How to Extract Plaintext Wi-Fi Passwords (with Rust)
Рет қаралды 77,637
4 ай бұрынjh.live/keeper || Keeper Security offers a privileged access management solution to deliver enterprise grade protection all in one unified platform -- keep your users, your data, and your environment secure with Keeper! jh.live/keeper
Special thanks to colleagues @MEhrn00 and @Nordgaren for all their help in preparing this video 🙏
Free Cybersecurity Education and Ethical Hacking with John Hammond
🔥KZbin ALGORITHM ➡ Like, Comment, & Subscribe!
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
@kushagrasaxena5202 4 ай бұрын
1:30 missed opportunity to say "I am little RUSTY"
@urtootall 3 ай бұрын
I somehow love those videos, but the programming flies right over my head, every time xD
@jepunband6280 3 ай бұрын
or just open up command prompt and run a simple command to view the saved passwords.
@byk1lla 4 ай бұрын
this man is my favorite cyber sec channel i love his contents
@saintebruneaux1788 4 ай бұрын
Yup! Him, David Bombal, and NetworkChuck as well 👍🏽
@stopper0203 4 ай бұрын
Cyberspatial was a good one too - but I think he stopped making videos
@saintebruneaux1788 4 ай бұрын
@@stopper0203 Should I check it out though he may not be up to date with his content?
@viktorpupovic9565 4 ай бұрын
Djude this is awesome , thanks for teaching us bro. 💪😃🖖
@rodricbr 4 ай бұрын
It would be cool if the code for the project was included in your github or somewhere in the description!
@bobmarley8334 4 ай бұрын
I think they like doing that. Self pleasure, I don't know. This happens in a lot of channels.
@Elon_Mapc 4 ай бұрын
I thought rust is a game
@NICE10433 4 ай бұрын
We raid here, but we raid the computer.
@Alfred-Neuman 4 ай бұрын
If Rust was made with Rust, Rust would be good, because Rust is good...
@waterlord6969 4 ай бұрын
@@Alfred-Neuman😬🥴😵
@0123Jas 4 ай бұрын
Funniest comment I saw all day 🤣 😂
@rodricbr 4 ай бұрын
@@Alfred-Neumanlol, good one
@xAbdulRhmanX 4 ай бұрын
Hi John, I enjoy all of your videos. But I want to add something here, the WiFi passwords are encrypted in Windows using DPAPI. So, only the user who connected to the WiFi can see the password. For example, if on the same system user A connected to the WiFi "test" the user B can't read the password, it only can read the SSID. DPAPI is used a lot on Windows and other apps too, for example Chrome uses it to store your credentials in an encrypted way but that is not very secure as any one who has a session to your user can decrypt these credentials without specifying any decryption password
@rtzgf67games7 4 ай бұрын
Are you allocating memory for the pointers you pass into windows functions?
@nordgaren2358 4 ай бұрын
No, They are null pointers. The function expects a pointer to a pointer, so he is making a null ptr, with std::ptr::null_mut(), and passing a mutable reference to that pointer to the function. Windows then allocates memory and writes the allocated address to the pointer reference that was passed it. It's why we have to call the WlanFreeMemory function on those pointers. Because the Wlan library is what is allocating the memory, not the Rust program.
@rtzgf67games7 4 ай бұрын
@@nordgaren2358 Aha so the function allocates the memory needed. Thanks!
@ReligionAndMaterialismDebunked 4 ай бұрын
Early crew. Shalom. :3
@rccowboys 3 ай бұрын
You got your own way of typing. It withs for you, but it's weird to watch.. in a good way though. Great video
@riigel 4 ай бұрын
rust is indeed hardcore 😅 more rust!!
@Karam99443 3 ай бұрын
You helped me to scaring my neighbors😂😂😂😂😂
@MIRLOX_mirilox 4 ай бұрын
Thank you brother am from marocco
@MatinDevs 4 ай бұрын
awesome ❤
@baba01hacker 4 ай бұрын
W video bro 🎉
@ReligionAndMaterialismDebunked 4 ай бұрын
Bravo!!
@yaboy7120 4 ай бұрын
I recently started a new IT job with limited documentation and essentially no IT dept, so I had to use the line in the beginning to get the password for future device onboardings.
