Few chat engines, say IRC and Pidgin doesn't encrypt the package when they send. Is it possible to capture those non encrypted plain text information using wireshark and view those informations? asked 03 Oct '13, 00:24  Karthick |
One Answer:
Wireshark will (hopefully) capture whatever traffic passes through the capturing interfaces. If the application sends in plain text then it will be visible in the capture, however if there is no dissector for the protocols being used then it will just appear as "data". answered 03 Oct '13, 02:20  grahamb ♦ |
Can you just tell me what filter do I have to use for seeing Plain Text Chats (I.E IRC etc)?
There is not "one" filter to do that, as there are different protocols used for different chat systems. You will need to find out which chat protocols are used and can then filter on the tcp (or udp) ports used by the protocol.
For IRC you can use the (capture) filter "tcp port 6667" for instance...
Hi I am going to present a session about wireshark. Can anybody tell me what and all can be shown live to the users. Like tracing plain texts using wireshark etc etc..
Make some captures and have a look, non-tls email to a pop server (port 110) is usually good with passwords in plain text.
Is it possible to divert all traffic to http instead of https using sslstripe or anything that can do this? I just want to have this setup to show a demo for education purpose.