diff --git a/Windows/src/LaZagne/config/manageModules.py b/Windows/src/LaZagne/config/manageModules.py index fb8d6cb3..fc79fe0e 100644 --- a/Windows/src/LaZagne/config/manageModules.py +++ b/Windows/src/LaZagne/config/manageModules.py @@ -29,6 +29,11 @@ from softwares.databases.sqldeveloper import SQLDeveloper from softwares.databases.squirrel import Squirrel from softwares.databases.dbvis import Dbvisualizer +# games +from softwares.games.roguestale import RoguesTale +from softwares.games.kalypsomedia import KalypsoMedia +from softwares.games.galconfusion import GalconFusion +from softwares.games.turba import Turba def get_categories(): category = { @@ -39,7 +44,8 @@ def get_categories(): 'mails': {'help': 'Email clients supported'}, 'wifi': {'help': 'Wifi'}, 'browsers': {'help': 'Web browsers supported'}, - 'windows': {'help': 'Windows credentials (credential manager, etc.)'} + 'windows': {'help': 'Windows credentials (credential manager, etc.)'}, + 'games': {'help': 'Games etc.'} } return category @@ -53,18 +59,22 @@ def get_modules(): Filezilla(), FtpNavigator(), IE(), - Jitsi(), + GalconFusion(), + Jitsi(), + KalypsoMedia(), Mozilla(), Network(), Opera(), Outlook(), Pidgin(), Puttycm(), + RoguesTale(), Tortoise(), Secrets(), Skype(), SQLDeveloper(), - Squirrel(), + Squirrel(), + Turba(), Wifi(), WifiPass(), WinSCP() diff --git a/Windows/src/LaZagne/softwares/games/__init__.py b/Windows/src/LaZagne/softwares/games/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/Windows/src/LaZagne/softwares/games/galconfusion.py b/Windows/src/LaZagne/softwares/games/galconfusion.py new file mode 100644 index 00000000..af957d42 --- /dev/null +++ b/Windows/src/LaZagne/softwares/games/galconfusion.py @@ -0,0 +1,59 @@ +import os +from _winreg import HKEY_CURRENT_USER, OpenKey, QueryValueEx +from config.constant import * +from config.write_output import print_output, print_debug +from config.header import Header +from config.moduleInfo import ModuleInfo + +class GalconFusion(ModuleInfo): + def __init__(self): + options = {'command': '-g', 'action': 'store_true', 'dest': 'galconfusion', 'help': 'galconfusion'} + ModuleInfo.__init__(self, 'galconfusion', 'games', options) + + def run(self): + # print title + Header().title_info('Galcon Fusion') + creds = [] + + # Find the location of steam - to make it easier we're going to use a try block + # 'cos I'm lazy + try: + with OpenKey(HKEY_CURRENT_USER, 'Software\Valve\Steam') as key: + results=QueryValueEx(key, 'SteamPath') + except: + print_debug('ERROR', 'Steam does not appear to be installed.') + return + + if not results: + print_debug('ERROR', 'Steam does not appear to be installed.') + return + + steampath=results[0] + userdata = steampath + '\\userdata' + + # Check that we have a userdata directory + if not os.path.exists(userdata): + print_debug('ERROR', 'Steam doesn\'t have a userdata directory.') + return + + # Now look for Galcon Fusion in every user + files = os.listdir(userdata) + + for file in files: + filepath = userdata + '\\' + file + '\\44200\\remote\\galcon.cfg' + if not os.path.exists(filepath): + continue + + # If we're here we should have a Galcon Fusion file + with open(filepath, mode='rb') as cfgfile: + # We've found a config file, now extract the creds + data = cfgfile.read() + values = {} + + values['Login'] = data[4:0x23] + values['Password'] = data[0x24:0x43] + creds.append(values) + + print_output("Galcon Fusion", creds) + + diff --git a/Windows/src/LaZagne/softwares/games/kalypsomedia.py b/Windows/src/LaZagne/softwares/games/kalypsomedia.py new file mode 100644 index 00000000..c1c973e3 --- /dev/null +++ b/Windows/src/LaZagne/softwares/games/kalypsomedia.py @@ -0,0 +1,50 @@ +import os, re, base64 +from config.constant import * +from config.write_output import print_output, print_debug +from config.header import Header +from config.moduleInfo import ModuleInfo +import ConfigParser + +class KalypsoMedia(ModuleInfo): + def __init__(self): + options = {'command': '-k', 'action': 'store_true', 'dest': 'kalypsomedia', 'help': 'kalypsomedia'} + ModuleInfo.