How to Extract Saved WiFi Passwords In Python

How to Extract Saved WiFi Passwords In Python

Hi there, have you ever forgotten your wifi password? This mainly comes when you have several connections on your computer and you may want to connect another device, let's say a smartphone to the same network.

image.png So in this article, we shall learn how you can extract Wi-Fi passwords that are saved in your Windows machine using Python without installing any third-party library.

As you may already know, Wi-Fi is used to connect to multiple networks at different places, your machine definitely has a way to store the Wi-Fi password somewhere so the next time you connect, you don't have to re-type it again.

image.png
Usually while connecting to the wifi we have to enter some password to access the network, but we are not directly able to see these passwords we have entered earlier i.e passwords of the saved networks.

You could also do this to find out your friend's WiFi password by letting them type in and connect you.

Before I present you the Python solution, to get these passwords in Windows , we normally use the netshcommands, if we typed netsh wlan show , we see that we have these commands available at your disposal: (You don't need Admin rights)

image.png
Meaning if you typed: netsh wlan show profiles : It would return all the networks I have ever connected to:

So for example on mine: If I typed in my cmd netsh wlan show profile TIV-Business-5G key = clear for TIV network that I have ever connected to It would return;

image.png
So, from the picture above, I would find the password under Key Content

The key = clear argument helped me reveal the content and if you omit it, you will not see the password

So what is netsh

Network Shell (netsh) is a command-line utility that allows you to configure and display the status of various network communications server roles and components after they are installed on computers running Windows Server.

NOTES
📌 So, using the same knowledge, we shall instead use a Python script to do that programmatically since we are learning Python!

📌 This script searches windows for wifi passwords with python already known and displays them alongside the network name. It will not find passwords that your computer doesn't already know.

📌 If a network has a special type of authentication, there is a good chance this will not obtain the password. There will most likely be other methods of finding the password though.

We shall use subprocess library and you don't need to pip install anything:

Subprocess in Python is a module used to run new codes and applications by creating new processes. It lets you start new applications right from the Python program you are currently writing.

A subprocess in Python is a task that a python script delegates to the Operating system (OS).

The Solution

First import subprocess, this is the module we will use to interact with the cmd.

import subprocess

Next, get the output for the command netsh wlan show profiles using subprocess.check_output(). Then decode the output with utf-8 and split the string by a newline character to get each line in a separate string.

data = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8').split('\n')

Now that we have a list of strings, we can get lines that only contain "All User Profile". With these lines we then need to split it by a ':', get the right-hand side and remove the first and last character

profiles = [i.split(":")[1][1:-1] for i in data if "All User Profile" in i]

Now that the variable a contains the WiFi profile names, we can get the output for the command netsh wlan show profile {Profile Name} key=clear using subprocess.check_output() again for a particular profile while looping through all profiles.

for i in profiles:
    results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8').split('\n')

Still in the loop, find lines that contain Key Content, split by ':' and remove the first and last character just like before

    results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b]

Now we should have a list containing one string which is the particular profiles key. Here you could just use a simple print statement but I have just formatted it a bit.

    try:

        print ("{:<30}|  {:<}".format(i, results[0]))
    except IndexError:
        print ("{:<30}|  {:<}".format(i, ""))

Now in order to catch decoding errors: Let's wrap it all in a try block & do some print-formating

try:
            results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8', errors="backslashreplace").split('\n')
            results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b]
            try:
                print('')
                print ("{:<30}|  {:<}".format(i, results[0]))
                print("-"*50)
            except IndexError:
                print ("{:<30}|  {:<}".format(i, ""))
 except subprocess.CalledProcessError:
            print ("{:<30}|  {:<}".format(i, "ENCODING ERROR"))

So this is the final script wrapped in a function:

import subprocess

def print_profiles():
    data = subprocess.check_output(['netsh', 'wlan', 'show', 'profiles']).decode('utf-8', errors="backslashreplace").split('\n')
    profiles = [i.split(":")[1][1:-1] for i in data if "All User Profile" in i]
    for i in profiles:
        try:
            results = subprocess.check_output(['netsh', 'wlan', 'show', 'profile', i, 'key=clear']).decode('utf-8', errors="backslashreplace").split('\n')
            results = [b.split(":")[1][1:-1] for b in results if "Key Content" in b]
            try:
                print('')
                print ("{:<30}|  {:<}".format(i, results[0]))
                print("-"*50)
            except IndexError:
                print ("{:<30}|  {:<}".format(i, ""))
        except subprocess.CalledProcessError:
            print ("{:<30}|  {:<}".format(i, "ENCODING ERROR"))

if __name__ == "__main__":
    print_profiles()

Now we save & run it: This should be able to produce something like this;

image.png
The open Wifi's do not have any key besides them: They are just blank

GitHub Repo : Some Stars 🌟

Video: Coming Soon 🚀🚀

That's it!

This blog is intended for educational purposes only and I am not responsible for anything you do!

If you enjoyed this article, consider subscribing to my channel for related content especially about Tech, Python & Programming.

📢Follow me on Twitter : ♥ ♥

Ronnie Atuhaire