I tried to extract login information of window application game such as login portal and login data, but I am confuse where is it located https://drive.google.com/file/d/0Bwx9g-l32Xo0VTFWQXdEdXJJR2M/view?usp=sharing asked 28 Jan '17, 02:14 yyk |
One Answer:
A little more context might be helpful to understand what is supposed to happen. We could then focus on expectations to figure out where the information is. The trace provided has a single TCP connection with some interesting information - if you right click on of the TCP packets and choose Follow TCP Stream (or use display filter: tcp.stream eq 0),
I bolded the interesting piece. Is the issue that you can’t get in, so you are trying to troubleshoot? If so, this might be root cause. If the issue is something else, please provide more detail. There is some UDP traffic to the same host as the TCP connection so I can’t discount that this may have additional information that you may be after. I would expect, however, that login occur over TCP, preferably over HTTPS for encryption, but I see regular port80 HTTP traffic here. answered 28 Jan ‘17, 04:52 Bob Jones |
Additionally, it is highly unlikely the username/password will be submitted in plain text. I am sure when the server application facilitates the login, it will do so after a TLS session is established.
Please have a first look here: https://blog.packet-foo.com/2016/07/how-to-use-wireshark-to-steal-passwords/
Hi, this http request is just load for annoucement, because I can still login even it say server is maintenance. I am not sure how it transfer the data, but there seem like no http/https request doing it, this log is start before login and stop after the game logged in so it should contain the data exchange between server and my computer.