Learn how to code.
Learn how to use Python because that gives you a lot of power to do many, many things, opens up a lot of doors for you.
Today, I'm gonna show you
How to use a simple Python script to get all the WiFi SSIDs, or the WiFi names if you prefer, and the passwords for all the WiFi networks on a computer.
I'm gonna show you how you can use a few Windows commands to list all the WiFi SSIDs on a computer and then how to retrieve the password of a WiFi network.
But then I'll show you how to use a very simple Python script to basically extract all that information and show it in a nice format.
Okay, let's get started and I'm gonna show you why you should learn Python.
If you wanna be an ethical hacker, it really opens up a lot of doors for you.
Okay, so on my Windows computer, I'm gonna open up a Command Prompt (i.e. CMD).
In this case, I'll go to the downloads directory because in this directory, I've got a little Python script called get_wifi_passwords.py.
This little script is a script that I'm gonna concentrate on, but I've also created additional scripts where you can get all the WiFi passwords and email it to an email address, or copy the WiFi passwords to an HTTP server somewhere, on the internet as an example.
But this is the one that we're gonna concentrate on.
Before we do that, let's look at some basic Windows commands.
This is not Python.
This is just commands running in Windows.
So netsh wlan show profiles.
This shows me all the WiFi profiles stored on this computer.
If I click on the WiFi icon, notice I'm connected currently to this WiFi network, but other WiFi networks are also listed here.
Now, before we continue, everything that I'm showing you here is happening on my local network.
Do not do anything that can get you into trouble.
Be an ethical hacker and help companies better secure their networks.
Note -
So in this example, everything is being done on my local laptop.
I own all the infrastructure and all the networks that I'm gonna demonstrate here.
I'm not trying to connect to someone else's network and hack them.
I'm demonstrating why you need to be careful with network security.
Why you need to learn Python to help companies better protect their networks.
So this is for educational purposes only.
Please make sure that you educate yourself and use this knowledge to help companies better secure their networks.
We need to try and combat attacks like the recent attack on SolarWinds.
Because of security issues in their network, they got hacked and that affected many, many other companies.
Be careful with security. It's sometimes just too easy to break into companies or to get information that hackers shouldn't be getting. So learn how to protect networks.
So once again, I own these networks.
This TP-Link network is actually a little WiFi router that I've got behind me.
So all of this information is just test networks that I'm using to demonstrate the power of Python and the power of knowing a little bit about coding.
Okay, so we can use the netsh wlan show profile and look at a profile to see information about a WiFi network.
So there's the command once again.
We can see information about it such as the name. It's a Wireless LAN.
Connection mode is connect automatically.
There's some other information here, but this is the piece that we're most interested in.
This tells us that a security key is present.
And what we wanna do is get Windows to show that in clear text.
So this command netsh wlan show profile whatever the WiFi network is. So this is the SSID or the name for the WiFi network. Key=clear will allow us to see the password. And then you go.
That is the password of the WiFi network. That WiFi network is once again a little TP-Link router that's right behind me.
So on this router, there's the SSID or name of the WiFi network.
There's the password.
By simply using this command on a Windows computer, I was able to retrieve the password of that SSID or that WiFi network.
Okay, but let's use Python to automate this process because we don't want to have to do that command for every network. And I'll just clear the screen. So as an example, we could look at the password for this network, mysecurewifi, and you can see that there's the password, you cannot get access! or bang if you prefer, but let's use a Python script to show all of the all the SSIDs, all the WiFi networks, and all the passwords.
Now, before I go through the whole script in a lot of detail, let me show you what it actually does. So dir in downloads directory.
This is the script.
So I'm simply gonna run Python. And what I'm gonna run is get_wifi_passwords.py.
And there you go.
There are all the SSIDs and all the passwords stored on this Windows laptop.
I'll clear the screen and I'll run it again, python get_wifi_passwords.py, and notice there is the password for the TP-Link router.
There's the password on this network. And you can see the information for the other SSIDs or wireless networks and all their passwords.
These are just test networks that I've created specifically for this demonstration, but it's as simple as that to get the passwords on a Windows computer.
So now let's look at the code. Okay, so here's the Python script.
First thing we're gonna do is import subprocess.
This will allow us to use system commands.
Then we're gonna import re which allows us to use regular expressions. Regular expressions are used in many, many places.
It basically allows us to search for a specific text in some output and then do something.
Now, rather than trying to copy all of this down, note that I've put a link to GitHub below this so that you can download the script, but you use it at your own risk, and please be aware that this is supposed to teach you ethical hacking principles and shouldn't be used to hack other people's networks.
Don't go to jail.
Don't get into trouble.
Use this for ethical hacking purposes only.
Now, what you'll notice here is I've put a lot of documentation in the output.
So I'm not gonna try and explain every command in a lot of detail because it's all documented in the script.
But notice here as an example, we are running the subprocess command and we're running netsh wlan show profiles.
That's as if we had run this command.
So we're running that command basically in Python and then we're gonna capture the output and decode it.
And then what we're gonna do is use a regular expression.
Notice re. We're going to look for entries that say all user profile because that's what's in the output.
We are looking for that.
And we're gonna grab all the profile names and store that in a list.
So we create an empty list.
And then if the profile name does exist, for every name in the profile name, we're going to create a dictionary.
And then we're gonna run the netsh wlan show profile and the name and look to make sure that a security key is found.
If a security key is found, we are going to run the command that shows us the security key information.
So again, we're running this command to see the profiles, then we're running this command for every profile name to make sure that a security key is present.
And if it is present, then we're running this command setting the key to clear so that we can find the actual password.
So notice there you can see key=clear. We wanna run that.
We wanna capture the output and decode it. We wanna store that information.
We are looking for the password. If the password is set to none, we'll say the profile password is none.
Otherwise, we'll specify the password.
And then we're gonna basically run through the WiFi list and print this in a nice format.
So again, if I run the script, it basically gives us this output.
So there you go.
In a few lines of code, and most of the script is just comments trying to explain what the code is doing, I was able to retrieve all the SSIDs on a Windows computer, all the passwords, and then display them on the screen. Now, you can extend the script and email the passwords to use yourself or copy them to a server. I'll put a link to that code below this post.
That code is available on my GitHub. I won't go through that in this because I don't wanna get into hot water.
So that code is available.
Again, use it only for ethical hacking purposes or for educational purposes.
Don't get into trouble.
Don't go to jail.
Okay, I hope you enjoyed this.
I just wanted to show you why it's important to implement good security on a network.
Don't just open some file that someone sends you as an attachment on an email, because that could run a piece of code that could get all the WiFi passwords and then email them to someone.
So be careful which applications you run.
In this example, I'm running raw Python.
In a separate post, I'll show you how to take Python code and wrap that as an executable so that you can just run an app if you like on a computer rather than running raw Python.
Learn the power of programming.
Learn how powerful this is.
It'll change your life if you can write a bit of code, opens up so many doors for you.
0 Comments