Merge pull request #31 from ThePorgs/update/1719846963

Resources update 01-Jul-24
ThePorgs · Jul 10, 2024 · 8846750 · 8846750
2 parents 28151cf + 25d3eaa
commit 8846750
Show file tree

Hide file tree

Showing 47 changed files with 4,162 additions and 3,954 deletions.
diff --git a/linux/LaZagne/hook-sys.py b/linux/LaZagne/hook-sys.py
@@ -0,0 +1,9 @@
+from lazagne.config.manage_modules import get_modules_names
+from lazagne.softwares.browsers.chromium_browsers import chromium_based_module_location
+from lazagne.softwares.browsers.firefox_browsers import mozilla_module_location
+
+all_hidden_imports_module_names = get_modules_names() + [mozilla_module_location, chromium_based_module_location]
+hiddenimports = [package_name for package_name, module_name in all_hidden_imports_module_names]
+
+if __name__ == "__main__":
+    print("\r\n".join(hiddenimports))
diff --git a/linux/LaZagne/laZagne.py b/linux/LaZagne/laZagne.py
@@ -184,12 +184,21 @@ def runLaZagne(category_selected='all', subcategories={}):
 
     # ------------------------------------------- Parse arguments -------------------------------------------
 
+    # By default, launch all modules
     if len(sys.argv) == 1:
-        parser.print_help()
-        sys.exit(1)
-
-    args = dict(parser.parse_args()._get_kwargs())
-    arguments = parser.parse_args()
+        args = {
+            'verbose': 0, 
+            'quiet': False, 
+            'password': None, 
+            'write_normal': None, 
+            'write_json': None, 
+            'write_all': None, 
+            'output': '.', 
+            'auditType': 'all'
+        }
+    else:
+        args = dict(parser.parse_args()._get_kwargs())
+        # arguments = parser.parse_args()
 
     # Define constant variables
     output(

diff --git a/linux/LaZagne/laZagne.spec b/linux/LaZagne/laZagne.spec
diff --git a/linux/LaZagne/lazagne.spec b/linux/LaZagne/lazagne.spec
@@ -0,0 +1,38 @@
+# -*- mode: python ; coding: utf-8 -*-
+
+
+a = Analysis(
+    ['laZagne.py'],
+    pathex=[],
+    binaries=[],
+    datas=[],
+    hiddenimports=[],
+    hookspath=['.'],
+    hooksconfig={},
+    runtime_hooks=[],
+    excludes=[],
+    noarchive=False,
+    optimize=0,
+)
+pyz = PYZ(a.pure)
+
+exe = EXE(
+    pyz,
+    a.scripts,
+    a.binaries,
+    a.datas,
+    [],
+    name='laZagne',
+    debug=False,
+    bootloader_ignore_signals=False,
+    strip=False,
+    upx=True,
+    upx_exclude=[],
+    runtime_tmpdir=None,
+    console=True,
+    disable_windowed_traceback=False,
+    argv_emulation=False,
+    target_arch=None,
+    codesign_identity=None,
+    entitlements_file=None,
+)
diff --git a/linux/LaZagne/lazagne/config/manage_modules.py b/linux/LaZagne/lazagne/config/manage_modules.py
@@ -6,6 +6,9 @@
 from lazagne.softwares.browsers.firefox_browsers import firefox_browsers
 from lazagne.softwares.browsers.chromium_browsers import chromium_browsers
 
+# mails
+from lazagne.softwares.mails.thunderbird_mails import thunderbird_mails
+
 try:
     from lazagne.softwares.memory.memorydump import MemoryDump
 except ImportError:
@@ -31,7 +34,6 @@ def get_categories():
 def get_modules_names():
     return [
         ("lazagne.softwares.mails.clawsmail", "ClawsMail"),
-        ("lazagne.softwares.mails.thunderbird", "Thunderbird"),
         ("lazagne.softwares.databases.dbvis", "DbVisualizer"),
         ("lazagne.softwares.sysadmin.env_variable", "Env_variable"),
         ("lazagne.softwares.sysadmin.apachedirectorystudio", "ApacheDirectoryStudio"),
@@ -68,4 +70,4 @@ def get_modules_names():
 
 def get_modules():
     modules = [soft_import(package_name, module_name)() for package_name, module_name in get_modules_names()]
-    return modules + chromium_browsers + firefox_browsers
+    return modules + chromium_browsers + firefox_browsers + thunderbird_mails
diff --git a/linux/LaZagne/lazagne/softwares/browsers/mozilla.py b/linux/LaZagne/lazagne/softwares/browsers/mozilla.py
@@ -85,9 +85,9 @@ def long_to_bytes(n, blocksize=0):
 
 class Mozilla(ModuleInfo):
 
