Ask Your Question

Can't Capture Logins

asked 2019-07-05 20:44:23 +0000

Pez gravatar image

Hi all.

I have the latest version of Wireshark installed (3.0.2). I have this at home on my personal computer/ network and am just trying to get the hang of it. My aim is to monitor my kids when they're using their devices on our wireless network. Maybe I'm being a little too nosy and intrusive but I don't care ;)

I found a tutorial on YouTube that's not too old: link text; publish date is January 31, 2019.

To experiment, I'm using the very same computer that I have Wireshark installed on; it's not like I then go and use another, separate device like a laptop or tablet that's on the same wireless network. I launch the program and by going to the Toolbar I click on Capture/ Options, and I make sure it's checked to be in Promiscuous Mode.

I then click the button for "Start Capturing Packets". Next, I launch a web browser and go to a web site where I have to login with a username & password.

After using my username & password to login, I then go back to Wireshark and click on Stop Capturing Packets. Then, according to the video tutorial at the 4:20 mark, I click on Edit/ Find Packet, change the Display Filter to "String", and then type in to the right of it "post" and click "Find".

Now in the video tutorial, he finds a "post", double-clicks to open it, and in there is an HTML Form which when he expands to open it, shows the login name & password that he had used on a web page. When I myself try it to look for the login name & password that I had used on that web site......nothing shows up.

In the video after that 4:20 mark, he also mentions that instead of entering "post" next to String, that you can also try "login"; I tried that, too, but no returns on that, either.

Anybody have any idea what I'm doing wrong? Something I'm missing?

And remember: this is not even testing Wireshark by using a separate device (laptop, tablet) that's on the same personal network in our house; I'm trying this test on the very same computer that Wireshark is installed on.

Perhaps I'm looking at the wrong tutorial on YouTube? :-p If you know of a better tutorial....please send it my way :)

Thanks for any info; Pez

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2019-07-05 22:45:26 +0000

grahamb gravatar image

It's likely that the website is forcing the use of https which encrypts the data, hence you can't find the password.

You can make your browser generate decryption key info (see the Wiki page on TLS for more info), but as it's likely that the sites your children are using are also using https then you won't be able to decrypt their traffic unless you ask them to configure their browsers to give you the decryption key info.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2019-07-05 20:44:23 +0000

Seen: 1,013 times

Last updated: Jul 05 '19