Get account passwords saved locally, support browser|database|mail|wireless|administrator and so on.
#####################
Disclaimer: The tool itself is not good or bad. I hope that everyone will use the tool on the premise of complying with the relevant laws of the "Network Security Law" and support research Learn, do not use it for illegal and criminal activities, and the loss caused by the malicious use of this tool has nothing to do with me or the developer.
#####################
Introduction of LaZagne
LaZagne is a project for obtaining account passwords saved in the local computer. Every software stores its passwords using a different technique (plaintext, API, custom algorithm, database, etc.) and this tool was developed to find these account passwords for the most used software. It can run on Windows and Linux hosts.
LaZagne support types
LaZagne found the local account password
LaZagne installation
LaZagne supports cross-platform use, and the password storage mechanism of different platforms is different:
Download project: git clone https://github.com/AlessandroZ/LaZagne
Installation dependencies: pip install -r requirements.txt, select your corresponding system version to use
If you are in a Windows environment, you can also download the exe execution file directly in Releases
LaZagne uses
parameter example
LaZagne parameters and conditions
start all modules
laZagne.exe all
Only start specific modules
laZagne.exe browsers
Only launch specific software scripts
laZagne.exe browsers -firefox
Write all passwords found to a file (-oN for normal txt, -oJ for Json, -oA for all)
laZagne.exe all -oN
laZagne.exe all -oA -output C:\Users\test\Desktop
get help
laZagne.exe -h
laZagne.exe browsers -h
Change verbose mode (2 different levels)
laZagne.exe all -vv
Quiet mode (nothing will be printed on stdout)
laZagne.exe all -quiet -oA
To decrypt domain credentials, a user windows password can be specified. Otherwise, it tries all the passwords it has found as Windows passwords.
laZagne.exe all -password ZapataVive
NOTE: For wifi passwords\Windows Secrets, start it with admin privileges (UAC authentication/sudo)
Mac
Note: On MacOS, it is difficult to retrieve passwords stored on the computer without the user password. So, I recommend using one of the options
If you know the user password, add it to the command line
laZagne all --password SuperSecurePassword
You can use interactive mode which will prompt the user with a dialog until the password is correct
laZagne all -i
Software supported by LaZagne