HI everyone So I am trying some experimentation: I have disabled wifi security and i go on http website. If I capture from my PC I can see my trafic and can get my password and login send without security. If I ask some one to go on this website from an other pc I can see everything where is going but I can't see his password. How it's possible ?? NB:I am on ubuntu and he is on windows . thank you for explanation This question is marked "community wiki". asked 13 Dec '11, 13:04  vring6 |
One Answer:
From your comments, I infer that your friend has already logged in to the website before you attempt to capture traffic and that this information is stored in a cookie, resulting in no login credentials being transmitted. Have your friend log out from the website first, and then follow the exact same procedure as you did to log in. This should remove any differences from your setup an your friend's so that you can capture traffic as expected. Of course, this assumes that your friend is cooperative and that you have permission to do this. answered 14 Dec '11, 09:24  multipleinte... edited 14 Dec '11, 09:25 Yes I have permission to do this my friend is with me and we try many(login and log out) times because firstly we think not every packet were captured I also try on many website with http and one of mine (14 Dec '11, 09:33) vring6 Sniffing your own traffic for your password can be a security test (e.g., to see whether an application is sending your password securely). On the other hand, sniffing for other people's passwords is almost always malicious, and IMO, there is no good reason to do it. (14 Dec '11, 09:57) helloworld where do you see i am sniffing people's password i am on my own network and my friend is on his laptop with me. I just want to prove that I can see password on http website on unsecure wifi network and for now I can't and I want to understand why because there is no encryption system and i can see where does he goes (14 Dec '11, 10:03) vring6 |
Have you checked that he is not connecting with
https? Do you see any traffic from your friend's computer? There are a number of factors that might influence this; promiscuous mode isn't really one of them. Just because the interface is in promiscuous mode doesn't mean that it will change the upper-layer protocol behaviors.HI
yes I am on http website, I can see every page he goes, on the same page from my computer i see password and from his computer i am not sure but i seems to be a cookie.
I don't understand