Ethical Hacking

Grab Username & Password via Wireshark

Grab Username & Password via Wireshark

Hello Hackers,

Let’s read some Cybersecurity Blog’s

Today we will learn about the process of how Hackers were able to steal the credentials(username, password, card details, messages, etc) on the same network.

This attack is done in absence of SSL(Secure Socket Layer). For understanding the attack we should first know about SSL.

What is SSL ?

SSL is an abbreviation of Secure Socket Layer that helps to make a secure tunnel between your system and website server.

(You can refer to SSL pinning method to better understanding)

So this attack can be done only where the website is working on “HTTP” and the attacker should be in the network of victims to grab the sensitive data.

Here the tool WIRESHARK, is a Network traffic analyzer tool, which helps you to see the traffic of users connected to the same network. You can see my previous blog to know more about Wireshark and its installation.

When a request travels from your system and goes to the required “HTTP” website server, there is a high probability that your request can be monitored by the person who is in the same network connection, but this would not work on “HTTPS“.

If an attacker is on the same network where the victim is surfing on a “Non-Secure(HTTP) website, your data travels from your system as the website is not using “HTTPS” the data is traveling in a “Non-Encrypted” manner.

So firstly for showing the attack I have chosen http://testphp.vulnweb.com/ here we will test the vulnerability.

Now once you have installed the Wireshark successfully, run it.

As I am connected to my wifi I have selected “wlan0” if you don’t know just click on “any” and your Wireshark will start capturing the packets passing through your gateway(wifi).

Let’s enter the credentials in the website for login and watch what happens next…

Once we are done with entering username & password hit enter…and start observing the Wireshark you will get the request(POST) then double click that packet…

After double-clicking the packet the small interface will one up, now extend the HTML FORM by clicking the “+” .

Now you can see the username and password of the victim and this is how hackers steal passwords when you are joined at any public network.

We should take another option i.e Messages or comment on the HTTP website, we will now capture the packets of messages.

Once we have added a message quickly go to the Wireshark and find the packets of message…

Here we got the packet and as usual double click the packet.

Again expand the HTML form you will get to see the messages…

Here we got the message sent by a user, we have successfully completed Hacking!!

It’s done for today “GOODBYE“.

HAPPY HACKING !!!!

Share this post

About the author

Leave a Reply

Your email address will not be published. Required fields are marked *