Need Help In Wireshark

[chetna]

hey guys

i m working on wireshark but i m nt getting it how to use encrypted password and username. how to c them.

as i need it to do my project.

it's really very urgent. plzzz help me out.

[chetna]

plzz guys help me out from this prob.

[Sparda]

What are the username and password encrypted with? What protocol are you trying to monitor?

[lopez1364]

Like Sparda said.... You have to know what type of traffic you are looking for. What kind of authentication is this for?

[digip]

You cant see encrypted traffic without a MITM to remove encryption before authentication. SSL strip or similar method would be needed. If the traffic is encryted, its damn near impossible unless the certificates in use cna be compromised and you can replay the data in a lab environment showing the plain text data.

There is one other method though, but is sort of backwards and doesnt use wireshark, but a sort of debugger. You can attach something like "Echo Mirage" to any process, and even if its encrypted traffic, you can see what it is doing before it even sends the data since the exe will have the unencrypted text before encrypting it to send on the wire.

http://www.youtube.com/user/pauldotcom#p/u/1/mItBKirtoiQ

Note on Echo Mirage though, this runs locally on your system, say, if you were hacked or something, you can watch in real time what someone remotely is doing to your machine(or honeypot).

Edited February 24, 2010 by digip