forked from login-securite/DonPAPI
-
Notifications
You must be signed in to change notification settings - Fork 0
/
myusers.py
128 lines (116 loc) · 5.56 KB
/
myusers.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
#!/usr/bin/env python
# coding:utf-8
'''
PA Vandewoestyne
'''
from __future__ import division
from __future__ import print_function
import errno, binascii, shutil
import sys, json, operator
from datetime import datetime
from binascii import hexlify, unhexlify
import logging
import sys
from lib.toolbox import bcolors
class MyUser:
def __init__(self, username,logger,options):
self.username = username
self.options=options
self.logging = logger
self.sid = ''#un user peut avoir plusieurs SID ?
self.type = 'LOCAL'#LOCAL,DOMAIN,MACHINE,MACHINE-USER
self.type_validated = False
self.appdata = ''
self.password = ''
self.domain = ''
self.lmhash = ''
self.nthash = ''
self.aesKey = ''
self.TGT = ''
#self.masterkeys = {} # GUID_File: masterkey
self.masterkeys_file = {}
self.files = {}
self.secrets = {}
self.dpapi_machinekey: []
self.dpapi_userkey: []
self.share = None
self.pwd = None
self.is_adconnect = False
def resume_user_info(self):
try:
encrypted=0
decrypted=0
decryption_failed=0
for masterkey in self.masterkeys_file:
if self.masterkeys_file[masterkey]['status']=='decrypted':
decrypted+=1
elif self.masterkeys_file[masterkey]['status']=='encrypted':
encrypted+=1
elif self.masterkeys_file[masterkey]['status'] == 'decryption_failed':
decryption_failed+=1
file_stats={}
for file in self.files:
if self.files[file]['type'] not in file_stats:
file_stats[self.files[file]['type']]={}
if self.files[file]['status'] not in file_stats[self.files[file]['type']]:
file_stats[self.files[file]['type']][self.files[file]['status']]=[file]
else:
file_stats[self.files[file]['type']][self.files[file]['status']].append(file)
self.logging.info(f"[{self.options.target_ip}] {bcolors.OKGREEN}{self.username}{bcolors.ENDC} - ({self.sid}) - [{self.type} account]")
self.logging.info(f"[{self.options.target_ip}] [{len(self.masterkeys_file)} Masterkeys ({bcolors.OKGREEN}{decrypted} decrypted{bcolors.ENDC}/{bcolors.WARNING}{decryption_failed} failed{bcolors.ENDC}/{bcolors.OKBLUE}{encrypted} not used{bcolors.ENDC})]")
self.logging.info(f"[{self.options.target_ip}] [{len(self.files)} secrets files : ]")
for secret_type in file_stats:
for status in file_stats[secret_type]:
self.logging.info(f"[{self.options.target_ip}] - {bcolors.OKGREEN}{len(file_stats[secret_type][status])}{bcolors.ENDC} {status} {secret_type}")
if status == 'decrypted':
for secret_file in file_stats[secret_type][status]:
try:
if secret_type == 'vault' :
for vcrd_file in self.files[secret_file]['vcrd']:
if self.files[secret_file]['vcrd'][vcrd_file]['status']=='decrypted':
self.logging.info(f"[{self.options.target_ip}] Vault {secret_file} - {vcrd_file} : {self.files[secret_file]['vcrd'][vcrd_file]['secret']}")
#self.logging.info(f"[{self.options.target_ip}] Vault {secret_file} : {self.secrets[vcrd_file]}")
elif secret_type in ["ChromeLoginData","MozillaLoginData"]:
for uri in self.files[secret_file]['secret']:
self.logging.info(f"[{self.options.target_ip}] Chrome {uri} - {self.files[secret_file]['secret'][uri]['username']} : {self.files[secret_file]['secret'][uri]['password']}")
elif secret_type == "ChromeCookies" :
for uri in self.files[secret_file]['secret']:
for cookie_name in self.files[secret_file]['secret'][uri]:
self.logging.debug(f"[{self.options.target_ip}] Chrome {uri} - {cookie_name} : {self.files[secret_file]['secret'][uri][cookie_name]}")
elif secret_type == "wifi":
if secret_file in self.files:
self.logging.info(f"[{self.options.target_ip}] Wifi : {self.files[secret_file]['wifi_name']} : {self.files[secret_file]['secret']}")
else:
if secret_file in self.files: #For Credential & Wifi
self.logging.info(f"[{self.options.target_ip}] {secret_file} : {self.files[secret_file]['secret']}")
except Exception as ex:
self.logging.debug(f"[{self.options.target_ip}] {bcolors.WARNING}Exception 00 in ResumeUserInfo for user {self.username} secret file {secret_file} type {secret_type} {bcolors.ENDC}")
self.logging.debug(ex)
else:
for secret_file in file_stats[secret_type][status]:
self.logging.debug(f"[{self.options.target_ip}] {secret_file} : {self.files[secret_file]['path']}")
self.logging.debug(f"[{self.options.target_ip}] -=-=-=-= Masterkeys details =-=-=-=-")
for masterkey in self.masterkeys_file:
self.logging.debug(f" [*]GUID : {masterkey}")
self.logging.debug(f" [*]Status : {self.masterkeys_file[masterkey]['status']}")
self.logging.debug(f" [*]path : {self.masterkeys_file[masterkey]['path']}")
if self.masterkeys_file[masterkey]['status']=='decrypted':
self.logging.debug(f" [*]key : {self.masterkeys_file[masterkey]['key']}")
self.logging.debug(f" [*] -=- -=- -=- -=- -=- -=- [*]")
self.resume_secrets()
except Exception as ex:
self.logging.debug(f"[{self.options.target_ip}] {bcolors.WARNING}Exception in ResumeUserInfo for user {self.username} {bcolors.ENDC}")
self.logging.debug(ex)
def resume_secrets(self):
self.logging.info(f"[{self.options.target_ip}] [*]User : {self.username} - {len(self.secrets)} secrets :")
for secret in self.secrets:
self.logging.info(f"[{self.options.target_ip}] [*]secret : {secret}")
self.logging.info(f"[{self.options.target_ip}] {self.secrets[secret]}")
def get_secrets(self):
return self.secrets
def check_usertype(self):
#Todo
if self.sid =='':
return 'DOMAIN'
else :
return 'LOCAL'