My Blog List

Friday, December 9, 2011

Get Access to your college wireless network



WirelessKeyView recovers all wireless network security keys/passwords (WEP/WPA) stored in your computer by the 'Wireless Zero Configuration' service of Windows XP and by the 'WLAN AutoConfig' service of Windows Vista. It allows you to easily save all keys to text/html/xml file, or copy a single key to the clipboard.



System Requirement

  • Windows XP with SP1 or greater.
  • You must login to windows with admin user. 

Using WirelessKeyView

WirelessKeyView doesn't require any installation process or additional DLL files. Just copy the executable file (WirelessKeyView.exe) to any folder you like, and run it.


After you run it, the main window should displayed all WEP/WPA keys stored in your computer by Windows 'Wireless Zero Configuration' service. For WEP keys, the key is also displayed in Ascii form. Be aware that this utility can only reveal the network keys stored by Windows operating system. It cannot recover network keys stored by any other third-party software.


Notice About WPA-PSK Keys

When you type a WPA-PSK key in Windows XP, the characters that you type are automatically converted into a new binary key that contains 32 bytes (64 Hexadecimal digits). This binary key cannot instantly be converted back to the original key that you typed, but you can still use it for connecting the wireless network exactly like the original key. In this case, WirelessKeyView displays this binary key in the Hex key column, but it doesn't display the original key that you typed. 

As opposed to Windows XP, Windows Vista doesn't convert the WPA-PSK Key that you type into a new binary key, but it simply keep the original key that you type. So under Windows Vista, the original WPA-PSK key that you typed is displayed in the Ascii key column.



Registry/File Location of The Stored Keys


Windows XP and Windows Vista stores the wireless keys in completely different locations: 

  • Windows XP: The wireless keys are stored in the Registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WZCSVC\Parameters\Interfaces\[Interface Guid].
  • Windows Vista: The wireless keys are stored in the file system, under c:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces\[Interface Guid]. The encrypted keys are stored in .xml file.

Deleting Wireless Keys Of Old Network Adapters

Starting from version 1.15 of WirelessKeyView, you can delete wireless keys/passwords of old network adapters that are no longer plugged to your computer, by using the 'Delete Selected Items' option. 

Be aware that this delete option only works for network adapters that are not active anymore. If your network adapter is active, use the standard user interface of Windows to delete the unwanted keys.

Using this utility on Windows 7

Starting from Windows 7, Microsoft changed the encryption and hashing algorithms that are used by the Windows Data Protection (DPAPI) system. This change also affects the encryption of the wireless keys stored by Windows, and thus WirelessKeyView failed to retrieve the wireless keys under Windows 7. 

The research and development of a new code that will decrypt the keys of Windows 7 may take a while. So for now, I added a workaround that will allow Windows 7 users to retrieve their wireless keys. This workaround uses an old method of code infection that I used until version 1.25 and it still works properly under Windows 7. This method has one drawback that you should be aware: In some circumstances, it may crash the lsass.exe process and will require your system to restart.
In order to use this code injection method under Windows 7, go to 'Advanced Options' (F9), and choose the 'Use code injection method' option. 

Translating WirelessKeyView to other languages

In order to translate WirelessKeyView to other language, follow the instructions below:
  1. Run WirelessKeyView with /savelangfile parameter: 
    WirelessKeyView.exe /savelangfile 
    A file named WirelessKeyView_lng.ini will be created in the folder of WirelessKeyView utility.
  2. Open the created language file in Notepad or in any other text editor.
  3. Translate all string entries to the desired language. Optionally, you can also add your name and/or a link to your Web site. (TranslatorName and TranslatorURL values) If you add this information, it'll be used in the 'About' window.
  4. After you finish the translation, Run WirelessKeyView, and all translated strings will be loaded from the language file. 
    If you want to run WirelessKeyView without the translation, simply rename the language file, or move it to another folder. 




0 comments:

Post a Comment