@VG-or1nu 4 ай бұрын
I love educational content ❤
@CookieMonster-fc7jz 4 ай бұрын
Good video - thanks for the share
@EnochOkikiJesus 4 ай бұрын
Hammond's the CodeKeeper 🥵🥵
@bxmusic9104 4 ай бұрын
Nice another Hacking video🤩
@justinpinson8575 4 ай бұрын
what a legend!
@micochu9000 4 ай бұрын
I have also like this but it was built in batch script, using netsh command and export as XML
@nicolodaddato8238 4 ай бұрын
i love your video , but for the next time could you move your camera away from the code
@DividesByZer0 4 ай бұрын
But what about EDR, IDS/IPS? I have a hard time believing techniques like this will work against an enterprise solution like crowdstrike. It's cool I guess.
@_JohnHammond 4 ай бұрын
I unfortunately don't have a CrowdStrike sandbox to test personally, but I reached out to someone in the Discord who had and they tried it -- no alerts with CrowdStrike Falcon sensor running, from what they shared. SmartScreen would naturally pop up since it is currently an unsigned binary, though.
@zanez7953 4 ай бұрын
@@_JohnHammond Thank you for verifying your claims, I love you very much
@exithe 4 ай бұрын
I work for one of these companies and you would be surprised how many things don't get flagged, you got to keep in mind that they are trying to create alerts for one size fits all by default. Companies want actionable alerts so wayyyy too much gets left on the wayside because it creates work to tune lol... honest truth.
@gamereditor59ner22 4 ай бұрын
Interesting....🤔
@Redditard 3 ай бұрын
Can't you just also, Settings > WiFi > "Network Name" > View Wi-Fi security key? 0:27
@ThisIsJustADrillBit 4 ай бұрын
First! ❤ Oooo so rust isnt a game? Hahaha
@AGASTRONICS 4 ай бұрын
I guess I should be able to do this with Osquery since devices trust the program. 😅
@user-td4pf6rr2t 4 ай бұрын
I think john jump shipped and turned team GUI.- Loads happens between fingers and the display ive always heard.
@Mezzosd 4 ай бұрын
how to extract password from sqlite3 files saved in the application
@vgx13 4 ай бұрын
Does not work on Windows 11. I enter "Failed to get auth for this profile".
@fadiallo1 4 ай бұрын
Hello My Friend.
@timecop1983Two 4 ай бұрын
I have a question? How do you research tools and techniques?
@nordgaren2358 4 ай бұрын
Google. GitHub. Training material like Maldev Academy. Joining communities related to the tools you are trying to make and asking questions. Existing tools on GitHub are extremely helpful. Working code is always some of the best documentation. In this case, you could even learn how to make this tool just by looking at the Microsoft documentation!
@user-he4ef9br7z 4 ай бұрын
Read CVEs
@hrajrhakobjan5258 4 ай бұрын
EDR injection can be bypassed
@photonz_ 4 ай бұрын
anyone know what keyboard john is using?
@vachaspathit9351 4 ай бұрын
i think its 60 or 65% keyboard dont know about name maybe razer?
@nordgaren2358 4 ай бұрын
It's a custom keyboard, I believe. He talked about it on a stream about 3 weeks ago maybe 4?
@snudget 4 ай бұрын
Sorry, didn't work on my linux machine
@Luix 4 ай бұрын
so the api doc is in C++
@zanidd 4 ай бұрын
like if you're vibing to the beat in the intro
@iblackfeathers 4 ай бұрын
thumbnail made it look like it's specifically attacking iphones for wifi passwords.
@themgt07 4 ай бұрын
Love From India ❤
@abbasmahmoud360 3 ай бұрын
Years ago
@locaboy336 4 ай бұрын
How to analyse a malware that have (img , doc , xsl ) extension
@AGASTRONICS 4 ай бұрын
For images the first step I guess exif
@AGASTRONICS 4 ай бұрын
For xsl this first step confirm if their are no white text on white background
@AGASTRONICS 4 ай бұрын
For doc turn on ports scanning and set up trusted IP. Then double-click to open the file. Note: it may be tricky sometimes so check for changes in your registry
@locaboy336 4 ай бұрын
@@AGASTRONICS thanks a lot 🙂
@John-lg1vf 4 ай бұрын
@@locaboy336 that advice is awful btw, it's easy to see file, registry and network changes. Do a malware analysis course and you'll learn this at the beginner level.
