Rubber Ducky payload to extract the SSID profiles and the IP addresses of a Windows machine.
- Opens PowerShell
- Downloads SSID_IP.ps1
- Sets the PowerShell Execution Policy to Unrestricted (forced)
- Runs the script
- Deletes the script after it has run
See the payloads folder.
SSID_IP.ps1 PowerShell Script.
This script exports the SSID profiles saved in the target machine, in XML files. Using PowerShell commands and making a Web Request, gets the private and public IP address and the Host Name of the machine. This data gets stored in a CSV file.
After, compresses all the files into a Zip file.
📂SSID_Profiles.zip
┣ 📜Wi-Fi-WIFI_1.xml
┣ 📜Wi-Fi-WIFI_2.xml
┣ 📜Wi-Fi-WIFI_3.xml
┗ 📜IP_Addresses.csv
| Host Name | Public IP | Private IP |
|---|---|---|
| HOSTNAME | X.X.X.X |
192.168.X.X |
To exctract the important data from the XML files, run Extract-SSID.py, located in the extract/ directory.
This script will create a CSV file with all the important data in the XML files.
When running it, you can specify the path where the XML files are. If you don't specify any, it will search for XML files in the directory where you run the script.
We have a directory called Profiles/ with 4 SSID Profiles, in XML files.
📂Profiles
┣ 📜Wi-Fi-Home.xml
┣ 📜Wi-Fi-Mi 11i.xml
┗ 📜Wi-Fi-iPhone 6s.xml
To extract the data from those XML files, we will run the script, specifying the Profiles/ directory.
$ python Extract-SSID.py ./Profiles/This will generate a CSV file, that will look like this.
| Name | Key Material | Protected |
|---|---|---|
| Home | home_key_2022 | False |
| Mi 11i | redmi2021 | False |
| iPhone 6s | Xavier1971 | False |
Name- SSID NameKey Material- SSID KeyProtected- True / False