To test the capturing of plain text, I have logged into my router (http://192.168.0.1) and given username and password applying http.request.method == "POST" filter. I have clicked on the captured packets and then expand the Hypertext Transfer Protocol field. The POST data were there, but i cant able to see username and passwords there.. Any help would be really helpful. Thank You. asked 06 Oct '13, 17:26  Karthick |
4 Answers:
Try using the popup menu of the connection that should have the password and select "Follow TCP stream". If you can't spot the password in there the connection is probably encrypted (or it is the wrong connection you selected). answered 07 Oct '13, 00:53  Jasper ♦♦ |
Did you search the password by using filters?
where abc123 is your password. If there are no matches, the password is not sent in clear. In that case there is (most certainly) some javascript in use that scrambles the password for the POST request. If so, you'll have to analyze the script code or use a javascript debugger (google for Firefox developer tools). Regards answered 07 Oct '13, 08:12  Kurt Knochner ♦ |
please, 1-> right click on the "packet" to be captured 2-> click on "Follow TCP Stream" 3-> there you will find a line (in a new popup window) 4-> the username will be shown on 2nd/3rd last line(of red-color text) 5-> next to your username, a password would be shown(either in real-password or in encrypted/changed form) answered 05 Mar '14, 21:29  Asif Mehmood |
answered 16 Sep '14, 05:27  mayhem edited 16 Sep '14, 05:30 Jasper ♦♦ |
Hint for 5.: no need to be good at cryptography - base64 may be considered "obfuscation" at best. Decoding it is child's play.