9

In the long-term care hospital where I volunteer, on the first day of every month, the password for the Guest Wi-Fi connection changes. This causes a lot of work for the staff and a lot of frustration for the patients, many of whom have very limited mobility.

(Yes, the real solution is to get the IT team to keep the same password, but that's not going to happen).

Most of the patients connect to the outside world through Windows laptops. I'd like to create a batch script that we can install on their computers that will automatically retrieve the password for the coming month and apply it as soon as it is needed.

I can put next month's Guest password in a file on the hospital's internal network, where it can only be accessed by someone who currently has this month's password, and I can use bitsadmin inside a batch script to retrieve the password to a local file (see below). I can set up a task on each patient's computer to run this script just before the end of the month.

My question is: when last month's password fails at the beginning of the new month, how can I change the password for that network connection from a batch script?

I know that I can use...

netsh wlan show profile name=“INSERT_SSID_HERE” key=clear

... to find the current password, but how can I set it?

EDIT: I have found that in Windows Vista and up, the Wi-Fi passphrase is stored in an XML file at C:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces[Interface Guid].xml. It appears in the format:

- <sharedKey>
    <keyType>passPhrase</keyType>
    <protected>true</protected>
    <keyMaterial> ** 400+ hexit number ** </keyMaterial>
  </sharedKey>

I am guessing that to change the password, I need to encrypt the new password using the appropriate algorithm and update this XML file. Is there a command that I can use to do this automatically? If not, what encryption algorithm should I use?

A simpler alternative might be to remove the encryption:

    <protected>false</protected>
    <keyMaterial>plainTextPassword</keyMaterial>

However, when I try to relaunch the Wi-Fi connection after rebooting the computer, using an XML file that has been modified this way, the connection fails.

A solution which does not require a reboot is preferable.

Batch script to retrieve password:

@echo off
setlocal
set file=%~dp0result.txt
bitsadmin /reset
bitsadmin /create /download job
bitsadmin /addfile job http://example.com/password.html %file%
bitsadmin /resume job

timeout 5

bitsadmin /getstate job | find /i "TRANSFERRED" && goto :done
bitsadmin /cancel job
exit /b 1

:done
bitsadmin /complete job
:: results.txt now holds the new password
exit /b 0
Community
  • 1
  • 1
James Newton
  • 6,623
  • 8
  • 49
  • 113
  • High security hospital this one! A simpler solution that meets all your current security concerns is to hand the password to patients on a slip of paper. – John3136 Jan 21 '16 at 22:50
  • 1
    That would be so nice. But many of them cannot move their hands. For some of them their laptops (and their eye-movement detectors and single-switch scanners) are their only connection with the outside world. – James Newton Jan 21 '16 at 23:18
  • I have an idea of how to do this, "I can put next month's Guest password in a file on the hospital's internal network", how would it need to be accessed? UNC path, FTP or something alike? – Will Ryan Jan 29 '16 at 17:13
  • Just need to know how to access the file so i can write something accordingly – Will Ryan Jan 29 '16 at 17:13
  • The batch script I give in the question allows me to create a `results.txt` file that contains the password, anywhere on the end-user's computer. You can consider that such a file exists, and that it is located wherever you want it to be. – James Newton Jan 29 '16 at 18:15
  • I think the download shouldn't be the password in plain-text, you should download the entire XML generated from netsh wlan export profile folder="C:\" name="My Network" key=clear The way I see the logic working is: 1- Does the XML file exist in a remote location 2- if it does, download the file (The file will need to be put there well in advance of the password change) 3- make a ping check to google.com, if it fails then remove the current config using netsh wlan delete profile name="My Network" and apply the downloaded XML file – Will Ryan Jan 29 '16 at 18:53
  • That way, the password can be downloaded in advance and will auto-apply once the password expires, there will need to be a scheduled task running regularly to make the change quickly but if the script can ping google then it'll be over within a second or two – Will Ryan Jan 29 '16 at 18:56
  • I should have explained what "netsh wlan export" actually does... It exports a configuration file with the WiFi settings and encrypted password, this XML file can be applied to any other laptop to give it the correct configuration and more importantly, the new password :) You'll have to change the password to the new one on your own laptop and export the config file. – Will Ryan Jan 29 '16 at 19:09
  • Just as a note, i've seen this done in vbs so if i where you then id look alittle at that unless your gonna stick with batch only. – NizonRox Feb 01 '16 at 09:39
  • Here's Microsoft's documentation on the file: https://msdn.microsoft.com/en-us/library/windows/desktop/aa370032%28v=vs.85%29.aspx Not sure if you can do native API calls from bash, but I am pretty sure that you can from vbscript. Here's the appropriate API call: https://msdn.microsoft.com/en-us/library/windows/desktop/ms706795%28v=vs.85%29.aspx Note that if you do not provide the password part of the xml, you will be get a prompt to enter it in, so if everything else fails, have the script type it and press enter – BlackCap Feb 03 '16 at 18:20

4 Answers4

5

Did you try removing and re-adding the profile instead of just changing the content of the XML to use plain password?

I had a similar situation in the past and this is what worked for me:

This answer assumes that you want to keep only the WiFi password on the network instead of a full XML and the SSID of the WiFi is "My Network".

