LaZagne is a tool developed by Alessandro Zanni useful to retrieve passwords stored on a local computer by most commonly-used software.

The tool displays passwords for (currently) 22 Windows and 12 Linux programs.

Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.).

LaZagne has been also added to pupy (a remote administration and post-exploitation tool written in python ) as a post-exploitation module: its python code will be interpreted in memory without touching the disk and it works on Windows and Linux host.

Installation

Simply clone the git repository:

git clone https://github.com/AlessandroZ/LaZagne.git

In order to use the tool, some external libraries are required, that can be installed with pip:

pip install -r requirement.txt

In details, Python 2.7 is needed to compile the project on all systems, and the required libraries are:

  • For Windows
  • For Linux
    • pip install pycrypto pyasn1
    • pip install https://github.com/n1nj4sec/memorpy/archive/master.zip
    • apt-get install python-gnomekeyring python-kde4 python-dbus
  • For Mac
    • pip install pycrypto pyasn1

Standalones versions are also available at https://github.com/AlessandroZ/LaZagne/releases/

Usage

usage: laZagne.py [-h] [--version]
 {chats,mails,all,database,wifi,sysadmin,wallet,browsers,memory}
 ...

positional arguments:
 {chats,mails,all,database,wifi,sysadmin,wallet,browsers,memory}
 Choose a main command
 chats Run chats module
 mails Run mails module
 all Run all modules
 database Run database module
 wifi Run wifi module
 sysadmin Run sysadmin module
 wallet Run wallet module
 browsers Run browsers module
 memory Run memory module

optional arguments:
 -h, --help show this help message and exit
 --version laZagne version

References