8/5/13 How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer | Ethical Hacking Tutorials, Tips and Trick

www.hacking-tutorial.com/hacking-tutorial/how-to-sniff-http-post-password-via-network-using-wireshark-network-analyzer/ 1/7

Search Tutorial... Search

Hacking Tutorial FacebookHacking Tutorial TwitterHacking Tutorial StumbleuponGoogle+Donate Hacking­tutorial.comHacking Tutorial RSS

HomeWrite for UsRequest TutorialContactAdvertise Here

Download »Hacking NewsHacking TutorialHacking WidgetOnline Tools »Phone HackingTips and TrickWebsite »

Home >> Hacking Tutorial >> How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer

How to Sniff HTTP POST Password via Network Using Wireshark NetworkAnalyzer

Posted by v4L in Hacking Tutorial | 12 comments

Type : Hacking Tutorial

Level : Medium

After several days with full of work and project now I want to continue write another tutorial about easy hackingtutorials .

Nowadays most website around the world more than 50% of them (in my opinion ) they didn't provide a secureaccess into a personal profile or some page that require authentication process where users input their username andpassword. As we know that data sent via port 80 (HTTP) was plain and without any encryption.

Today tutorial was talk about How to Sniff HTTP POST Password via Network Using Wireshark NetworkAnalyzer. From this tutorial you also can learn how to secure yourself while you are outside your own computernetwork.

This tutorial can be an angel and also devil in the same time, it depends to you who use this tutorial for whichpurpose…me as a writer of this tutorial just hope that all of you can be an angel and know the bad things can happen from it, because I believe that no one from youwant your password sniffed by someone out there so don't do that to others too .

Let's start our tutorial.

Requirements :

1. Wireshark Network Analyzer (wireshark.org)

2. Network Card (Wi­Fi Card, LAN Card, etc) fyi : for wi­fi it should support promiscious mode

Before we go to step by step section, here's the scenario :

v4L is an attacker and he was sitting and drink starbucks coffee with laptop on his table and he's connected to free wi­fi service there. He run Wireshark fora couple moment and he analyze the data sent across the network and he try to find the password that inputted by victim.

Step by Step :

1. Download your wireshark and install it (in Windows you just need to click NEXT and FINISH to install it), in Backtrack 5 it's already there. Run the program(Windows : double click the icon; Backtrack : open terminal and type wireshark).

Hacking Password Hack WiFi Sniffer

8/5/13 How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer | Ethical Hacking Tutorials, Tips and Trick

www.hacking-tutorial.com/hacking-tutorial/how-to-sniff-http-post-password-via-network-using-wireshark-network-analyzer/ 2/7

from the picture above maybe your network card is different, just choose which one is your network card and click start.

2. Victim with the same network with v4L was really love to open this two website (the 1st one was simple forum, I make for this Cross Site Scripting Tutorial)

The second one was the most famous forum in my country Indonesia.

3. After victim open that two websites, wireshark on attacker computer catch some data cross the network.

Wifi spectrum analyzerwww.aaronia.com/Spectrum_Analyzer

Handheld RF & USB Spectrum Analyzer €499­€1498,­ / 1Hz ­ 9GHz / ­170dBm

8/5/13 How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer | Ethical Hacking Tutorials, Tips and Trick

www.hacking-tutorial.com/hacking-tutorial/how-to-sniff-http-post-password-via-network-using-wireshark-network-analyzer/ 3/7

4. After some times then attacker stop capturing the packet on the network by click the button (see picture) to stop Wireshark Network Analyzer from capturing thepacket.

5. If you learn about web programming, you should know that data from FORM can be sent with two method POST or GET (for details about this POST and GETdefinitions you can google for it).

The attacker know that authentication process should be use POST method for data transmission, then v4L use the filter feature in Wireshark to just only filter theHTTP POST method.

http:.request.method == "POST"

then press ENTER or click Apply.

6. If you only see the filter result, maybe you can be a little confused with the data contents over there. We can expand the data, but it's too many information that canmake us hard to read one by one the data over there. For the simple thing we can use the ”Follow TCP Stream“ feature. Choose the data, right click and choose FollowTCP Stream.

7. Here's the result after we make it more readable by human

8/5/13 How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer | Ethical Hacking Tutorials, Tips and Trick

www.hacking-tutorial.com/hacking-tutorial/how-to-sniff-http-post-password-via-network-using-wireshark-network-analyzer/ 4/7

oops the username and password was visible there. . .

Countermeasures :

1. Do not authenticate yourself (username and password) in a public network especially into website without HTTPS connection.

2. Use VPN or SSH tunneling to secure your connection.

Actually all method cannot prevent this HTTP sniffing, even you secured it using VPN, Tunneling, etc, it can't prevent the sniff 100% because the data from yourVPN server and SSH server to destination HTTP address was not encrypted.

