Closed Papotito123 closed 4 years ago
MyLoginOnGitHub
commented
4 years ago Python3 is not fully supported by LaZagne. So, if you want stable result - use python2. Improving for support of python3 is now in progress. Thanks for issue.
Please, try PR #461 and reply if it fixed problem?
Papotito123
commented
4 years ago Hello: Thanks for response. I delete my python 2.7 x64 because developer say that my problem recovering Chrome passwords is due using python x64.I delete pyton x64 and installed python 2.7 x86 and resolve the issue but had a new issue with WIFI. Then I installed python 3 to use ByeHack version.And this version recovered Chrome and WIFI. Then I test latest lazagne at the moment and makes this behaviour.
Now I test lazagne latest and still didn't run. while running I saw your msg about trying PR#461. I did the creddump7/addrspace.py line change.
The I retried latest lazagne and runs good:
C:\Users\TESTACCOUNT\Desktop\Python37>"C:\lazena\Windows\laZagne.py" -version Version 2.4.3
C:\Users\TESTACCOUNT\Desktop\Python37>"C:\lazena\Windows\laZagne.py" all -vvv
| ==================================================================== |
|---|
| The LaZagne Project |
| ! BANG BANG ! |
| ==================================================================== |
[!] Python 3.7.6 on Windows AMD64: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
[+] System masterkey decrypted for 08be8fec-13ca-4ae0-8341-36b907e33d19 [+] System masterkey decrypted for 15e43b11-4cee-437f-928e-082807c02474 [+] System masterkey decrypted for 1e8bc276-41f3-493f-8fb4-32496443bb79 [+] System masterkey decrypted for 4e79d188-0323-4c0b-9796-0d9ffc89f045 [+] System masterkey decrypted for 55aa46c8-2bc6-496a-8888-482c24891036
########## User: SYSTEM ##########
------------------- Ftpnavigator passwords -----------------
[!] No passwords found
------------------- Unattended passwords -----------------
[!] No passwords found
------------------- Pypykatz passwords -----------------
None [+] Password found !!! Domain: DESKTOP-2GHHNFK Password: xxxxxxxxxxxxxxx Shahash: 1a64c263388a957f3c40b29dcfea3bd994563c99 Nthash: 77d608ef029fb11a2079f4322355bf62
.. and so on ...
[+] 10 passwords have been found.
elapsed time = 13.191698551177979
Still this issue: ------------------- Hashdump passwords -----------------
[!] Traceback (most recent call last): File "C:\lazena\Windows\lazagne\config\run.py", line 45, in run_module pwd_found = module.run() # run the module File "C:\lazena\Windows\lazagne\softwares\windows\hashdump.py", line 12, in run hashdump = dump_file_hashes(constant.hives['system'], constant.hives['sam']) File "C:\lazena\Windows\lazagne\softwares\windows\creddump7\win32\hashdump.py", line 298, in dump_file_hashes return dump_hashes(sysaddr, samaddr) File "C:\lazena\Windows\lazagne\softwares\windows\creddump7\win32\hashdump.py", line 281, in dump_hashes hbootkey = get_hbootkey(samaddr, bootkey) File "C:\lazena\Windows\lazagne\softwares\windows\creddump7\win32\hashdump.py", line 162, in get_hbootkey revision = ord(F[0x00]) TypeError: ord() expected string of length 1, but int found
------------------- Lsa_secrets passwords -----------------
Question? There's any difference using pypykatz 0.0.3 (that's default in lazagne) or doing pip install --upgrade pypykatz(that up version to 0.3.2).
At this moment with latest lazagne in python 3.7 x64 and you PR#461 fix I confirm that user password(i have wdigest enabled),LSA Secrets,WIFI,Chrome,Firefox,CoreFTP(passw not recovered becauseI set to not saved) are recovered well.
For the benefit,this is -vvv output(Win 10 1809 x64,python 3.7 x64,physical machine): Papotito123_latest lazagne+PR#461_raw cmd.txt
So much thanks.And the tool is really moving right.
