Wifi Scanning

rayone · ‎11-05-2024

I am looking for a way to scan the details of device wifi connections, lansweeper will only scan network Mac and IP details, however i would like to get a report of currently connected SSID's with settings ( WPA, WEP, etc) not necessarily the password, but the configuration items, so we can check on what network someone is connected to when they report issues - can help with remote users, also in office users to ensure they are connected to the correct networks without having to ask.

what would be even better is if this could be a WMI historical item, so scan's over time and shows current connected but can also log and record this. or something that will report "netsh wlan show networks" or "netsh wlan show interfaces" results

Hendrik_VE · ‎11-06-2024

Same approach here. We have a script that gathers all stored Wifi Profiles (including the password) and sends them as a (custom) error event on which we report in Lansweeper:
$listProfiles = netsh wlan show profiles | Select-String -Pattern "All User Profile" | %{ ($_ -split ":")[-1].Trim() };
$l = $listProfiles | foreach {
       $profileInfo = netsh wlan show profiles name=$_ key="clear";
       $SSID = $profileInfo | Select-String -Pattern "SSID Name" | %{ ($_ -split ":")[-1].Trim() };
       $Key = $profileInfo | Select-String -Pattern "Key Content" | %{ ($_ -split ":")[-1].Trim() };
       [PSCustomObject]@{
             WifiProfileName = $SSID;
             Password = $Key
       }
}
$l | % {
$Wifi = $($_.WifiProfileName)
$Pass = """$($_.PassWord)"""
$msg = "WIFI:" + $wifi + "," + $pass
EventCreate /L Application /T Error /ID 999 /D $msg
}

And we have another script that reports on previously connected wireless networks:
$events = Get-WinEvent -FilterHashtable @{LogName="Microsoft-Windows-WLAN-AutoConfig/Operational";id=8001}
$LastReported = (Get-WinEvent -FilterHashtable @{LogName="Application";id=998})[0].TimeCreated
if($LastReported) {$events = $events | ? {$_.TimeCreated -gt $LastReported}}
if($events)
{
for ($i = $($events.Count -1);$i -gt -1; $i--)
{
$msg = "Time connected: " + $events[$i].TimeCreated + " | SSID: " + ([string]($events[$i].Message.Split("`n")|select-string "SSID*").ToString().Trim()).Split(":")[-1]
EventCreate /L Application /T Error /ID 998 /D $msg
}
}

We use it more for forensic investigation though.

Josha · ‎11-05-2024

Lansweeper can scan the Windows registry. You can write a script that gathers all the data you're looking for and store the results in the registry. Then you can tell Lansweeper to scan these registry values and you can then build reports on this dataset.

I have a ton of custom integrations done this way in my environment. I copy files/scripts to a custom directory in c:\programdata and setup task scheduler to run the scripts on a schedule. I always generate a "LastRan" timestamp value from the script runtime.

Then when Lansweeper scans the registry values, I know they're up to date as of the timestamp I set for the script runtime. You can create a "CurrentSSID" value with a single SSID name and then create a "HistoricalSSID" value that is a comma separated list that updates every time a new SSID is shown as connected.

For example, here's a very basic PowerShell script you can run to write the current network connection details to the registry.

# Set Registry Path
$regPath = "HKLM:\SOFTWARE\CustomRegistryKey\NetworkDetails"

#Get network details
$netDetails = Get-NetConnectionProfile

#Check to see if registry key exists and create it if it doesn't
if (!(Test-Path $regPath)){
    New-Item -Path $regPath -Force
    }

# Create registry values to hold data from current connection
New-ItemProperty -Path $regPath -Name 'TimeStamp' -Value (Get-Date) -PropertyType String -Force
New-ItemProperty -Path $regPath -Name 'Name' -Value $netDetails.Name -PropertyType String -Force
New-ItemProperty -Path $regPath -Name 'InterfaceAlias' -Value $netDetails.InterfaceAlias -PropertyType String -Force
New-ItemProperty -Path $regPath -Name 'InterfaceIndex' -Value $netDetails.InterfaceIndex -PropertyType String -Force
New-ItemProperty -Path $regPath -Name 'NetworkCategory' -Value $netDetails.NetworkCategory -PropertyType String -Force
New-ItemProperty -Path $regPath -Name 'DomainAuthenticationKind' -Value $netDetails.DomainAuthenticationKind -PropertyType String -Force
New-ItemProperty -Path $regPath -Name 'IPv4Connectivity' -Value $netDetails.IPv4Connectivity -PropertyType String -Force
New-ItemProperty -Path $regPath -Name 'IPv6Connectivity' -Value $netDetails.IPv6Connectivity -PropertyType String -Force

Then you just program Lansweeper to scan these values and you can generate a report like this

Select Distinct
asset.AssetID, 
asset.AssetName, 
a.Value as Timestamp,
b.Value as Name, 
c.Value as InterfaceAlias,
d.Value as InterfaceIndex,
e.Value as NetworkCategory,
f.Value as DomainAuthenticationKind,
g.Value as IPv4Connectivity,
h.Value as IPv6Connectivity
From tblassets as asset
Inner Join tblAssetCustom cus on cus.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'TimeStamp') as a on a.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'Name') as b on b.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'InterfaceAlias') as c on c.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'InterfaceIndex') as d on d.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'NetworkCategory') as e on e.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'DomainAuthenticationKind') as f on f.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'IPv4Connectivity') as g on g.AssetID = asset.AssetID
Inner Join (Select AssetID, Value from tblRegistry where Regkey = 'HKEY_LOCAL_MACHINE\SOFTWARE\CustomRegistryKey\NetworkDetails' and Valuename = 'IPv6Connectivity') as h on h.AssetID = asset.AssetID
Where asset.AssetType = -1 and cus.State = 1

Do note this is just an example/POC for you to create your own logic. This code assumes your devices are only on one network connection. If they're on wired and wireless, you are going to have to program logic to split it out into different registry values or else you're going to be trying to store arrays as strings and it's going to get messy.

DavidPK · ‎11-05-2024

Hi there,

The feature you're looking for is currently unavailable in Lansweeper. However, we would be happy to assist you in submitting a feature request to our product team. To do so, we kindly ask that you contact our tech support team: https://www.lansweeper.com/contact-support/

Wifi Scanning

General Discussions

New to Lansweeper?

Try Lansweeper For Free