Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JSON format stores multi-line string for SSH keys #226

Closed
newlog opened this issue Mar 22, 2018 · 3 comments
Closed

JSON format stores multi-line string for SSH keys #226

newlog opened this issue Mar 22, 2018 · 3 comments

Comments

@newlog
Copy link

newlog commented Mar 22, 2018
edited
Loading

Hi again,

I saw that when an SSH key is found, when saved in JSON format to a file, the SSH key is written as a multi-line string. JSON format does not support multi-line strings, thus failing when trying to load that data with the Python json module.

More info can be found here:

Problematic output example:

"Passwords": [
            [
                {
                    "Category": "Ssh"
                },
                [
                    {
                        "KEY": "-----BEGIN RSA PRIVATE KEY-----
<string>
<string>
<string>

If a json.load() is executed upon that data, it will fail, rendering the feature of storing data as json kind of useless.
@newlog
Copy link
Author

newlog commented Mar 22, 2018

Also, there's another problem with the generated json data.

With firefox passwords the following entry is generated:

"Password": "{"version":1,"accountData":{"<data1>":"<data2>","<data3>":"<data4>"}}",

The double quote enclosing the dictionary inside "Password", also makes the Python json.load() fail. If those are removed, the json is properly loaded. Example:

"Password": {"version":1,"accountData":{"<data1>":"<data2>","<data3>":"<data4>"}},
@newlog
Copy link
Author

newlog commented Mar 22, 2018

Finally, the format of the generated json is kind of convoluted. If anyone is wondering how to parse it (if those issues get fixed), you can use this:

def _parse_lazagne_json(self, json_data):
    results = {}
    for pwd_items in json_data[0]['Passwords']:
      try:
        source = pwd_items[0]['Category'].lower()
        lazagne_obj = pwd_items[1]
        results[source] = {'lazagne_cred': lazagne_obj, 'count': len(lazagne_obj)}
      except Exception as ex:
        self.log_error('Error parsing LaZagne json entry. Error: {}'.format(ex))
    return results

At the same time, just to contribute a little bit more, if someone wants to parse the stdout, this regular expression (within the method) can be used:

  def _parse_lazagne_stdout(self, output):
    results = {}
    output = self._clean_ansi_escape_sequences(output)
    lazagne_entries = re.findall('-{19} (.*?) -{17}\s+(.*?(?:(?=\n{3}\[.?\])|(?=-{19})))', output, re.S)
    if lazagne_entries:
      results = self._build_results(lazagne_entries)
    return results

Hope this is helpful to anyone.
@AlessandroZ
Copy link
Owner

I have added a link to this issue on the Readme. Thanks for your help.
@ocastejon ocastejon mentioned this issue Feb 19, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
2 participants
@newlog @AlessandroZ