How to find all passwords (web browsers, email programs, etc.) in Windows and Linux

Today I want to share information about the program, whose work struck me and made me think: how much an intruder can find out about me (and most of us), having access to my (or your) computer for just a few minutes.

How to extract all passwords

Even if you are not going to collect passwords on other people's computers, programs such as LaZagne are a very good way of thinking about how vulnerable our privacy is when our computers are not under our control: at airports, when they surrender to luggage, in repair shops, after sale etc.

And if you are going to crack other people's passwords, then I’ll draw your attention to the fact that LaZagne is a command line utility, and you can come up with various interesting variants of its hidden use on remote machines for retrieving the passwords of the target …

Password Recovery Software

I think you already understood that I will talk about LaZagne.

As good alternatives, you can remember the programs from NirSoft: WebBrowserPassView, Mail PassView, MessenPass and others. Programs have perfectly speaking names (the first retrieves passwords from web browsers, the second - from email clients, a third - from clients for instant messaging).

These are absolutely free programs, without advertising and bloatware, many of them have a command-line interface, they are very undemanding to resources. But they work only on Windows and they are not open source. If the program is closed source code, it gives food for thought: it just extracts passwords, or it extracts passwords and send them to somewhere in the net…

LaZagne is open source, the program is written in Python 2, i.e. if you know how to configure the Python runtime and set the dependencies, you can run directly the original scripts (as is done on Linux). For those who do not know/do not want to dig, the executable files are compiled, which also contain all the necessary dependencies.

Speaking of Linux. The version for this OS differs from the version under Windows. Windows version supports a smaller number of programs for which it can recover passwords.

LaZagne user manual in Windows

The program is very easy to use. If you want to use the compiled executable file, go to the release page: https://github.com/AlessandroZ/LaZagne/releases and select the latest version for Windows (the Windows.zip file).

Unzip the downloaded file. Open a command prompt in Windows (Win+x) and select "Windows PowerShell" or "Windows PowerShell (Administrator)" there. In theory, as described in the official documentation, when you run the program from the administrator, it must find passwords for all users, plus a password for Wi-Fi. At me opposite, in the administrator command line the program does not work at all (finds nothing). Perhaps you need to run in a different way, for example:

C:\> runas /user:<localmachinename>\administrator cmd

or

C:\> runas /user:<DomainName>\<AdministratorAccountName> cmd

But it also did not work for me (since I have an account without a password, and for such a launch it should be with a password). I did not deal with this much, but just ran it from the command line on the regular user. Let us go directly to the place where I earned)))

In the command line window that opens, you can drag-n-drop the executable file (so you do not type it by hand). Through the spacebar, add all to get something like this:

Here is my result:

617 passwords!

To save the data to a file, add the -oN option:

laZagne.exe all -oN

The file is saved not relative to the location of the executable file, but relative to the current working directory (you can see it in the command prompt). For example, in my case this is C:\Users\Alex\, then the file with the found passwords is stored in C:\Users\Alex\results\ folder.

You can also use the -oJ option to save in Json format or the -oA option to save in two formats at once. By the way, at me, in Json it is normal, and at a choice of saving in the form of the usual text, only some passwords are saved.

If you also have problems with this, then you can use the redirection of the output:

laZagne.exe all > logons.txt

If you want to search passwords only for browsers:

laZagne.exe browsers

You can even run a search only for certain browsers, for example, for Firefox:

laZagne.exe browsers -f

Conclusion

The program LaZagne is very easy to use and very well cope with the task of finding passwords in the computer. The program continues to develop actively and new scripts are regularly added, which allow searching and recovering passwords for even more programs.

You can to some extent protect yourself from this program if, for example, you use the master password for browsers (if your browser supports it).

You should always remember about such programs if you are using public computers (for example, in an Internet cafe) or your computer at least for a while falls out of your possession (when dropping luggage, repairing, selling).

When selling, do not expect to simply remove or format the hard drive. Forensic tools (like Autopsy) are able to recover data. By the way, Autopsy in addition to passwords, can show the history, cookies of web browsers, visited sites, information about the time of using the computer (formed by many factors) and much more.

Continue reading ‘How to extract all web site passwords stored in web bowser’.