Greetings everyone, I hope you all are fine and shine. In this tutorial I will show you how to extract saved passwords from an exploited system. This tool is actually a python script called LaZagne. The guy who created this script is Alessandro, and all the credit goes to him. This tool really helps hackers and pen-testers in getting the sensitive information.
This tool is available for all popular platforms like Windows, Linux, Mac.
NOTE: This tool doesn’t have the ability to crack all the hashes perfectly.
Now let’s see how it works.
1.First thing is to download this script and it’s very simple. Download this from the following link.
git clone GitHub - AlessandroZ/LaZagne: Credentials recovery project
2.Next navigate to the directory where you have cloned or download the zip (extract if zipped).
3.Before running this tool we must install the required packages for this tool so we didn’t face any problem. Probably you’ll get error if you don’t do it.
pip install -r requirement.txt
- Now simply just run the tool by typing the following
./laZagne.py
This will show you the help menu
here’s how to take in use.
Now if you want to extract the browsers passwords, then type the follwing.
./laZagne.py browsers
Now this will show the URL, Login, Password
Now if you want to extract the wifi passwords, simply type the following.
./laZagne.py wifi
With this you will get the passwords, SSIDs of the saved wifi in your system.
if you want to extract the passwords saved in your memory, then do the following.
./laZagne.py memory
You can also save the credntials by putting ‘-oN’ (./laZagne.py memory -oN)
with this you will see the normal text fine in the laZagne folder(Probably be named credentials.txt).
same idea for Mac OS, if you have problem check out the Github page of the tool.
Now if you want to do that with windows, simply follow the link
Now once you extract the zip file simply navigate to that specific directory with the help of cmd where you have downloaded the laZagne.
Now it’s simple just like we did it on linux
laZagne.exe -h
NOTE: if you want to save all the sensitive information silently (without being displed on screen), you can simply put the -quiet.
lazagne.exe browsers -quiet -oN