Lazagne - Credentials Recovery Tool

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques (plaintext, APIs, custom algorithms, databases, etc.). This tool has been developed for the purpose of finding these passwords for the most commonly-used software.
The LaZagne project
This project has been added to pupy as a post-exploitation module. Python code will be interpreted in memory without touching the disk and it works on Windows and Linux host. The last Linux release is not up to date so I recommend to use pupy to use it.

Standalones

Standalones are now available here: https://github.com/AlessandroZ/LaZagne/releases/

Usage

  • Retrieve version
laZagne.exe --version
  • Launch all modules
laZagne.exe all
  • Launch only a specific module
laZagne.exe browsers
  • Launch only a specific software script
laZagne.exe browsers -f (for firefox)
  • Write all passwords found into a file (-oN for Normal txt, -oJ for Json, -oA for All)
laZagne.exe all -oN
  • Get help
laZagne.exe -h
laZagne.exe browsers -h
  • Use a file for dictionary attacks (used only when it's necessary: mozilla masterpassword, system hahes, etc.). The file has to be a wordlist in cleartext (no rainbow), it has not been optmized to be fast but could useful for basic passwords.
laZagne.exe all -path file.txt
  • Change verbosity mode (2 different levels)
laZagne.exe all -vv
  • Quiet mode (nothing will be printed on the standard output)
laZagne.exe all -quiet -oA
  • Retrieve passwords on another drive (default: C)
laZagne.exe all -drive D
Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication / sudo)

Supported software

The LaZagne project
(*) used by many tools to store passwords: Chrome, Owncloud, Evolution, KMail, etc.
Powered by Blogger.