 | 1 | initial version |
As you won't disclose the website, or provide a capture, then we can only speculate, but my guess is that the website is authenticating via an obfuscated or encrypted channel, hence the lack of plain text data.
You'll need to try to capture the traffic created by the pop-up window and investigate further. Isolating that traffic might be difficult, probably best to shutdown all other processes on the host that could generate traffic, hopefully the authentication will be using the same IP address as the website but that isn't guaranteed.
You could also try opening the browser dev tools in the pop-up window to see if there is any Javascript managing the authentication.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
