Links

TCM-Sec's Windows WiFi Extractor

Contributed to open source pentesting software

About

  • Contributed to TCM Security's development of their Windows WiFi Extractor tool.
  • The program is designed to dump WiFi SSIDs and plaintext keys from Windows hosts utilizing the built-in netsh utility.
  • Forked the original repo and converted the code to run in-memory only, as the original code created files (and therefore traces) on the victim computer.
  • As a result: removed reliance on hard-coded integer accessors to parsed XML data and moved to a human-readable JSON format.

Postmortem

  • When you get excited to contribute to a cybersec superstar's repo because you see an obvious code optimization, don't forget to erase hard-coded sensitive information from testing prior to making a pull request... Whoops! 😬