Matthew McCorkle

Day 39 - WifiInfo - 100 tools in 100 days!

1 . Introduction
2 . My Setup
3 . What is WifiInfo?
4 . Why use WifiInfo?
5 . How to use WifiInfo?
6 . Summary


This post is designed to introduce you to the tool WifiInfo.

Disclaimer : Please only use WifiInfo for professional and educational reasons. Do not use this tool for nefarious or malicious reasons.


1. Introduction

Welcome to the thirty-ninth blog post of 100 tools in 100 days.

Find WifiInfo @ GitHub here.

Michael Skelton wrote WifiInfo and you can find him on LinkedIn here.


2. My Setup

This is a PowerShell script, so today I shifted my focus to a Windows 10 device and connected to some networks so you could see the script in use.

You could run this script through SSH or other reverse shell methodologies from a Linux computer to a victim Windows device.


3. What is WifiInfo?

WifiInfo is a PowerShell script that automates grabbing stored SSIDs and their Passwords from a Windows 10, 8, or 7 computer.


4. Why use WifiInfo?

All of the commands in this PowerShell script can be done manually, but Michael has made a simple to use script so you do not have to remember those commands.

Scenario 1: As a penetration tester you may connect to Windows computers that have been on WiFi networks associated with your victim network. You could gather the SSID and Passwords from a Windows 10 device using PowerShell and not needing administrative permissions (if PowerShell is enabled).

Scenario 2: Investigate which WiFi networks an employee’s computer has connected to.

Scenario 3: You are a home user, not a hacker or security researcher, you stumbled across this particular post and you forgot your WiFi password of an old router that you connected to two years ago and now are using again today despite it offering dreadfully slow connection speeds.


5. How to use WifiInfo?

This might be the simplest and quickest post I have created so do not blink.

Step 1:
Open PowerShell and paste the following command:

git clone https://github.com/codingo/Retrieve-Windows-Wifi-Passwords.git; cd .\Retrieve-Windows-Wifi-Passwords\; .\WifiInfo.ps1

This command is cloning (downloading) the repository where the PowerShell script is located, changing the directory into the downloaded repository folder, and then running the script.

You should see an output like this (if you have ever connected to an SSID):

Really, that is it! This was a short, but useful post for the series.

6. Summary

WifiInfo is great as it is a quick and small PowerShell script that automates the retrieval of SSIDs and Passwords stored on a Windows 10, 8 or 7 device.

If you are on a Windows 10 device with PowerShell enabled, you can run the script without administrator privileges.

Penetration testers could use stored WiFi information to connect to the network on a device that is unauthorized or to capture passwords used and test those passwords for other credentialed areas of the network.

I hope you enjoyed this blog post.

Thanks for reading!

If you have suggestions for what tool to cover next, contact me!