Hello!
I have been trying to sniff packets to stealmylogin.com and get the user/pass I entered in the forms after submit, but Wireshark is simply not getting them.
I used tracert to get stealmylogin.com ip address and then filtered in Wireshark with ip.addr, but to no avail, no packets available. The only packets I got to that website were some DNS protocol queries from the tracert, but nothing from firefox nor google when submitting the forms.
What am I doing wrong?
My method: 1. Start capturing packets in Wireshark on all available interfaces 2. Go to http://www.stealmylogin.com/demo.html and enter some username and password. 3. Submit and proceed within the website. 4. Stop capture in wireshark. 5. Try to filter by http.request.method == "POST" 6. No POST requests (only keep-alive ones with no info on them with OCSP protocol)
Note that I am using a proxy to access the net.