-    def __init__(self, browser_name, path):
+    def __init__(self, browser_name, path, category='browsers'):
         self.path = path
-        ModuleInfo.__init__(self, browser_name, category='browsers')
+        ModuleInfo.__init__(self, browser_name, category=category)
 
     def get_firefox_profiles(self, directory):
         """

diff --git a/linux/LaZagne/lazagne/softwares/mails/thunderbird.py b/linux/LaZagne/lazagne/softwares/mails/thunderbird.py
diff --git a/linux/LaZagne/lazagne/softwares/mails/thunderbird_mails.py b/linux/LaZagne/lazagne/softwares/mails/thunderbird_mails.py
@@ -0,0 +1,11 @@
+from lazagne.config.soft_import_module import soft_import
+
+mozilla_module_location = "lazagne.softwares.browsers.mozilla", "Mozilla"
+Mozilla = soft_import(*mozilla_module_location)
+
+# Name, path
+thunderbird_mails = [
+    (u'thunderbird', u'.thunderbird'),
+]
+
+thunderbird_mails = [Mozilla(browser_name=name, path=path, category='mails') for name, path in thunderbird_mails]
diff --git a/linux/ligolo-ng/agent_linux_amd64 b/linux/ligolo-ng/agent_linux_amd64
diff --git a/linux/ligolo-ng/agent_linux_arm64 b/linux/ligolo-ng/agent_linux_arm64
diff --git a/linux/linPEAS/linpeas.sh b/linux/linPEAS/linpeas.sh
diff --git a/linux/linPEAS/linpeas_darwin_amd64 b/linux/linPEAS/linpeas_darwin_amd64
diff --git a/linux/linPEAS/linpeas_darwin_arm64 b/linux/linPEAS/linpeas_darwin_arm64
diff --git a/linux/linPEAS/linpeas_linux_386 b/linux/linPEAS/linpeas_linux_386
diff --git a/linux/linPEAS/linpeas_linux_amd64 b/linux/linPEAS/linpeas_linux_amd64
diff --git a/linux/linPEAS/linpeas_linux_arm b/linux/linPEAS/linpeas_linux_arm
diff --git a/linux/linPEAS/linpeas_linux_arm64 b/linux/linPEAS/linpeas_linux_arm64
diff --git a/mac/LaZagne/hook-sys.py b/mac/LaZagne/hook-sys.py
@@ -0,0 +1,9 @@
+from lazagne.config.manage_modules import get_modules_names
+from lazagne.softwares.browsers.chromium_browsers import chromium_based_module_location
+from lazagne.softwares.browsers.firefox_browsers import mozilla_module_location
+
+all_hidden_imports_module_names = get_modules_names() + [mozilla_module_location, chromium_based_module_location]
+hiddenimports = [package_name for package_name, module_name in all_hidden_imports_module_names]
+
+if __name__ == "__main__":
+    print("\r\n".join(hiddenimports))
diff --git a/mac/LaZagne/laZagne.py b/mac/LaZagne/laZagne.py
@@ -200,9 +200,21 @@ def runLaZagne(category_selected='all', subcategories={}, password=None, interac
 
