First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Can't Capture Logins

  • retag add tags

Hi all.

I have the latest version of Wireshark installed (3.0.2). I have this at home on my personal computer/ network and am just trying to get the hang of it. My aim is to monitor my kids when they're using their devices on our wireless network. Maybe I'm being a little too nosy and intrusive but I don't care ;)

I found a tutorial on YouTube that's not too old: link text; publish date is January 31, 2019.

To experiment, I'm using the very same computer that I have Wireshark installed on; it's not like I then go and use another, separate device like a laptop or tablet that's on the same wireless network. I launch the program and by going to the Toolbar I click on Capture/ Options, and I make sure it's checked to be in Promiscuous Mode.

I then click the button for "Start Capturing Packets". Next, I launch a web browser and go to a web site where I have to login with a username & password.

After using my username & password to login, I then go back to Wireshark and click on Stop Capturing Packets. Then, according to the video tutorial at the 4:20 mark, I click on Edit/ Find Packet, change the Display Filter to "String", and then type in to the right of it "post" and click "Find".

Now in the video tutorial, he finds a "post", double-clicks to open it, and in there is an HTML Form which when he expands to open it, shows the login name & password that he had used on a web page. When I myself try it to look for the login name & password that I had used on that web site......nothing shows up.

In the video after that 4:20 mark, he also mentions that instead of entering "post" next to String, that you can also try "login"; I tried that, too, but no returns on that, either.

Anybody have any idea what I'm doing wrong? Something I'm missing?

And remember: this is not even testing Wireshark by using a separate device (laptop, tablet) that's on the same personal network in our house; I'm trying this test on the very same computer that Wireshark is installed on.

Perhaps I'm looking at the wrong tutorial on YouTube? :-p If you know of a better tutorial....please send it my way :)

Thanks for any info; Pez

Pez's avatar
3
Pez
asked 2019-07-05 20:44:23 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

It's likely that the website is forcing the use of https which encrypts the data, hence you can't find the password.

You can make your browser generate decryption key info (see the Wiki page on TLS for more info), but as it's likely that the sites your children are using are also using https then you won't be able to decrypt their traffic unless you ask them to configure their browsers to give you the decryption key info.

grahamb's avatar
23.8k
grahamb
answered 2019-07-05 22:45:26 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer