In the previous guide on spying on captured packets, I showed you to eavesdrop on the photos and movies people are downloading on the network. In this guide we’re going to step it up a notch and only see the password a user entered but also decrypted an encrypted traffic stream.
Always make sure you have the authority to launch the attacks I’m going to show you. It’s not worth getting fired or embarrassed; ask before you hack.
Wireshark can’t make sense of encrypted traffic which is why we should also make sure sensitive traffic is encrypted. Wait.. wait.. there is one way to view encrypted traffic in Wireshark. If the attack was able to acquire the private key file, he or she could easily decrypted the TCP streams, reassemble and view the decrypted segments. How? It’s just a matter of pressing Shift + Ctrl + p, scrolling down to SSL in the protocol list and browsing to the stolen private key file. Scary but true.
Anyone can do this. It isn’t rocket science.
But it’s worse than that. Since most people aren’t encrypting their traffic these days, it’s super easy to see exactly what files are being downloaded by users.
You can see what videos people are watching. What images people are downloading and what songs people are streaming. It’s all in the capture and I’m about to show you how easy it is to do this.
Before we get started I want to warn you that you shouldn’t use this for illicit purposes. The reason I’m showing you how to do this is because I’m trusting you’ll use the informatoin I share to fortify your network and implement the correct controls to strengthen it. Under no circumstances am I espousing Blackhat hacking. By continuing to read you’re promising me you won’t use this to violate the privacy of your peers. Remember, don’t do anything to anyone that you wouldn’t want them to do to you.
Yes I’m loading you up with guilt to prevent your own ruin. I hope it worked.
This is by far going to be one of the most interesting articles you read all week. Why? Because I”m going to show you how to:
See the images a person downloaded
See the video a user streamed
See the password a user typed
See encrypted traffic on Wireshark
Yup, we’re going to break encryption. Get ready to rumble dood because this article is about to kick your ass. Let’s go!
Do you want to be a Wireshark ninja? All the pros know about profiles!
Wireshark profiles are what allow you to switch up the configuration on the fly. You can have one configuration tweaked for network forensics and another configured for latency. You can tune Wireshark to instantly change its behavior with a simple click of the mouse. And it’s the profiles that make this happen! You can different columns, settings and features based on the specific task you’re using Wireshark for.