Ask Your Question

Revision history [back]

Sniffing stealmylogin.com

Hello!

I have been trying to sniff packets to stealmylogin.com and get the user/pass I entered in the forms after submit, but Wireshark is simply not getting them.

I used tracert to get stealmylogin.com ip address and then filtered in Wireshark with ip.addr, but to no avail, no packets available. The only packets I got to that website were some DNS protocol queries from the tracert, but nothing from firefox nor google when submitting the forms.

What am I doing wrong?

My method: 1. Start capturing packets in Wireshark on all available interfaces 2. Go to http://www.stealmylogin.com/demo.html and enter some username and password. 3. Submit and proceed within the website. 4. Stop capture in wireshark. 5. Try to filter by http.request.method == "POST" 6. No POST requests (only keep-alive ones with no info on them with OCSP protocol)

Note that I am using a proxy to access the net.

Sniffing stealmylogin.com

Hello!

I have been trying to sniff packets to stealmylogin.com and get the user/pass I entered in the forms after submit, but Wireshark is simply not getting them.

I used tracert to get stealmylogin.com ip address and then filtered in Wireshark with ip.addr, but to no avail, no packets available. The only packets I got to that website were some DNS protocol queries from the tracert, but nothing from firefox nor google when submitting the forms.

What am I doing wrong?

My method: 1. method:

  1. Start capturing packets in Wireshark on all available interfaces 2. interfaces
  2. Go to http://www.stealmylogin.com/demo.html and enter some username and password. 3. password.
  3. Submit and proceed within the website. 4. website.
  4. Stop capture in wireshark. 5. wireshark.
  5. Try to filter by http.request.method == "POST" 6. "POST"
  6. No POST requests (only keep-alive ones with no info on them with OCSP protocol)

Note that I am using a proxy to access the net.