LaZagne – Credentials Recovery Project

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software.

LaZagne - Credentials Recovery Project
LaZagne – Credentials Recovery Project

This project has been added to pupy as a post-exploitation module. Python code will be interpreted in memory without touching the disk and it works on Windows and Linux host.

Supported software with this tool are:

  • Browsers – 7Star , Amigo , BlackHawk, Brave , Centbrowser , Chedot , Chrome Canary , Chromium , Coccoc , Comodo Dragon , Comodo IceDragon , Cyberfox , Elements Browser , Epic Privacy Browser , Firefox , Google Chrome , Icecat , K-Meleon , Kometa , Opera , Orbitum , Sputnik , Torch , Uran , Vivaldi.
  • Chats – Pigdin , Psi , Skype.
  • Databases – DBVisualizer, Postgresql, Robomongo , Squirrel ,SQLdevelopper.
  • Games – GalconFusion , Kalypsomedia , RogueTale , Turba.
  • Git – Git for Windows
  • Mails – Outlook , Thunderbird
  • Maven – Maven Apache
  • Dumps from memory – Keepass , Mimikatz method , System Password
  • Multimedia – EyeCON
  • PHP – Composer
  • Sysadmin – Apache Directory Studio, CoreFTP, CyberDuck, FileZilla, FTPNavigator , OpenSSH , OpenVPN , PuttyCM, RDPManager , VNC , WinSCP , Windows Subsystem for Linux ,AWS , Docker , Environnement variable , FileZilla , History files , Shares , SSH private keys.
  • Wifi – Wireless Network, Network Manager,WPA Supplicant.
  • Internal mechanism passwords storage – Autologon, MSCache, Credential Files , Credman , DPAPI Hash , Hashdump (LM/NT), LSA secret , Vault Files ,GNOME Keyring, Kwallet, Hashdump , Keychains.

You can read more and download this tool over here: https://github.com/AlessandroZ/LaZagne

Share