top of page

LaZagne🚀: Perform Post-exploitation😈 on any OS like a Queen👸


A victim's🥺 credentials is a high priority for hackers😈, since most people reuse passwords. Those credentials can get hackers😈 deeper into a network or other accounts🤫, but digging through the system by hand to find them is difficult and tedious🤨 LaZagne works on Linux, Windows, and macOS, so anyone can practice using it, and it applies to almost every target 😝

LaZagne is included in the remote access tool Pupy as a post exploitation module😈, but you can also use it as a standalone. Still in active development, it currently supports enumerating passwords from a large set of Windows applications. Creds to this project😋 to;

  • 😈 Harmjoy for KeeThief

  • 😈 n1nj4sec for his mimipy module

  • 😈 Benjamin DELPY for mimikatz

  • 😈 @skelsec for Pypykatz

  • 😈 Moyix for Creddump

  • 😈 N0fat for Chainbreaker

  • 😈 Richard Moore for the AES module

  • 😈 Todd Whiteman for the DES module

  • 😈 mitya57 for secretstorage

You can download the standalone version via GitHub. Once you have it😋, use the terminal to extract it and move it to your windows-binaries folder in Kali Linux with the commands👇

cd Windows
cp laZagne.exe /usr/share/windows-binaries/

This is probably the best time to point out that you should 💥💥 run the application with full administrative rights 💥💥, especially if you are hoping to retrieve Wi-fi and Windows passwords😋 Once you have launched the program, it automatically displays a series of useful modules that you can use. So lets do this....💪


🚀 Enumerate Passwords

LaZagne is non-interactive and can be run in even the most bare-minimum of shells😋 Since it is a post-exploitation tool, which means that to use it, you need to already have access😈 to a host via a shell, or at the minimum, command execution☺️

type and hit enter👇

lazagne -h

Lot of available modules here. To gather Wi-Fi or Windows credentials, run as administrator☺️ and maybe specify which module you want to use. LaZagne includes a convenient all option. Obviously, 😈you want all the passwords so👇

lazagne all

we collected quite a few credentials👆. Lazagne also has a rudimentary brute-forcing😈 capability. If LaZagne is passed a wordlist, it will attempt to brute-force Mozilla master passwords, system hashes, etc. To pass a dictionary file, simply add the path argument👇

lazagne all -path wordlist.txt

In just a few words, LaZagne👆 is a lightweight command-line tool designed to help you recover lost or forgotten password from the most commonly used browsers, a couple of email clients and some FTP transfer and system administration tools☺️


🚀 Lazagne In-depth Usage

👉 Retrieve version👇

laZagne.exe --version

👉 Launch all modules👇

laZagne.exe all

👉 Launch only a specific module👇

laZagne.exe browsers

👉 Launch only a specific software script👇

laZagne.exe browsers -f (for Firefox)

👉 Write all passwords found into a file (-oN for Normal txt, -oJ for Json, -oA for All)👇

laZagne.exe all -oN

👉 Get help👇

laZagne.exe -h
laZagne.exe browsers -h

👉 Use a file for dictionary attacks (used only when it's necessary: Mozilla Master Password, system hashes, etc.). The file has to be a wordlist in cleartext (no rainbow), it has not been optimized to be fast but could be useful for basic passwords👇

laZagne.exe all -path file.txt

👉 Change verbosity mode (2 different levels)👇

laZagne.exe all -vv

👉 Quiet mode (nothing will be printed on the standard output)👇

laZagne.exe all -quiet -oA

👉 Retrieve passwords on another drive (default: C)👇

laZagne.exe all -drive D

💥💥💥 Note: For wifi passwords \ Windows Secrets, launch it with administrator privileges (UAC Authentication / sudo)💥💥💥


🚀Conclusion 🤖

Subscribe to receive notifications of similar posts 😜 where we will be reverse engineering malware, vulnerabilities as well as hacking tools, vectors, stories, tutorials and other Infosec stuff...😋

Follow me on twitter for daily Infosec Memes and shenanigans😝


Thank you for taking time and hope you learned something new, Like/Share and leave a comment/review and as always, stay awesome! 😋👊 💪

90 views0 comments
Post: Blog2_Post
bottom of page