Hello. I need to find a gmail password in a sample capture for a school club using only wireshark. Gmail is obviously encrypted and I have no idea how to do this. There are so many packets with the google IP and I don't know which one to choose. Any and all help is appreciated.
asked 09 Feb '15, 15:56
You won't find the password, as gmail uses HTTPS (ssl/tls encryption) by default for some years.
Without the RSA key of the google servers (I guess you don't have those keys) or a dumped session key of the "attacked" browser (you'll have to dump that while you are accessing gmail) you won't be able to decrypt that communication unless you are a super hacker from an alien planet or you work for the NSA department Str0ngBalls78. In the later case, you will get displaced tomorrow morning at 0600 because you asked silly questions in an open forum ;-)