  1. Disconnect from the network: netsh wlan disconnect
  2. Export the "My Network" profile to somewhere else, e.g. C:\: netsh wlan export profile folder="C:\" name="My Network" key=clear --> this should create C:\Wi-Fi-My Network.xml. The resulting xml file should be similar to the one you see in C:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces, but with the <sharedKey> part unprotected (this allows us to only do one replacement on the next step). Obviously, you can also do this by copying the file from the Wlansvc's profile directory, but doing so requires the knowledge of the interface's GUID. Exporting is easier as you only need to know your SSID.
  3. In the copied profile, make sure that protected is false, and fill the keyMaterial with the plain password (simple text replacement, should be easy to do with VB or C#, but if you need to do it purely in batch script, see Changing tag data in an XML file using windows batch file)
  4. Remove the currently stored profile: netsh wlan delete profile name="My Network"
  5. Add back the profile: netsh wlan add profile filename="C:\Wi-Fi-My Network.xml".
    (This will recreate the appropriate file in C:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces, with encrypted password.)
  6. Connect to the network: netsh wlan connect name="My Network"

If you are okay with storing the full XML, you can also export the profile unencrypted (step 2) and store it in your network drive, then you simply need to do step 1, 4, 5 and 6.

I hope this helps.

Community
  • 1
  • 1
roberto
  • 3,553
  • 2
  • 27
  • 30
  • Could you explain what the command `C:\MyProfile.xml: netsh wlan export profile folder="C:\" name="My Network" key=clear` does? I'm assuming that `C:\MyProfile.xml` should be replaced with `C:\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces\{blablabla}\{profilename}.xml`. When I do this, an Internet Explorer window opens, showing the contents of the XML file. I imagined I would see a copy of the file appearing at the root of `C:\ `, but I don't see that happening. – James Newton Jan 29 '16 at 18:26
  • "In the copied profile, change protected to false, and fill the keyMaterial with the plain password" >>> I'm guessing that I'm going to need to use a regular expression to make this change from a batch script. It would be great to see a complete batch script that treats all these steps. – James Newton Jan 29 '16 at 18:29
  • The command should start from the `netsh`. Just forget about the `MyProfile.xml` thing, it's a leftover from my personal note. I have clarified the step in an edit. I hope it's clearer now? Basically that step is just to make a copy of the current profile of your Wifi profile `My Network` with the key in cleartext. – roberto Jan 29 '16 at 22:34
  • As for the second comment: yes. See this question for an example: http://stackoverflow.com/questions/17054275/changing-tag-data-in-an-xml-file-using-windows-batch-file I only use Windows at work so I can't write and test a complete batch script at the moment. If you can't get it to work I'll see if I can create one on Monday. – roberto Jan 29 '16 at 22:39
1

The best logical way i would notify the password is by keeping the password as a number and keeping the wifi name as +or- "from the previous password" every month by this way you could notify the patients for once that what next months password is gonna be! :-) ex: suppose your current password is 134768 and your next months password is 134778 then at the beggining of the next month you could rename the wifi as +ten .

Shrikantha Budya
  • 646
  • 1
  • 4
  • 15
1

You can also write a batch that utilizes

netsh wlan set profileparameter name="SSID" keyMaterial="password"

to update the XML document. The keyMaterial parameter could be passed in through a variable set from another .bat or other file.

I crafted this method when my local coffee shop decided to change the password everyday and I grew tired of telling Windows 10 to forget the network and reconnect.

Zahir
  • 11
  • 1
0

It seems like "FooBar" asked a forume how to en/de crypt the keymaterial but there is no need for that from what im getting, cause he mentions "I successfully just copied and pasted a test one of these between computers, and it connected just fine, so the encryption is definitely reversible." so i would guess that all you have to do is:

  1. Type in the wireless password on a staff computer
  2. Check if the xml file updats(If it does then next step)
  3. Then put it on the network where the multiple computer can reach
  4. C&P the .xml file and overwrite
  5. Pray that you dont need a restart for it else i would guess you could disable the internet driver and re-enable it from batch

Thats my take on it, but i can't really test it at this time.

NizonRox
  • 143
  • 14
  • The encryption is reversible, but typically, only a user with the same logon credential as the user who encrypted the data can decrypt the data, which means it's not really possible to just copy and paste the xml file if the keyMaterial is still encrypted. (keyMaterial is just encrypted using CryptProtectData and can be decrypted using CryptUnprotectData; see: https://msdn.microsoft.com/en-us/library/windows/desktop/aa380261%28v=vs.85%29.aspx It's fairly straight forward to do this with e.g. VB or C#, but for batch file I think invoking netsh is probably the easiest in this case) – roberto Feb 01 '16 at 10:20
  • 1
    Well, another way of doing it is http://www.nirsoft.net/utils/wireless_key.html it has command lines to exports to a .txt file that the program can import with a command line. but that just looks like a last resort to me. And CryptProtectData is C++ while only has a batch tag. – NizonRox Feb 01 '16 at 10:24
  • Yes, this whole thing is pretty simple if it wasn't for the batch restriction. The nice thing about netsh is that it's built-in so it will just work with batch. – roberto Feb 01 '16 at 10:40
  • Thats very true but i should mean that you can run the wireless_key program from the network, makes it easier but yeah netsh is quite the thing. There has been many restrictions for batch but alot of people have found clever ways to deal with it without changing to vbs,c,java ect. – NizonRox Feb 01 '16 at 10:48