Bad LaZagne

4 June 2015

The LaZagne Project by Alessandro Zanni is a little utility that displays passwords for 22 Windows and 12 Linux programs. For details please see post The LaZagne Project dumps 22 Different Program Passwords published by ‘cyber arms – computer security’ two weeks ago.

LaZagne is primarily intended for penetration testers to dump passwords once they got access to a system. I use it as a demonstrator to raise awareness for security issues, for example, when it comes to WiFi security.

LaZagne dumps WiFi passwords from all networks you used since the last fresh installation:

|====================================================================|
|                                                                    |
|                        The LaZagne Project                         |
|                                                                    |
|                          ! BANG BANG !                             |
|                                                                    |
|====================================================================|

------------------- Wifi passwords -----------------

Password found !!!
password: XXXXXXXXXXXXXXXX
authentication: WPA2PSK
protected: true
ssid: WLAN-0024FE4A9566

Password found !!!
authentication: open
ssid: NH-Hotel-Group

Password found !!!
password: XXXXXXXXXXXXXXXX
authentication: WPA2PSK
protected: true
ssid: WLAN-DA5176

[+] 3 passwords have been found.
For more information launch it again with the -v option

That’s not rocket science. The connection details are stored in files in directory C:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces{E3004523-B55C-4A21-BE85-2FEC752E07EB}. Since decryption of the connection passwords is easy, we face a new? vulnerability which makes it easy for attackers to compromise our networks.

With this, I recommend:

  • Never leave your computer unattended, in particular if you are signed in with administrative privileges. LaZagne needs administrative privileges to read the configuration files. I wonder why this is required because the configuration files are readable by everyone…
  • Before disposing your computer securely erase the data on the disk or use a full disk encryption utility. This will prevent attackers from accessing the WiFi configuration files and your network.
  • Configure your Internet router to restrict access to specific computers. That’s really annoying because you have to authorize a new device to your network before someone can start surfing.

Take care!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s