Well, assuming what you would get by sniffing is a hash and not the plaintext password then I think your "friend" would just be better off getting to the physical router and holding the reset button for 30 seconds to restore it to factory defaults. And if you have physical access then you always have root access if you know what you're doing. – headkase – 2016-03-11T13:21:34.210

Try on a Windows device WirelessKeyView v1.72 - Recover lost wireless network key

@headkase I detect a sense of doubt about the existence of my friend. :) Nonetheless, he does not have physical access to the router. – DaveTheMinion – 2016-03-11T17:24:25.003

@DavidPostill Doesn't this program only recover information from the computer? If so, then it cannot be used for the issue at hand. – DaveTheMinion – 2016-03-11T17:26:28.397

You didn't mention what his other devices were ... ;) – DavidPostill – 2016-03-11T17:31:45.120

@DavidPostill His other device is a computer running Windows, but the computer in question does not have the WiFi information on it. The only device that he owns that he can currently use to connect to the internet is his iPad. The computer running Windows is the reason he needs the password, as he obviously wants to connect it. – DaveTheMinion – 2016-03-11T18:17:07.383

@DavidB Regardless of your "friends" existence, ;), you could go get a Linux distribution that is designed specifically for penetration testing such as Black Arch. The problem is that you could spend a week learning the basics or you could, like, phone up someone who does have access to the router and get them to hold the button for 30 seconds. – headkase – 2016-03-11T18:54:14.743