Local WiFi Passwords

It is possible to see saved passwords on previously connected WiFi access points. The computer remembers the WiFi's password so that the client user don't have to re-type the password every time they need to use the internet or get in range of the signal.

NOTE: This is closely related to the WiFi Triangluation Guide

Windows Exploit

To see all the Access Points a device have connected to and their clear-text passwords, use Command Prompt or PowerShell.

  1. Get a list of all SSIDs the target computer have accessed (unless a victim chose to forget an Access Point):
netsh wlan show profile

List Wifi Image

  1. The command shows the SSID info, revealing clear-text password, the encryption type and more (Change Guest Network accordingly):
netsh wlan show profile "Guest Network" key=clear

Reveal WiFi Passwords Image