Adding SMTP Password for Outlook module

[jboss38]

Hey !

I just try the Outlook module but didn't find my smtp password. What about adding the SMTP password to your Outlook module ?

------------------- Outlook passwords -----------------

Password found !!! SMTP User: smtp@Microsoft.com SMTP Port: 587 Account Name: Jean Louis Display Name: Jean Louis IMAP Sentitems flag: 2 Email: Jean Louis@Microsoft.com Organization: Microsoft Reply-Forward Signature: Sign SMTP Secure Connection: 0 SMTP Server: smtp.Microsoft.fr IMAP Store EID: Ûä©ßé╗¯öàß¿ÉÙ«Ô¿½ýëû Password: BillGates IMAP Deleteditems flag: 2 SMTP Use Auth: 1 SMTP Auth Method: 1 IMAP Server: imap.Microsoft.fr IMAP User: billgates@Microsoft.fr Delivery Store EntryID: Ûä©ßé╗¯öàß¿ÉÙ«Ô¿ Delivery Folder EntryID: ÚÉàßöîÚ®£õ¡┤ EnablePurgeOnSwitch: 1 Preferences UID: ¯Ø½ÙÖ¼Ýâ Service UID: ¼8q═┼M┐Ì─Ùê IMAP Folder Path: Inbox New Signature: Sign

Outlook store the passwords in the same Registry key of the account settings. The accounts are stored in the Registry under HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles[Profile Name]\9375CFF0413111d3B88A00104B2A6676[Account Index] If you use Outlook to connect an account on Exchange server, the password is stored in the Credentials file, together with login passwords of LAN computers.

[AlessandroZ]

Right now, lazagne does not manage Outlook Exchange password. I know that it is stored on the credential manager, but I think it's stored on the category type that I do not manage. Because lazagne manages the credentials manager for windows 7, 8 and 8.1 (I'm not sure for windows 10), but in my last tests, the outlook passwords was not retrieved.

For normal Outlook account, I already retrieved it on the registry key that you gave me: https://github.com/AlessandroZ/LaZagne/blob/master/Windows/lazagne/softwares/mails/outlook.py#L13

I give you a clue, change your outlook password (it's on your output):

• Email: Jean Louis@Microsoft.com
• Password: BillG***

[jboss38]

Okey thanks for info.

But what about SMTP credential stored in outlook when using regular outlook ? (not exchange)

I also give you a clue, it's fake credential (for testing purpose), really, who put BillGates for password lmao

[AlessandroZ]

I don't understand which password you are talking about. In your previous output, it's a non exchange account that it's used and the password has been correctly retrieved. So I don't understand the problem.

[jboss38]

In outlook you have a password for User, this is retrieved here: Email: Jean Louis@Microsoft.com Password: BillG***

This login / password is for receive mail.

But you can also retrieve login and password of the account who send the mail via SMTP server. Here a screen: http://nsa38.casimages.com/img/2017/01/10/170110052052788872.png

If you want test, with nirsoft mailpv you can retrieve this SMTP password: http://www.nirsoft.net/utils/mailpv.html

EDIT: in HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\%PROFILEID%\00000000x\

you can get the key "SMTP Password" to get it. You arleady get SMTP User & SMTP Port just need to add SMTP Password and ofc decrypt it. see : http://nsa37.casimages.com/img/2017/01/10/170110053639876609.png

ps: Outlook 2013 location is "HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook" if you want to add

[AlessandroZ]

Ok I see, you're right. I will need to do some tests to add these functionalities. I don't know if I could do it soon, however, if you think you're able to do it, do not hesitate to do a pull request adding these changes. Otherwise, I will do it. Thanks !

[jboss38]

i'm kind new at python, but when i got the time i will love to look at it.

[jboss38]

I found the problem

On this def :

1. def retrieve_info(self, hkey, name_key):
2.      values = {}
3.      num = win32api.RegQueryInfoKey(hkey)[1]
4.      for x in range(0, num):
5.          k = win32api.RegEnumValue(hkey, x)
6.          if 'password' in k[0].lower():
7.              try:
8.                  password = win32crypt.CryptUnprotectData(k[1][1:], None, None, None, 0)[1]
9.                  values['Password'] = password.decode('utf16')
10.                 except Exception,e:
11.                     print_debug('DEBUG', '{0}'.format(e))
12.                     values['Password'] = 'N/A'
13.             else:
14.                 try:
15.                     values[k[0]] = str(k[1]).decode('utf16')
16.                 except:
17.                     values[k[0]] = str(k[1])
18.         return values
19. 

When you find a password you add it on values named 'Password' at line 9 but there is multiple password. So he find correclty the SMTP Password, he can decrypt it, But after you erase it by the IMAP Password because there is string PASSWORD in the two key: IMAP Password SMTP Password

Have a nice day !

[AlessandroZ]

Thanks for the fix !