I was at a friend’s house and needed to connect my laptop to his network. My friend was reluctant to give me password to his network and decided to type it in himself. In his mind, he was just doing his part to provide some security to his home network, so I don’t blame him but it did spark my curiosity as to was there a way to pull the password. So I fired up PowerShell and began pegging away. The below code will return SSID and passwords for all systems the computer it is read from his connected to.
filter extract-text ($RegularExpression) { select-string -inputobject $_ -pattern $regularexpression -allmatches | select-object -expandproperty matches | foreach { if ($_.groups.count -le 1) { if ($_.value){ $_.value } } else { $submatches = select-object -input $_ -expandproperty groups $submatches[1..($submatches.count - 1)] | foreach { if ($_.value){ $_.value } } } } } $SSID = @{} netsh.exe wlan show profiles | extract-text ': (.+)' | foreach { $SSID.add($_,$(netsh.exe wlan show profiles $_ key=clear)) } $SSID.keys | foreach { ` $keycontent = $SSID."$_" | extract-text 'Key Content.+: (.+)' if ($keycontent.length -ge 1) { $_ + " : " + $keycontent } }