     # ------------------------------------------- Parse arguments -------------------------------------------
 
-    if len(sys.argv) == 1:
-        parser.print_help()
-        sys.exit(1)
+    # # By default, launch all modules
+    # if len(sys.argv) == 1:
+    #     args = {
+    #         'verbose': 0, 
+    #         'quiet': False, 
+    #         'password': None, 
+    #         'write_normal': None, 
+    #         'write_json': None, 
+    #         'write_all': None, 
+    #         'output': '.', 
+    #         'auditType': 'all'
+    #     }
+    # else:
+    #     args = dict(parser.parse_args()._get_kwargs())
+    #     # arguments = parser.parse_args()
 
     args = dict(parser.parse_args()._get_kwargs())
     arguments = parser.parse_args()

diff --git a/mac/LaZagne/laZagne.spec → mac/LaZagne/lazagne.spec b/mac/LaZagne/laZagne.spec → mac/LaZagne/lazagne.spec
@@ -40,3 +40,4 @@ exe = EXE(pyz,
           upx_exclude=[],
           runtime_tmpdir=None,
           console=True )
+
diff --git a/windows/LaZagne/hook-sys.py b/windows/LaZagne/hook-sys.py
@@ -0,0 +1,9 @@
+from lazagne.config.manage_modules import get_modules_names
+from lazagne.softwares.browsers.chromium_browsers import chromium_based_module_location
+from lazagne.softwares.browsers.firefox_browsers import mozilla_module_location
+
+all_hidden_imports_module_names = get_modules_names() + [mozilla_module_location, chromium_based_module_location]
+hiddenimports = [package_name for package_name, module_name in all_hidden_imports_module_names]
+
+if __name__ == "__main__":
+    print("\r\n".join(hiddenimports))
diff --git a/windows/LaZagne/laZagne.py b/windows/LaZagne/laZagne.py
@@ -204,12 +204,21 @@ def clean_args(arg):
 
     # ------------------------------------------- Parse arguments -------------------------------------------
 
+    # By default, launch all modules
     if len(sys.argv) == 1:
-        parser.print_help()
-        sys.exit(1)
-
-    args = dict(parser.parse_args()._get_kwargs())
-    arguments = parser.parse_args()
+        args = {
+            'verbose': 0, 
+            'quiet': False, 
+            'password': None, 
+            'write_normal': None, 
+            'write_json': None, 
+            'write_all': None, 
+            'output': '.', 
+            'auditType': 'all'
+        }
+    else:
+        args = dict(parser.parse_args()._get_kwargs())
+        # arguments = parser.parse_args()
 
     # Define constant variables
     output(

diff --git a/windows/LaZagne/lazagne.exe b/windows/LaZagne/lazagne.exe
diff --git a/windows/LaZagne/lazagne.spec b/windows/LaZagne/lazagne.spec
@@ -32,6 +32,6 @@ exe = EXE(
         name='lazagne.exe',
         debug=False,
         strip=None,
-        upx=True,
+        upx=False,
         console=True
 )
diff --git a/windows/LaZagne/lazagne/config/DPAPI/masterkey.py b/windows/LaZagne/lazagne/config/DPAPI/masterkey.py
@@ -13,12 +13,14 @@
 from .eater import DataStruct, Eater
 from collections import defaultdict
 
+import binascii
 import codecs
 import hashlib
 import struct
 import os
 
 from lazagne.config.constant import constant
+from lazagne.config.crypto.md4 import MD4
 
 
 class MasterKey(DataStruct):
@@ -66,10 +68,19 @@ def decrypt_with_password(self, sid, pwd):
         except Exception:
             return
 
-        for algo in ["sha1", "md4"]:
-            self.decrypt_with_hash(sid=sid, pwdhash=hashlib.new(algo, pwd).digest())
-            if self.decrypted:
-                break
+        # sha1 
+        self.decrypt_with_hash(sid=sid, pwdhash=hashlib.new("sha1", pwd).digest())
+        if self.decrypted:
+            return
+
+        # md4
+        self.decrypt_with_hash(sid=sid, pwdhash=binascii.unhexlify(MD4(pwd).hexdigest()))
+
+        # hashlib does not support md4 hash anymore 
+        # for algo in ["sha1", "md4"]:
+        #     self.decrypt_with_hash(sid=sid, pwdhash=hashlib.new(algo, pwd).digest())
+        #     if self.decrypted:
+        #         break
 
     def decrypt_with_key(self, pwdhash):
         """
Original file line number	Diff line number	Diff line change
Expand Up		@@ -40,3 +40,4 @@ exe = EXE(pyz,
		upx_exclude=[],
		runtime_tmpdir=None,
		console=True )