Hello: raw cmd ; C:\Windows\system32>cd C:\Users\TESTACCOUNT\Desktop\Python37
C:\Users\TESTACCOUNT\Desktop\Python37>pip install -r "C:\lago\requirements.txt" Ignoring enum34: markers 'python_version < "3.4" and sys_platform == "win32"' don't match your environment Ignoring psutil: markers 'sys_platform == "linux" or sys_platform == "linux2"' don't match your environment Ignoring secretstorage: markers 'sys_platform == "linux" or sys_platform == "linux2"' don't match your environment Collecting https://github.com/AlessandroZ/pypykatz/archive/master.zip (from -r C:\lago\requirements.txt (line 6)) Downloading https://github.com/AlessandroZ/pypykatz/archive/master.zip / 1.2MB 1.3MB/s Requirement already satisfied (use --upgrade to upgrade): pypykatz==0.0.3 from https://github.com/AlessandroZ/pypykatz/archive/master.zip in c:\users\testaccount\desktop\python37\lib\site-packages (from -r C:\lago\requirements.txt (line 6)) Requirement already satisfied: pyasn1 in c:\users\testaccount\desktop\python37\lib\site-packages (from -r C:\lago\requirements.txt (line 3)) (0.4.8) Requirement already satisfied: rsa in c:\users\testaccount\desktop\python37\lib\site-packages (from -r C:\lago\requirements.txt (line 4)) (4.0)
C:\Users\TESTACCOUNT\Desktop\Python37>pip install --upgrade pypykatz Collecting pypykatz Using cached https://files.pythonhosted.org/packages/68/4a/2436e462a7c9ad3df263f5b14998b664bdc62f2d4352af142b5defafeada/pypykatz-0.3.2-py3-none-any.whl Requirement already satisfied, skipping upgrade: minidump>=0.0.11 in c:\users\testaccount\desktop\python37\lib\site-packages (from pypykatz) (0.0.11) Requirement already satisfied, skipping upgrade: minikerberos>=0.0.11 in c:\users\testaccount\desktop\python37\lib\site-packages (from pypykatz) (0.0.11) Requirement already satisfied, skipping upgrade: msldap>=0.1.1 in c:\users\testaccount\desktop\python37\lib\site-packages (from pypykatz) (0.2.5) Requirement already satisfied, skipping upgrade: aiowinreg>=0.0.1 in c:\users\testaccount\desktop\python37\lib\site-packages (from pypykatz) (0.0.2) Requirement already satisfied, skipping upgrade: winsspi>=0.0.3 in c:\users\testaccount\desktop\python37\lib\site-packages (from pypykatz) (0.0.3) Requirement already satisfied, skipping upgrade: asn1crypto in c:\users\testaccount\desktop\python37\lib\site-packages (from minikerberos>=0.0.11->pypykatz) (1.2.0) Requirement already satisfied, skipping upgrade: ldap3<2.5.2 in c:\users\testaccount\desktop\python37\lib\site-packages (from msldap>=0.1.1->pypykatz) (2.5.1) Requirement already satisfied, skipping upgrade: asciitree in c:\users\testaccount\desktop\python37\lib\site-packages (from msldap>=0.1.1->pypykatz) (0.3.3) Requirement already satisfied, skipping upgrade: socks5line>=0.0.3 in c:\users\testaccount\desktop\python37\lib\site-packages (from msldap>=0.1.1->pypykatz) (0.0.3) Requirement already satisfied, skipping upgrade: aiocmd in c:\users\testaccount\desktop\python37\lib\site-packages (from msldap>=0.1.1->pypykatz) (0.1.2) Requirement already satisfied, skipping upgrade: pyasn1>=0.1.8 in c:\users\testaccount\desktop\python37\lib\site-packages (from ldap3<2.5.2->msldap>=0.1.1->pypykatz) (0.4.8) Requirement already satisfied, skipping upgrade: prompt-toolkit>=2.0.9 in c:\users\testaccount\desktop\python37\lib\site-packages (from aiocmd->msldap>=0.1.1->pypykatz) (3.0.2) Requirement already satisfied, skipping upgrade: wcwidth in c:\users\testaccount\desktop\python37\lib\site-packages (from prompt-toolkit>=2.0.9->aiocmd->msldap>=0.1.1->pypykatz) (0.1.7) Installing collected packages: pypykatz Found existing installation: pypykatz 0.0.3 Uninstalling pypykatz-0.0.3: Successfully uninstalled pypykatz-0.0.3 Successfully installed pypykatz-0.3.2
C:\Users\TESTACCOUNT\Desktop\Python37>python C:\lago\Windows\laZagne.py" usage: laZagne.py [-h] [-version] {all,browsers,chats,databases,games,git,mails,maven,memory,multimedia,php,svn,sysadmin,windows,wifi} ...
positional arguments: {all,browsers,chats,databases,games,git,mails,maven,memory,multimedia,php,svn,sysadmin,windows,wifi} Choose a main command all Run all modules browsers Run browsers module chats Run chats module databases Run databases module games Run games module git Run git module mails Run mails module maven Run maven module memory Run memory module multimedia Run multimedia module php Run php module svn Run svn module sysadmin Run sysadmin module windows Run windows module wifi Run wifi module
optional arguments: -h, --help show this help message and exit -version laZagne version
C:\Users\TESTACCOUNT\Desktop\Python37>"C:\lago\Windows\laZagne.py" -version Version 2.4.3
C:\Users\TESTACCOUNT\Desktop\Python37>"C:\lago\Windows\laZagne.py" all -vvv
[!] Python 3.7.6 on Windows AMD64: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel
Traceback (most recent call last): File "C:\lago\Windows\laZagne.py", line 233, in
for r in runLaZagne(category_selected=category, subcategories=subcategories, password=args.get('password', None)):
File "C:\lago\Windows\laZagne.py", line 87, in runLaZagne
for pwd_dic in run_lazagne(category_selected=category_selected, subcategories=subcategories, password=password):
File "C:\lago\Windows\lazagne\config\run.py", line 169, in run_lazagne
constant.system_dpapi = SystemDpapi()
File "C:\lago\Windows\lazagne\config\dpapi_structure.py", line 164, in init
LSASecrets().run()
File "C:\lago\Windows\lazagne\softwares\windows\lsa_secrets.py", line 25, in run
secrets = get_file_secrets(constant.hives['system'], constant.hives['security'], is_vista_or_higher)
File "C:\lago\Windows\lazagne\softwares\windows\creddump7\win32\lsasecrets.py", line 183, in get_file_secrets
return get_secrets(sysaddr, secaddr, vista)
File "C:\lago\Windows\lazagne\softwares\windows\creddump7\win32\lsasecrets.py", line 162, in get_secrets
enc_secret = secaddr.read(enc_secret_value.Data.value, enc_secret_value.DataLength.value)
File "C:\lago\Windows\lazagne\softwares\windows\creddump7\addrspace.py", line 110, in read
for i in range(0, full_blocks):
TypeError: 'float' object cannot be interpreted as an integer
C:\Users\TESTACCOUNT\Desktop\Python37>
This is latest code. I'm doing something wrong?
Thanks.