Hi, I'm trying to catch the packet that contains the data for my home page login. I get the 401 not authorised page and Chrome/IE offer the login box. I put in my username and password but Wireshark doesn't seem to catch it. Can anyone explain please? asked 06 Oct '11, 09:52 turnbui |
One Answer:
The browser has several methods to proof the user's identity. In most cases the credentials are somewhat obfuscated with one of these methods:
These items are found in the clients HTTP request header. Another option is to trigger a Javascript, that obfuscates the username and password before sending it with a POST to the server. From a security perspective this is quite silly. Good hunting! answered 06 Oct '11, 15:52 packethunter thanks for the info. (06 Oct '11, 23:45) turnbui |
How do you know that "Wireshark doesn't seem to catch it"?
because i can't find a packet with my username/password in it. it isn't https so i expect clear text. also i check the frame number then press login then heck frame umber again only to find there re no new frames.