#!/bin/blog

October 3, 2017

“Commands that show your Wifi passwords” roundup

Filed under: Sicherheit, UNIX/Linux/BSD — Tags: , , , , , , — martin @ 9:51 pm

With a hint of sensationalism, @DynamicWebPaige asks:

Did you know that “netsh wlan show profile” shows every network your computer has ever connected to? And “key=clear” shows the *passwords*?

Screenshot_1.png

No, I didn’t, and to be frank, I don’t care. But I recently played with NetworkManager on Linux and saw my Wifi passwords in discrete files under /etc/NetworkManager/system-connections/.

So here’s how to show stored Wifi passwords on Windows, Linux and MacOS:

Windows

We’ve already seen that it’s quite straightforward, if you’re able to start a cmd shell as the system adminstrator.

First, the list of used SSIDs:

netsh wlan show profile

Second, the password for any given SSID:

netsh wlan show profile <ssid> key=clear

Linux

We can safely assume that anyone who configures their wpa-supplicant manually won’t be surprised that the passwords are stored in clear. So let’s move on to NetworkManager, which is what most Linux desktop users will use to connect to Wifi networks. NetworkManager stores one file each for every made network connection in the directory /etc/NetworkManager/system-connections/, so the simplest approach is to just grep for the passwords, in order to receive a comprehensive list:

sudo grep -H psk= /etc/NetworkManager/system-connections/*

macOS

MacOS (whatever way it’s supposed to be capitalized this time around) makes the task quite hard, because the saved networks are stored in a property list and the passwords need to be retrieved from the key ring one by one.

Here’s how to list the SSIDs of the saved networks:

defaults read \
 /Library/Preferences/SystemConfiguration/com.apple.airport.preferences |
 grep SSIDString
And here is how to read a single password from the key store:
security find-generic-password -w -a <ssid>

So here you go, have cross-platform fun. 🙂

Advertisements

December 14, 2008

ALIX sizing lesson and WPA configuration note

Filed under: UNIX & Linux — Tags: , , , — martin @ 1:17 pm

Okay, there we have it. The ALIX, despite its generally good performance, can’t handle the workload of BackupPC and starts to swap really badly when backing up a fairly large system via rsync.

At least I’ve learned from this test how to configure the Wistron CM9 card for WPA on Debian:

iface ath0 inet static
        madwifi-base wifi0
        madwifi-mode sta
        wpa-driver wext
        wpa-ssid blah
        wpa-psk blubb
        address 192.168.1.100
        netmask 255.255.255.0
        network 192.168.1.0
        broadcast 192.168.1.255
        gateway 192.168.1.1

Create a free website or blog at WordPress.com.