From c58ffcccd81cf757ee8e449a1a14a764b2ed984b Mon Sep 17 00:00:00 2001 From: Artem Date: Sun, 5 Jan 2020 08:34:13 -0800 Subject: [PATCH 1/2] fixed bug for both python2 and python3 interpreter --- Windows/lazagne/softwares/chats/skype.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Windows/lazagne/softwares/chats/skype.py b/Windows/lazagne/softwares/chats/skype.py index f0cda80c..dd54cb85 100755 --- a/Windows/lazagne/softwares/chats/skype.py +++ b/Windows/lazagne/softwares/chats/skype.py @@ -40,8 +40,7 @@ def get_regkey(self): # num = winreg.QueryInfoKey(hkey)[1] k = winreg.EnumValue(hkey, 0)[1] - result_bytes = win.Win32CryptUnprotectData(k, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi) - return result_bytes.decode("utf-8") + return win.Win32CryptUnprotectData(k, is_current_user=constant.is_current_user, user_dpapi=constant.user_dpapi) except Exception as e: self.debug(str(e)) return False From e5182e16f225da0711b9d4091a8bedbd63a6a03e Mon Sep 17 00:00:00 2001 From: Artem Date: Sun, 5 Jan 2020 08:43:36 -0800 Subject: [PATCH 2/2] Added support of python3 --- Windows/lazagne/softwares/chats/skype.py | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/Windows/lazagne/softwares/chats/skype.py b/Windows/lazagne/softwares/chats/skype.py index dd54cb85..f5c74a65 100755 --- a/Windows/lazagne/softwares/chats/skype.py +++ b/Windows/lazagne/softwares/chats/skype.py @@ -60,20 +60,26 @@ def get_md5_hash(self, enc_hex, key): enc_binary = binascii.unhexlify(enc_hex) # retrieve the salt - salt = hashlib.sha1('\x00\x00\x00\x00' + key).digest() + hashlib.sha1('\x00\x00\x00\x01' + key).digest() + salt = hashlib.sha1(b'\x00\x00\x00\x00' + key).digest() + hashlib.sha1(b'\x00\x00\x00\x01' + key).digest() # encrypt value used with the XOR operation aes_key = self.aes_encrypt(struct.pack('I', 0) * 4, salt[0:32])[0:16] # XOR operation decrypted = [] + + # Make code python3-compatible + if win.python_version == 3: + enc_binary = [bytes([x]) for x in enc_binary] + aes_key = [bytes([x]) for x in aes_key] + for d in range(16): decrypted.append(struct.unpack('B', enc_binary[d])[0] ^ struct.unpack('B', aes_key[d])[0]) # cast the result byte - tmp = '' + tmp = b'' for dec in decrypted: - tmp = tmp + struct.pack(">I", dec).strip('\x00') + tmp = tmp + struct.pack(">I", dec).strip(b'\x00') # byte to hex return binascii.hexlify(tmp) @@ -81,7 +87,7 @@ def get_md5_hash(self, enc_hex, key): def dictionary_attack(self, login, md5): wordlist = constant.password_found + get_dic() for word in wordlist: - hash_ = hashlib.md5('%s\nskyper\n%s' % (login, word)).hexdigest() + hash_ = hashlib.md5(('%s\nskyper\n%s' % (login, word)).encode()).hexdigest() if hash_ == md5: return word return False @@ -111,7 +117,7 @@ def get_info(self, key, username, path): self.warning(u'No credential stored on the config.xml file.') else: # decrypt the hash to get the md5 to brue force - values['Hash'] = self.get_md5_hash(enc_hex, key) + values['Hash'] = self.get_md5_hash(enc_hex, key).decode() values['Pattern to bruteforce using md5'] = win.string_to_unicode(values['Login']) + u'\\nskyper\\n' # Try a dictionary attack on the hash