CoreFTP password not retrieve

AlessandroZ / LaZagne

Credentials recovery project

GNU Lesser General Public License v3.0

9.52k stars 2.04k forks source link

CoreFTP password not retrieve #476

Closed Papotito123 closed 4 years ago

Papotito123 commented 4 years ago

Hello: I noticed in all my lazagne.py runnings(even in lazagne latest git) that CoreFTP password is not grabbed. It recovers username but not password.

I used 2 tools that grabs passwords from web/apps and both recovered CoreFTP login.

Running laZagne.py all -vvv doesn't give any error/comment:

------------------- Coreftp passwords -----------------

[-] Password not found !!! Host: ftp.byethost13.com Login: xxxxxxxxxxxx User: xxxxxxxxxxx Port: 21

------------------- Filezilla passwords -----------------

[!] No passwords found

Thanks in advanced.

byehack commented 4 years ago

in python 3 we should use bytes instead strings. so go to this line: https://github.com/AlessandroZ/LaZagne/blob/c89a1f2744282bb2f3c8cc00d16ffca5fefcf4f3/Windows/lazagne/softwares/sysadmin/coreftp.py#L17 and change it to self._secret = b"hdfzpysvpzimorhk"

and go to this line: https://github.com/AlessandroZ/LaZagne/blob/c89a1f2744282bb2f3c8cc00d16ffca5fefcf4f3/Windows/lazagne/softwares/sysadmin/coreftp.py#L23 and change it to return decrypted.split(b'\x00')[0]

test and give me the results to make a new commits if it worked :)

Papotito123 commented 4 years ago

Hello: @AlessandroZ ; I made the changes in coreftp.py but still no password,

------------------- Coreftp passwords -----------------

[-] Password not found !!! Host: ftp.byethost13.com Login: xxxxxxxxxxxxxxxx User: xxxxxxxxxxxxxxxx Port: 21

------------------- Filezilla passwords -----------------

Thanks for keep in touch.

byehack commented 4 years ago

https://github.com/AlessandroZ/LaZagne/blob/c89a1f2744282bb2f3c8cc00d16ffca5fefcf4f3/Windows/lazagne/softwares/sysadmin/coreftp.py#L35

change it to elements = ['Host', 'Port', 'User', 'PW']

Papotito123 commented 4 years ago

Hello: @AlessandroZ ,I did made all 3 changes you suggest for coreftp.py file and worked well. ------------------- Apachedirectorystudio passwords -----------------

[!] No passwords found

------------------- Coreftp passwords -----------------

[+] Password found !!! Host: ftp.byethost13.com Login: xxxxxxxxxxxx User: xxxxxxxxxxxx Password: ZZZZZZZZZZ Port: 21

------------------- Filezilla passwords -----------------

[!] No passwords found

This CoreFTP login appears as recovered in all user accounts even I used only my TESTACCOUNT.

So much thanks.

byehack commented 4 years ago

so you can close this issue now!

Papotito123 commented 4 years ago

Hello: Thanks again.