password:')
# And now retry with the code
return Vault.open_remote(LPASS_USERNAME, LPASS_PASSWORD,
multifactor_password, device_id)
def get_lp(account: str):
"""Return account info for supplied LastPass account name.
Additional accounts can be added by updating _shorthand (and
LPChoices Enum for the return_lp function)
"""
_shorthand = {
"Optical": bytes("Optical", "utf-8"),
"Enable": bytes("CENIC Enable Account", "utf-8"),
"OOB": bytes("CENIC Out-of-Band- OOB", "utf-8"),
"CAS": bytes("CAS", "utf-8"),
"TACACS": bytes("CENIC TACACS Key", "utf-8"),
"SNMP": bytes("ScienceLogic SNMP Credentials", "utf-8"),
}
cas_email = keyring.get_password("cas", "email")
lp_pass = keyring.get_password("lp_pass", cas_email)
lp_otp = pyotp.TOTP(keyring.get_password("lp_pass", "otp"))
name = _shorthand[account]
vault = Vault.open_remote(cas_email, lp_pass, lp_otp.now())
for account in vault.accounts:
if account.name == name:
if name == bytes("ScienceLogic SNMP Credentials", "utf-8"):
# print(account.notes)
user_re = re.compile(r"Username: \S+")
auth_re = re.compile(r"Auth Password: \S+")
priv_re = re.compile(r"Priv Password: \S+")
lp_username = user_re.search(str(account.notes,
"utf-8")).group()
lp_password = auth_re.search(str(account.notes,
"utf-8")).group()
lp_password2 = priv_re.search(str(account.notes,
"utf-8")).group()
elif account.name == bytes("CENIC Out-of-Band- OOB", "utf-8"):
user_re = re.compile(r"Super User:\S+")
pass_re = re.compile(r"Password:\S+")
passthrough_re = re.compile(r"Passthrough:\S+")
lp_username = user_re.search(str(account.notes,
"utf-8")).group()
lp_password = pass_re.search(str(account.notes,
"utf-8")).group()
lp_password2 = passthrough_re.search(
str(account.notes, "utf-8")).group()
else:
lp_username = "******" + str(account.username, "utf-8")
lp_password = "******" + str(account.password, "utf-8")
lp_password2 = ""
return lp_username, lp_password, lp_password2
def get_vault(cls):
"""
Retrieves LastPass vault
"""
logger = logging.getLogger(__name__)
log_path = os.path.join(filerpath.LOG_PATH, 'Filed.log')
handler = logging.FileHandler(log_path)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
handler.setFormatter(formatter)
logger.addHandler(handler)
try:
# First try without a multifactor password
vault = Vault.open_remote(username, password)
except LastPassIncorrectGoogleAuthenticatorCodeError as e:
# Get the code
multifactor_password = input('Enter Google Authenticator code:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password)
return vault
def query(self, Query):
Results = []
if len(Query) > 0:
LPVault = Vault.open_remote('<LASTPASS VAULT USERNAME>',
'<LASTPASS VAULT PASSWORD>')
for LPEntry in LPVault.accounts:
Name = LPEntry.name.decode('utf-8')
if Name.lower() == Query.lower():
Results.append({
'Title':
Name,
'SubTitle':
'Copy Username from "{}"'.format(Name),
'IcoPath':
'Images/lp_username.ico',
'JsonRPCAction': {
'method': 'copy_to_clipboard',
'parameters': [LPEntry.username.decode('utf-8')]
}
})
Results.append({
'Title':
Name,
'SubTitle':
'Copy Password from "{}"'.format(Name),
'IcoPath':
'Images/lp_password.ico',
'JsonRPCAction': {
'method': 'copy_to_clipboard',
'parameters': [LPEntry.password.decode('utf-8')]
}
})
break
return Results
def vault(self):
multifactor_password = None
if self.mfa:
multifactor_password = self.__token()
try:
return Vault.open_remote(self.username, self.password, multifactor_password, DEVICE_ID)
except LastPassIncorrectGoogleAuthenticatorCodeError as _:
if not self.mfa:
self.mfa = True
return self.vault()
except LastPassIncorrectYubikeyPasswordError as _:
if not self.mfa:
self.mfa = True
return self.vault()
except LastPassUnknownError as e:
if 'Multifactor authentication required' in str(e):
if not self.mfa:
self.mfa = True
return self.vault()
else:
raise e
return None
#!/usr/bin/env python
# coding: utf-8
import json
import os
from lastpass import (Vault, LastPassIncorrectYubikeyPasswordError,
LastPassIncorrectGoogleAuthenticatorCodeError)
with open(os.path.join(os.path.dirname(__file__), 'credentials.json')) as f:
credentials = json.load(f)
username = str(credentials['username'])
password = str(credentials['password'])
try:
# First try without a multifactor password
vault = Vault.open_remote(username, password)
except LastPassIncorrectGoogleAuthenticatorCodeError as e:
# Get the code
multifactor_password = input('Enter Google Authenticator code:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password)
except LastPassIncorrectYubikeyPasswordError as e:
# Get the code
multifactor_password = input('Enter Yubikey password:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password)
for index, i in enumerate(vault.accounts):
print("{} {} {} {} {} {} {}".format(index + 1, i.id, i.name, i.username,
i.password, i.url, i.group))
import json
import os
from lastpass import (Vault, LastPassIncorrectYubikeyPasswordError,
LastPassIncorrectGoogleAuthenticatorCodeError)
DEVICE_ID = "example.py"
with open(os.path.join(os.path.dirname(__file__), 'credentials.json')) as f:
credentials = json.load(f)
username = credentials['username']
password = credentials['password']
try:
# First try without a multifactor password
vault = Vault.open_remote(username, password, None, DEVICE_ID)
except LastPassIncorrectGoogleAuthenticatorCodeError as e:
# Get the code
multifactor_password = input('Enter Google Authenticator code:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password,
DEVICE_ID)
except LastPassIncorrectYubikeyPasswordError as e:
# Get the code
multifactor_password = input('Enter Yubikey password:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password,
DEVICE_ID)
# from lastpass-python.lastpass.vault import Vault
from lastpass import Vault
vault = Vault.open_remote('', '')
index = 0
print("Accounts:-------------------\n")
for i in vault.accounts:
print(str(index) + ". " + str(i))
index += 1
print("\n\n\nSecureNote:------------------\n")
index = 0
for i in vault.accounts:
print(str(index) + ". " + str(i))
index += 1
import json
import os
from lastpass import (
Vault,
LastPassIncorrectYubikeyPasswordError,
LastPassIncorrectGoogleAuthenticatorCodeError
)
with open(os.path.join(os.path.dirname(__file__), 'credentials.json')) as f:
credentials = json.load(f)
username = str(credentials['username'])
password = str(credentials['password'])
try:
# First try without a multifactor password
vault = Vault.open_remote(username, password)
except LastPassIncorrectGoogleAuthenticatorCodeError as e:
# Get the code
multifactor_password = input('Enter Google Authenticator code:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password)
except LastPassIncorrectYubikeyPasswordError as e:
# Get the code
multifactor_password = input('Enter Yubikey password:')
# And now retry with the code
vault = Vault.open_remote(username, password, multifactor_password)
for index, i in enumerate(vault.accounts):
