chetna Posted February 23, 2010 Posted February 23, 2010 hey guys i m working on wireshark but i m nt getting it how to use encrypted password and username. how to c them. as i need it to do my project. it's really very urgent. plzzz help me out. Quote
chetna Posted February 23, 2010 Author Posted February 23, 2010 plzz guys help me out from this prob. Quote
Sparda Posted February 23, 2010 Posted February 23, 2010 What are the username and password encrypted with? What protocol are you trying to monitor? Quote
lopez1364 Posted February 23, 2010 Posted February 23, 2010 Like Sparda said.... You have to know what type of traffic you are looking for. What kind of authentication is this for? Quote
digip Posted February 23, 2010 Posted February 23, 2010 (edited) You cant see encrypted traffic without a MITM to remove encryption before authentication. SSL strip or similar method would be needed. If the traffic is encryted, its damn near impossible unless the certificates in use cna be compromised and you can replay the data in a lab environment showing the plain text data. There is one other method though, but is sort of backwards and doesnt use wireshark, but a sort of debugger. You can attach something like "Echo Mirage" to any process, and even if its encrypted traffic, you can see what it is doing before it even sends the data since the exe will have the unencrypted text before encrypting it to send on the wire. http://www.youtube.com/user/pauldotcom#p/u/1/mItBKirtoiQ Note on Echo Mirage though, this runs locally on your system, say, if you were hacked or something, you can watch in real time what someone remotely is doing to your machine(or honeypot). Edited February 24, 2010 by digip Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.