Hacking Tricks

How to Use Wireshark to Steal Local Passwords

Wireshark

Wireshark is a network protocol analyzer for Unix and Windows.

Here at “The Hacker Solutions”, we’ve spoken a lot about securing and anonymizing traffic. This is a big deal. With all of today’s business taking place electronically via computers, we need to be secure when on-the-go.

A lot of businesses don’t even train their employees to secure their computers to protect from various threats. Here are a few things that should always happen when doing business on computers:

  • Always use a strong OS password
  • Companies should always offer a VPN service to encrypt employees’ traffic.
  • Never access unencrypted wireless.

What’s the Deal with Encryption?

You’ll hear me say, “encrypt this” or, “use SSL” on a regular basis. But I’ve come to realize a lot of you still have no idea why this is so important, so let’s go over why. Normally, network traffic is transmitted in plaintext. This means that whatever you send over the network can be read by anyone. However, your network interface will only receive and read packets that contain your host IP address. So this means we are safe, right? Wrong.

Open source geeks like myself use open source networking drivers, which allows our interfaces to be switched into promiscuous mode. This forces the networking interface to receive all [[wiki:packets]] it sees, effectively “sniffing” all of the packets. This means that the data can be analyzed in hexadecimal, which will reveal any sensitive information that was transmitted, such as messages or login credentials.

How to Use Wireshark

We are going to be using a packet sniffer to collect information from when we browse the internet. Let’s get started.

Requirements

1. Windows (with a USB wireless interface capable of packet sniffing), or GNU/Linux
2. Root privileges

Steps to Use Wireshark to Steal Local Passwords

Step 1 Download & Install Wireshark 

Windows users follow a simple point and click install. Linux users must enter text in bold as a terminal command.

Wireshark is a complete internet protocol analyzing suite. It can analyze most forms of traffic and has a quick, clean graphical user interface.

1. Download Wireshark.
2. Extract the archive.
tar zxvf <wireshark>
3. Configure for installation.
./configure
4. Compile and install the program.
make && sudo make install
5. Run wireshark.
sudo wireshark-gtk

Step 2 Sniff Packets for Sensitive Information

With Wireshark running, follow along with me in this Tutorial on how to see and sniff traffic. This will help you see how important using HTTPS websites, and encryption is.

 

This tutorial is about How to Use Wireshark to Steal Local Passwords. Hope you like this tutorial. Please Like and Comments bellow. Let us know, If you have any query.

Comments

Most Popular

To Top