- My advice is don't be a script kiddie. Learn how to code. Learn how to use Python because that gives you a lot of power to do many, many things, opens up a lot of doors for you. In this video, I'm gonna
show you how to use a simple Python script to
get all the WiFi SSIDs, or the WiFi names if you prefer, and the passwords for all the
WiFi networks on a computer. I'm gonna show you how you
can use a few Windows commands to list all the WiFi SSIDs on a computer and then how to retrieve the
password of a WiFi network. But then I'll show you
how to use a very simple Python script to basically
extract all that information and show it in a nice format. Okay, let's get started and I'm gonna show you why
you should learn Python. If you wanna be an ethical hacker, it really opens up a lot of doors for you. (electronic music) Okay, so on my Windows computer, I'm gonna open up a Command Prompt. In this case, I'll go to
the downloads directory because in this directory, I've got a little Python script called get_wifi_passwords.py. This little script is a script that I'm gonna concentrate
on in this video, but I've also created additional scripts where you can get all the WiFi passwords and email it to an email address, or copy the WiFi passwords
to an HTTP server somewhere, on the internet as an example. But this is the one that
we're gonna concentrate on. Before we do that, let's look at some basic Windows commands. This is not Python. This is just commands running in Windows. So netsh wlan show profiles. This shows me all the WiFi
profiles stored on this computer. If I click on the WiFi icon, notice I'm connected currently
to this WiFi network, but other WiFi networks
are also listed here. Now, before we continue, everything that I'm showing you here is happening on my local network. Do not do anything that
can get you into trouble. Be an ethical hacker and help companies better
secure their networks. So in this example, everything is being
done on my local laptop. I own all the infrastructure
and all the networks that I'm gonna demonstrate here. I'm not trying to connect
to someone else's network and hack them. I'm demonstrating why
you need to be careful with network security, why you need to learn Python to help companies better
protect their networks. So this video is for
educational purposes only. Please make sure that you educate yourself and use this knowledge to help companies better
secure their networks. We need to try and combat attacks like the recent attack on SolarWinds. Because of security issues in
their network, they got hacked and that affected many,
many other companies. Be careful with security. It's sometimes just too
easy to break into companies or to get information that
hackers shouldn't be getting. So learn how to protect networks. So once again, I own these networks. This TP-Link network is
actually a little WiFi router that I've got behind me. So all of this information
is just test networks that I'm using to demonstrate
the power of Python and the power of knowing
a little bit about coding. Okay, so we can use the
netsh wlan show profile and look at a profile to see information about a WiFi network. So there's the command once again. We can see information
about it such as the name. It's a Wireless LAN. Connection mode is connect automatically. There's some other information here, but this is the piece that
we're most interested in. This tells us that a
security key is present. And what we wanna do is
get Windows to show that in clear text. So this command netsh wlan show profile whatever the WiFi network is. So this is the SSID or the
name for the WiFi network. Key=clear will allow
us to see the password. And then you go. That is the password of the WiFi network. That WiFi network is once
again a little TP-Link router that's right behind me. So on this router, there's the SSID or name
of the WiFi network. There's the password. By simply using this command
on a Windows computer, I was able to retrieve
the password of that SSID or that WiFi network. Okay, but let's use Python
to automate this process because we don't want to have to do that command for every network. And I'll just clear the screen. So as an example, we could look at the
password for this network, mysecurewifi, and you can see that there's the password, youcannotgetaccess! or bang if you prefer, but let's use a Python script to show all of the all the
SSIDs, all the WiFi networks, and all the passwords. Now, before I go through the whole script in a lot of detail, let me
show you what it actually does. So dir in downloads directory. This is the script. So I'm simply gonna run Python. And what I'm gonna run
is get_wifi_passwords.py. And there you go. There are all the SSIDs and all the passwords stored
on this Windows laptop. I'll clear the screen
and I'll run it again, python get_wifi_passwords.py, and notice there is the
password for the TP-Link router. There's the password on this network. And you can see the
information for the other SSIDs or wireless networks
and all their passwords. These are just test networks that I've created specifically
for this demonstration, but it's as simple as that to get the passwords
on a Windows computer. So now let's look at the code. Okay, so here's the Python script. First thing we're gonna
do is import subprocess. This will allow us to use system commands. Then we're gonna import re which allows us to use
regular expressions. Regular expressions are
used in many, many places. It basically allows us to
search for a specific text in some output and then do something. Now, rather than trying
to copy all of this down, note that I've put a link
to GitHub below this video so that you can download the script, but you use it at your own risk, and please be aware that
this is supposed to teach you ethical hacking principles and shouldn't be used to
hack other people's networks. Don't go to jail. Don't get into trouble. Use this for ethical
hacking purposes only. Now, what you'll notice here is I've put a lot of
documentation in the output. So I'm not gonna try and
explain every command in a lot of detail because it's all documented in the script. But notice here as an example, we are running the subprocess command and we're running netsh
wlan show profiles. That's as if we had run this command. So we're running that
command basically in Python and then we're gonna capture
the output and decode it. And then what we're gonna do
is use a regular expression. Notice re. We're going to look for entries
that say all user profile because that's what's in the output. We are looking for that. And we're gonna grab all the profile names and store that in a list. So we create an empty list. And then if the profile name does exist, for every name in the profile name, we're going to create a dictionary. And then we're gonna run the netsh wlan show profile and the name and look to make sure that
a security key is found. If a security key is found, we are going to run the command that shows us the
security key information. So again, we're running this
command to see the profiles, then we're running this
command for every profile name to make sure that a
security key is present. And if it is present, then we're running this command
setting the key to clear so that we can find the actual password. So notice there you can see key=clear. We wanna run that. We wanna capture the output and decode it. We wanna store that information. We are looking for the password. If the password is set to none, we'll say the profile password is none. Otherwise, we'll specify the password. And then we're gonna basically
run through the WiFi list and print this in a nice format. So again, if I run the script, it basically gives us this output. So there you go. In a few lines of code, and most of the script is just comments trying to explain what the code is doing, I was able to retrieve all the
SSIDs on a Windows computer, all the passwords, and then
display them on the screen. Now, you can extend the script and email the passwords to use yourself or copy them to a server. I'll put a link to that
code below this video. That code is available on my GitHub. I won't go through that in this video because I don't wanna get into hot water. So that code is available. Again, use it only for
ethical hacking purposes or for educational purposes. Don't get into trouble. Don't go to jail. Okay, I hope you enjoyed this video. I just wanted to show
you why it's important to implement good security on a network. Don't just open some file
that someone sends you as an attachment on an email, because that could run a piece of code that could get all the WiFi passwords and then email them to someone. So be careful which applications you run. In this example, I'm running raw Python. In a separate video, I'll show
you how to take Python code and wrap that as an executable so that you can just run an
app if you like on a computer rather than running raw Python. Don't be a script kiddie. Learn the power of programming. Learn how powerful this is. It'll change your life if
you can write a bit of code, opens up so many doors for you. Okay, I hope you enjoyed this video. If you did, please like it. Please consider subscribing
to my YouTube channel. Please click on the bell
to get notifications. I'm David Bombal. I wanna wish you all the very best. (electronic music)
