What's new in LaZagne 2.4.5
Feb 22, 2023
- Big code review and lots of bug fixed
- PEP8 Style (thanks to @ingested)
- Pycrypto denpendency removed
New in LaZagne 2.4 (Sep 3, 2018)
- Big code review and lots of bug fixed
- PEP8 Style
- Pycrypto denpendency removed
- Adding pypykatz module
- Adding VNC module
- Manage more than 26 different browsers now
- Removing construct on DPAPI function (lots of bug fix on DPAPI as well)
- Removing psutil dependency
New in LaZagne 2.3.2 (Mar 22, 2018)
- Big code review
- Lots of minor bug fixed
- If windows user found => domain passwords retrieved from credentials files
- If windows user not found => DPAPI hash printed to bruteforce with john or hashcat (no admin privilege required)
- New modules added postgresql and psi-im (thanks to @m41nt41n3r)
- XP managed
- Adding support for newest firefox version. Awesome work from lclevy: https://github.com/lclevy/firepwd
- Adding Wdigest passwords (using mimikatz signature)
- Works on Vista / Win7 x86 and x64
- Thanks to
- n1nj4sec for https://github.com/n1nj4sec/memorpy/
- Francesco Picasso for https://github.com/RealityNet/hotoloti/blob/master/volatility/mimikatz.py
- Note: right now, LaZagne x86 cannot read memory from a x64 process (so some modules cannot work using this build such as wdigest passwords)
- That's why, two lazagne binaries have been built (x86 and x64).
New in LaZagne 2.3.1 (Oct 18, 2017)
New in LaZagne 2.3 (Oct 6, 2017)
- Only Windows:
- Bug "UnicodeDecodeError" resolved (#134)
- Support many alphabets (for chinese, russian, ... passwords)
- Well managed when password are written to files (Lazagne.exe all -oA), not always correct when printed on the console (depend on the system encoding)
- New module added:
- CocCoc browser supported (#141)
- Quiet mode added to not print anything on the console (#140) => lazagne.exe all -quiet
- Retrieve passwords from another drive (#142) => lazagne all -drive D
- lsa secrets are well written on files (when -oA, -oJ or -oN options are used)
New in LaZagne 2.2 (May 18, 2017)
- Fix bug created on the previous release (cf #118)
New in LaZagne 2.1 (Apr 29, 2017)
- Only Windows:
- removing many dependencies (win32api, win32crypt, win32xxx, colorama, etc.) using ctypes
- adding little modules
- retrieve passwords when autologon is enabled
- retrieve passwords stored in unattended files
- using creddump to retrieve system hashes + LSA secrets
- little bugs fixed + some code review
New in LaZagne 2.0 (Jan 28, 2017)
- only one process is launched (impersonnation is done using "ImpersonateLoggedOnUser" and no more "CreateProcessAsUser")
- no more temporary file written on the disk
- uses of powerdump from empire (thanks to adaptivethreat) to avoid writing hives on the disk (avoid "reg save ...")
- better way to catch errors
- json fixes (output to be more "human readable" + error encoding)
- cleaning code
- New category added called "memory": used to retrieve password on memory
- KeeThief added (thanks to adaptivethreat) - retrieve keepass (version 2.x) password from memory
- Powershell code used from https://github.com/adaptivethreat/KeeThief/
- Browser passwords present in memory could be retrieved
- Thanks to n1nj4sec for his awesome project "memorpy"
- https://github.com/n1nj4sec/memorpy
- New category added called "php":
- New module "PHP Composer" (thanks to righettod => https://github.com/righettod)
New in LaZagne 1.7 (Sep 12, 2016)
- Only Windows:
- New modules (thanks to righettod => https://github.com/righettod):
- Robomongo - MongoDB client
- Internet Explorer bug fix (for windows 7)