@uuu12343 4 ай бұрын
I use Rust, btw The new "I use Arch btw"
@iqbal8991 4 ай бұрын
Where password on new connection wifi?
@jackcarroll2071 4 ай бұрын
Hey John what's the best way to get more involved in ethical hacking? Started cybersecurity few months ago.
@ggsap 4 ай бұрын
do you really think you are in any way different from the 100s of the same generic annoying questions he gets like yours
@Alfred-Neuman 4 ай бұрын
@@ggsap I need to know how to ethically hack Fortnite V-Bucks? Asking for a friend... 😂
@Y0GAAAA 4 ай бұрын
@@ggsap shut up \^_^/
@jackcarroll2071 4 ай бұрын
did I say I was any different chill tf out. It never hurts to ask a question. I was looking through comments on his other videos for an answer to a similiar question and hadnt seen it asked. Worse thing that could happen is no response big fuckin deal. you out here wasting energy over being negative rather than answering a simple question to someone who is seeking knowledge most likely in a position you once were in previously. If being a prick on the internet gets you off or something have it 😉@@ggsap
@TheOneHong 4 ай бұрын
how about wpa2 enterprise? (username, pw)
@ardwetha 4 ай бұрын
The entire Windows system should have a CVE. Change my mind.
@user-du4ly6cj5h 4 ай бұрын
Hy how are you
@TarasShabatin 4 ай бұрын
I thought that a person who is "new" in Rust should struggle while writing a code...😅
@vachaspathit9351 4 ай бұрын
what is the editor name
@julfoi2139 4 ай бұрын
Its RustRover from Jetbrains
@vachaspathit9351 4 ай бұрын
@@julfoi2139 ohh thanks a lot !
@bobbyrandomguy1489 4 ай бұрын
"cyber security professional" "uses tiktok"
@safehome-jdev1417 3 ай бұрын
“Types with middle finger”
@FELDCORP Ай бұрын
The windows crate is awfully documented and I hate my life each time I open it.
@dydarjadmin 4 ай бұрын
Неплохо,но слишком просто
@mrDiynot 3 ай бұрын
You not giving us code🙂
@barneyclarke7051 4 ай бұрын
Why rust? C# IDEs have linter for win32 api
@_JohnHammond 4 ай бұрын
Just less likely for an AV to flag on a Rust compiled binary-- you can't as easily do as much introspection and analysis that you would be able to do on a C# exe
@JTsek 4 ай бұрын
16:44 - 18:22 I think there was an editing error
@_JohnHammond 4 ай бұрын
You are right -- thank you!! Fixing now. :)
@maulanakiki 4 ай бұрын
Mr Can we hack but only use a mobile phone?
@hosaenameen303 4 ай бұрын
ةذج
@iamwitchergeraltofrivia9670 4 ай бұрын
Hahahhahahhahahahahhahahahahah you cannot show at me wlan
@chaoskong2987 3 ай бұрын
Title is a bit misleading isn’t it?
@_JohnHammond 3 ай бұрын
what would you like the title to be instead
@chaoskong2987 3 ай бұрын
@@_JohnHammond Using the Win32 API to grab ClearText passwords. Love the videos btw
@trytoo5167 4 ай бұрын
wtf didnt know this existed. Makes inputting a wifi password on behalf of the user pointless.
@cjreek 4 ай бұрын
This only works if the user has already entered the password for the wifi connection once and windows saved it.
@IlliaZhdanov 3 ай бұрын
quick tip: Press alt+enter or whtvr the keybind is to auto import all the stuff. Please stop manually doing this, it triggers me. Just Alt+Enter and all will be fine
@luzclarke6333 4 ай бұрын
Use macros #[
@marekmaxpabianice 4 ай бұрын
1.2 mln sub and you claim Windows STORES passwords in clear text? Revealing sth in clear text and storing in clear text is not the same...