LaZagneForensic: Find the saved passwords

The LaZagneForensic (LZF) application allows any Windows user to recover almost any password stored on .

The LaZagneForensic program reportedly exploits the way Windows work to gain access to sensitive information stored by the users of each system. It is known that all passwords on Microsoft systems are stored encrypted by Windows. But as soon as he connects in the system are automatically decoded so that they can be used by the operating system.

The original LaZagne app uses an internal Windows API called CryptUnprotectData to decrypt user passwords. This API starts working with user login, otherwise it doesn't work. If o is not started (when the analysis is done from a connected offline disk) or if we do not put the application on some remote host, the passwords cannot be recovered.


LaZagneForensic was created to overcome this problem. The project is mainly inspired by Jean-Michel Picod's amazing work for them DPAPICK and Francesco Picasso for the Windows DPAPI laboratory.

That is why LaZagneForensic works after the user logs on to Windows. Then it can easily pick up passwords, and then store them in plain text.

The app's creator even states that the only way to stay safe is to avoid saving passwords using it Windows method.

This practically means that for your safety it would be good to use one third parties.
We occasionally report the password manager KeePass. It is which we recommend as it stores everything locally and with very strong encryption.

LaZagneForensic can recover passwords from the following programs: Outlook, Thunderbird, Chrome, Firefox, Internet , Opera, Pidgin, Filezilla, wifi, databases, Skype, etc.

LaZagneFornesic The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).