Note: Wireless testing has the element of physical access to a given facility. This can be used to emulate a physical attacker, a visitor to the organization, or a malicious employee. Always discuss use of physical attacks with your point of contact prior to executing them.
The Bash Bunny is a malicious Human Interface Device (HID) that can be used to execute commands on a target device. In the context of Wireless testing, a Bash Bunny can be useful for dumping a Pre-Shared Key (PSK) from a connected host.
Example Bash Bunny payloads can be found on GitHub. However, the following commands are typically used to manually expose a PSK for a given network.
netsh wlan show profiles
netsh wlan show profile [Name] key=clear
The PSK for the target network will be displayed in the results. The process for executing this attack using a Bash Bunny is described in the following BHIS blog post.
https://www.blackhillsinfosec.com/pull-wireless-credentials-bash-bunny/