How to read POST data from other machines on the network
Hi there, rather new to wireshark and just playing around on it on my own home network and trying to learn for fun (no one else on the network).
I figured out how to read filter for POST data on the machine that I'm running, that was easy. Next thing was to try to monitor the network (e.g. traffic from my cell phone). I used telnet to get into my router settings (RT-AC68U) from the windows console and used the following settings (assuming 192.168.1.40 is the machine I want to be monitoring with):
iptables -A PREROUTING -t mangle -j ROUTE --gw 192.168.1.40 --tee iptables -A POSTROUTING -t mangle -j ROUTE --gw 192.168.1.40 --tee
This seemed to work, since now I'm receiving packets meant for other machines on the network I wasn't seeing before, I think. So all good. So I navigated to a test form that I was using fine on the main machine on my phone and tried to filter for POST data, and hammered the send button a few times, but nothing was showing when using the http.request.method == "POST". I can see bursts of traffic when I filter for that specific IP using ip.addr == 192.168.1.PHONE, and can figure out which bits are the things I'm kinda looking for if I do ip.addr == 192.168.1.PHONE && ip.addr == test.website but nothing makes sense, and there's no POST data.
I tried to use Follow TCP Stream but I don't know which entry to follow and every one I've tried has just turned up gibberish.
I should probably add that I thought I set up WPA2 decrypt properly but I may not have. I'm using wpa-pwd and put in Pass:SSID.
Are you accessing the test page over HTTPS?
No, I wasn't.