__init__(self, 'kalypsomedia', 'games', options) + + # xorstring(s, k) + # xors the two strings + def xorstring(self, s, k): + return "".join(chr(ord(x) ^ ord(y)) for x, y in zip(s,k)) + + def run(self): + # print title + Header().title_info('Kalypso Media Launcher') + creds = [] + key = 'lwSDFSG34WE8znDSmvtwGSDF438nvtzVnt4IUv89' + + if 'APPDATA' in os.environ: + inifile = os.environ['APPDATA'] + '\\Kalypso Media\\Launcher\\launcher.ini' + else: + print_debug('ERROR', 'The APPDATA environment variable is not defined.') + return + + # The actual user details are stored in *.userdata files + if not os.path.exists(inifile): + print_debug('ERROR', 'The Kalypso Media Launcher doesn\'t appear to be installed.') + return + + config = ConfigParser.ConfigParser() + config.read(inifile) + values = {} + + values['Login'] = config.get('styx user','login') + + # get the encoded password + cookedpw = base64.b64decode(config.get('styx user','password')); + values['Password'] = self.xorstring(cookedpw, key) + + creds.append(values) + + print_output("Kalypso Media Launcher", creds) + + + diff --git a/Windows/src/LaZagne/softwares/games/roguestale.py b/Windows/src/LaZagne/softwares/games/roguestale.py new file mode 100644 index 00000000..b94c168e --- /dev/null +++ b/Windows/src/LaZagne/softwares/games/roguestale.py @@ -0,0 +1,52 @@ +import xml.etree.cElementTree as ET +import os, re +from config.constant import * +from config.write_output import print_output, print_debug +from config.header import Header +from config.moduleInfo import ModuleInfo + +class RoguesTale(ModuleInfo): + def __init__(self): + options = {'command': '-r', 'action': 'store_true', 'dest': 'roguestale', 'help': 'Extract Rogue\'s Tale SHA1 password hashes.'} + ModuleInfo.__init__(self, 'roguestale', 'games', options) + + def run(self): + # print title + Header().title_info('Rogue\'s Tale') + creds = [] + + if 'USERPROFILE' in os.environ: + directory = os.environ['USERPROFILE'] + '\\Documents\\Rogue\'s Tale\\users' + else: + print_debug('ERROR', 'The USERPROFILE environment variable is not defined.') + return + + # The actual user details are stored in *.userdata files + if not os.path.exists(directory): + print_debug('ERROR', 'Rogue\'s Tale appears to not be installed.') + return + + files = os.listdir(directory) + + for file in files: + if re.match('.*\.userdata',file): + # We've found a user file, now extract the hash and username + values = {} + + xmlfile = directory + '\\' + file + tree=ET.ElementTree(file=xmlfile) + root=tree.getroot() + + # Double check to make sure that the file is valid + if root.tag != 'user': + print_debug('Profile ' + file + ' does not appear to be valid') + continue + + # Now save it to credentials + values['Login'] = root.attrib['username'] + values['Hash'] = root.attrib['password'] + creds.append(values) + + print_output("Rogue's Tale", creds) + + diff --git a/Windows/src/LaZagne/softwares/games/turba.py b/Windows/src/LaZagne/softwares/games/turba.py new file mode 100644 index 00000000..14742d1d --- /dev/null +++ b/Windows/src/LaZagne/softwares/games/turba.py @@ -0,0 +1,58 @@ +import os +from _winreg import HKEY_CURRENT_USER, OpenKey, QueryValueEx +from config.constant import * +from config.write_output import print_output, print_debug +from config.header import Header +from config.moduleInfo import ModuleInfo + +class Turba(ModuleInfo): + def __init__(self): + options = {'command': '-t', 'action': 'store_true', 'dest': 'turba', 'help': 'turba'} + ModuleInfo.__init__(self, 'turba', 'games', options) + + def run(self): + # print title + Header().title_info('Turba') + creds = [] + + # Find the location of steam - to make it easier we're going to use a try block + # 'cos I'm lazy + try: + with OpenKey(HKEY_CURRENT_USER, 'Software\Valve\Steam') as key: + results=QueryValueEx(key, 'SteamPath') + except: + print_debug('ERROR', 'Steam does not appear to be installed.') + return + + if not results: + print_debug('ERROR', 'Steam does not appear to be installed.') + return + + steampath=results[0] + steamapps = steampath + '\\SteamApps\common' + + # Check that we have a SteamApps directory + if not os.path.exists(steamapps): + print_debug('ERROR', 'Steam doesn\'t have a SteamApps directory.') + return + + filepath = steamapps + '\\Turba\\Assets\\Settings.bin' + + if not os.path.exists(filepath): + print_debug('ERROR', 'Turba doesn\'t appear to be installed.') + return + + # If we're here we should have a valid config file file + with open(filepath, mode='rb') as filepath: + # We've found a config file, now extract the creds + data = filepath.read() + values = {} + + chunk=data[0x1b:].split('\x0a') + values['Login'] = chunk[0] + values['Password'] = chunk[1] + creds.append(values) + + print_output("Turba", creds) + +