Hope it's useful

Subscribe Now To Get Latest Hacking Tutorial on Your E­Mail

Incoming search terms:

wireshark password sniffingwireshark passwordwireshark password sniffing tutorialhow to sniff passwords using wiresharkhow to hack wifi password using wiresharkuse wireshark to sniff passwordshow to sniff passwords with wiresharkhow to use wireshark to hackhacking with wiresharksniff password with wireshark

Written by Vishnu Valentino.

Blogger, Founder of hacking­tutorial.com. Love PHP, offensive security and web. Contact him at me[­at­]vishnuvalentino.com

See all posts by v4L || Visit Website : http://www.vishnuvalentino.com

Related posts:

1. Hacking Windows 7 SP1 in 5 Steps via Wireshark Using Metasploit + Backtrack 5 R12. How to Detect Someone Sniffing Your Network in a Simple Way3. The Difference Between HTTP and HTTPS [HTTP]4. The Difference Between HTTP and HTTPS [HTTPS]5. Firesheep HTTP Session Hijacking Tools

Like 1

113 4 0 4980

8/5/13 How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer | Ethical Hacking Tutorials, Tips and Trick

www.hacking-tutorial.com/hacking-tutorial/how-to-sniff-http-post-password-via-network-using-wireshark-network-analyzer/ 5/7

Popular Posts

4 Steps Hacking Jcow Social Networking Web Server via Arbitrary Code Execution5 Steps How to Hack Facebook Account PasswordHow to Hack Facebook Password AccountTutorial Hacking Facebook using Phishing Method, Fake Facebook WebsiteTuesday Great Themes #8 FULL GLASS FOR WINDOWS 7 THEME

12 Responsesto “How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer”

1. Fullmetal says:Friday, August 31, 2012 at 5:15 pm

Does it only work on LANor can i use this method for WAN also by port forwarding ? ?? ?

Reply

v4L says:Friday, September 7, 2012 at 2:32 pm

#Fullmetalit works in a network where you’re inside it and you can read the network traffic there

Reply

2. wharan says:Wednesday, September 12, 2012 at 8:40 am

NICE

Reply

3. jayaram says:Sunday, November 25, 2012 at 10:58 am

bro i think we cannot sniff passwords of fb and gmail

Reply

Tim says:Friday, August 2, 2013 at 7:58 am

Course not, This doesnt strip HTTPS Protocol, but HTTP isn’t secure

Reply

v4L says:Friday, August 2, 2013 at 10:05 am

#Tim

that’s why its called stripping the https to http with redirection method(from 443 to 80)….from secure to unsecure…i’m confused with yourstatement…??

Reply

4. gullifty says:Wednesday, December 5, 2012 at 3:11 pm

macchanger + dish antenna + aircrack + reaver + ip fwd + arp poison + sslstrip + wireshark post filter = game over

Reply

5. 0x7c says:Wednesday, December 19, 2012 at 4:17 pm

how could i know if the network is trafic there???

8/5/13 How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer | Ethical Hacking Tutorials, Tips and Trick

www.hacking-tutorial.com/hacking-tutorial/how-to-sniff-http-post-password-via-network-using-wireshark-network-analyzer/ 6/7

Reply

6. humar dosni says:Saturday, April 6, 2013 at 4:05 pm

i have seen but it said that there is no http portocol. even when i login to my facebook and hotmail it dosent show me any http protocol or any post thing.html me

Reply

v4L says:Tuesday, April 9, 2013 at 9:15 am

#humar dosnifacebook and hotmail they use https

Reply

7. crazyred says:Saturday, June 15, 2013 at 9:20 am

i run Wireshark in window7. Can i hack Wi­Fi user’s password with Wireshark? We are same Wi­Fi. How to…..?

Reply

v4L says:Sunday, June 16, 2013 at 1:04 am

#crazyred

the tutorial is above

Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Name *

Email *

Website

CAPTCHA Code*

Comment

Submit Comment

Notify me of followup comments via e­mail. You can also subscribe without commenting.

Get Latest Hacking Tutorial on Your E­Mail

Enter your email address:

Subscribe

8/5/13 How to Sniff HTTP POST Password via Network Using Wireshark Network Analyzer | Ethical Hacking Tutorials, Tips and Trick

www.hacking-tutorial.com/hacking-tutorial/how-to-sniff-http-post-password-via-network-using-wireshark-network-analyzer/ 7/7

Hacking-tutorial.c…

+ 66

Follow +1

Links

Partners

© Copyright Ethical Hacking Tutorials, Tips and Trick 2013. All rights reserved. | Powered by Wordpress

Hacking Tutorial, Tips and Tricks

Like

3,477 people like Hacking Tutorial, Tips and Tricks.

Facebook social plugin