How to extract passwords from browsers
How to extract passwords from browsers Today we need to share data about the program, crafted by which flabbergasted us and made us figure: what amount can an aggressor find out about me (and the greater part of us) by accessing my (or your) PC for only a couple minutes.
Regardless of whether you won’t gather passwords on others’ PCs, programs
like LaZagne are a generally excellent approach to consider how weak our protection is the point at which our PCs are not heavily influenced by us: at air terminals, when they are processed in baggage, in fix shops, after deal. and so forth
And if you are going to crack other people’s passwords, then I would like to draw your attention to the
fact that LaZagne is a command line utility, and you can come up with various interesting options for its hidden use on remote machines to extract target passwords …
Password recovery software
I think you already understood that I will be talking about LaZagne.
As good alternatives, you can remember programs from NirSoft: WebBrowserPassView, Mail PassView, MessenPass and others. The programs have very self-explanatory names (the first extracts passwords from web browsers, the second from email clients, and a third from instant messaging clients).
These are absolutely free programs, without ads and garbage, many of them have a command line
interface, they are very undemanding to resources. But they only work under Windows and are closed source. If the program is closed source, then this leaves room for thought:
it simply extracts passwords, or it extracts passwords AND passes them on to anyone …
LaZagne is open source and written in Python 2, i.e. if you know how to set up the Python
runtime and install the required dependencies, you can run the source scripts directly (as is done on Linux). For those who do not know how / do not want to understand, executable files are compiled, which also contain all the necessary dependencies.
By the way about Linux. The version for this OS differs from the version for Windows in that it supports a smaller number of programs for which it can recover passwords.
By the way: who knows other similar functional open source programs – write about them in the comments, it will be interesting to see them.
Instructions for using LaZagne in Windows
The program is very easy to use. If you want to use the ready-made executable file, then go to the releases page: https://github.com/AlessandroZ/LaZagne/releases and select the latest version for Windows (Windows.zip file).
Unzip the downloaded file. Open a command prompt in Windows (Win + x) and select there “Command Prompt” or “Command Prompt (administrator)”. In theory, as described in the official documentation, when you run the program as an administrator, it should find passwords
for all users, plus a password for Wi-Fi. On the contrary, the program does not work at all on the command line as an administrator (it finds nothing). Perhaps you need to run it in another way, for example:
C: \> runas / user: <localmachinename> \ administrator cmd
C: \> runas / user: <DomainName> \ <AdministratorAccountName> cmd
But it also did not work for me (since I have an account without a password, and for such a launch it must be with a password). I didn’t bother to deal with this much, but just started it on the command line as an ordinary user. Let’s go straight to the place where it worked for me)))
You can drag the executable file into the opened command line window (so as not to type its location by hand). Add all after a space.
Add the -oN option to save the data to a file:
laZagne.exe all -oN
The file is saved not relative to the location of the running program, but relative to the current working directory
(the one seen at the command line prompt). For example, in my case it is C: \ Users \ Alex \, so the file with the found passwords is saved in C: \ Users \ Alex \ results \
You can also use the -oJ option to save in Json format or the -oA option to save in two formats at once. By the way, for me, it saves normally in Json, and when you choose to save as plain text, only a few passwords are saved.
If you also have problems with this, then you can use the banal output redirection:
laZagne.exe all> logons.txt
If you want to search for passwords only for browsers:
You can even run a search only for certain browsers, for example, for Firefox:
laZagne.exe browsers -f
For a complete list of available options and supported software, see the software help.
LaZagne is very easy to use and does a pretty good job of finding passwords on your computer. The program continues to actively develop and new scripts are regularly added that allow you to search and restore