Learn how to use Python to extract the saved Wi-Fi passwords on your Windows computer. Extract Wi-Fi passwords from Windows with Python. This tutorial describes how we can parse the netsh commands in Python to find passwords stored on a Windows machine. This makes it easy for you to find your wifi password if you forgot it but your computer is connected.
This video is for educational purposes only and you must not use this on someone else’s computer without the owners and all users consent. I will not be held liable for any actions performed by this script.
If you type netsh wlan show profiles
in cmd, you will be shown the profiles for wifi connections your computer has stored.
If you then type netsh wlan show profile {Profile Name} key=clear
, the output provided will contain the network key which is the WiFi password.
First import subprocess, this is the module we will use to interact with the cmd.
import subprocess
Next, get the output for the command "netsh wlan show profiles" using subprocess.check_output(). Then decode the output with utf-8 and split the string by a newline character to get each line in a separate string.
data = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8').split('\n')
Now that we have a list of strings, we can get lines that only contain "All User Profile". With these lines we then need to split it by a ':', get the right hand side and remove the first and last character
profiles = [i.split(":")[1][1:-1] for i in data if "All User Profile" in i]
Now that the variable a contains the WiFi profile names, we can get the output for the command "netsh wlan show profile {Profile Name} key=clear" using subprocess.check_output() again for a particular profile while looping through all profiles.
for i in profiles:
results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8').split('\n')
Still in the loop, find lines that contain "Key Content", split by ':' and remove the first and last character just like before
results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b]
Now we should have a list containing one string which is the particular profiles key. Here you could just use a simple print statement but I have just formatted it a bit.
try:
print ("{:<30}| {:<}".format(i, results[0]))
except IndexError:
print ("{:<30}| {:<}".format(i, ""))
Now put an input call at the end of the script outside the loop so that when the script is run it will not immediately stop when results are displayed.
input("")
Save this file with a .py extension and you can now run the script. You can run it by double-clicking on the script, running it in IDLE or even cmd using python {filename}
.
import subprocess
data = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8').split('\n')
profiles = [i.split(":")[1][1:-1] for i in data if "All User Profile" in i]
for i in profiles:
results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8').split('\n')
results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b]
try:
print ("{:<30}| {:<}".format(i, results[0]))
except IndexError:
print ("{:<30}| {:<}".format(i, ""))
input("")
You can also find the gist for this on Github here.
It has come to my attention that many people are having issues with this raising a UnicodeDecodeError describing that 'utf-8' codec can't decode a specific byte. This is caused by a byte in one of the profile names not being a character that is in the utf-8 encoding.
One way to fix this is changing the encodings from utf-8
to cp1252
or another coding which may support your character. Do this first before trying the next script
Another way is to ignore the error and catch it later on. So the new code in this case would be.
import subprocess
data = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8', errors="backslashreplace").split('\n')
profiles = [i.split(":")[1][1:-1] for i in data if "All User Profile" in i]
for i in profiles:
try:
results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8', errors="backslashreplace").split('\n')
results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b]
try:
print ("{:<30}| {:<}".format(i, results[0]))
except IndexError:
print ("{:<30}| {:<}".format(i, ""))
except subprocess.CalledProcessError:
print ("{:<30}| {:<}".format(i, "ENCODING ERROR"))
input("")
Please note that profiles which cause an error will still not provide a password as the encoding still isn't correct. You will have to find the password manually as shown at the top of this post.
#python