goLazagne
⚠ Disclaimer
- All information provided in this project is for educational purposes only and can not be used for law violation or personal gain.
- The authors of this project are not responsible for any possible harm caused by the materials of this project.
- All information in this repository is intended for development of audit tools and help preventing the hack attacks.
- We believe only in ethical hacking.
Description
The goLazagne is an open source library for golang used to retrieve passwords stored on local computer.
Inspired by AlessandroZ LaZagne project.
Install
go get github.com/kerbyj/goLazagneExample
package main
import (
"github.com/kerbyj/goLazagne"
)
func main() {
var credentials, _ = goLazagne.ExtractAllData()
println("Browser creds:", len(credentials.BrowserData))
println("Credman creds:", len(credentials.CredmanData))
println("Wifi creds:", len(credentials.WifiData))
println("\nEnumerating filesystem. Please wait")
var interestingFiles = []string{
"ovpn",
"ssh",
}
var files = goLazagne.ExtractInterestingFiles(interestingFiles)
for fileN := range files {
println(files[fileN])
}
}If you want to compile this project on Linux system:
apt install gcc-multilib
apt install gcc-mingw-w64
CGO_ENABLED=1 CC=x86_64-w64-mingw32-gcc CXX=x86_64-w64-mingw32-g++ GOOS=windows GOARCH=amd64 go build -buildmode=exeSupported features
-
Browsers
- Chromium-based
- Mozilla Firefox
- Internet Explorer and Edge
-
Mail
- Thunderbird
- [TBD] Outlook
-
Windows
- Credential Manager
-
SysAdmin tools (pre alpha, need more tests)
- Mobaxterm - user, host:port and associated key
- Putty - user, host:port and associated key
- Filezilla - user, host:port and password (encrypted if master password isset)
- Openssh
-
WiFi passwords
ToDo (sorted by priority level)
- Rewrite Mozilla extractor
- WPA2 Enterprise. The main difficulty is that we need an privilege escalation. Read more in zc00l research.
- Windows vault
- Full outlook support
- Git
Special thanks
- Nikolay Edigaryev for credman module