But your home LAN doesn't have any interesting or exotic packets on it? Here's some goodies to try. You want to take the program for a test drive. So you're at home tonight, having just installed Wireshark. ETSI Intelligent Transport Systems (ITS) Protocols.ua/udp, ua3g and noe protocols (Alcatel-Lucent Enterprise).Nano / RaiBlocks Cryptocurrency Protocol.Distributed Interactive Simulation (IEEE 1278).CBOR (Concise Binary Object Representation).DOF (Distributed Object Framework) Protocols.HCrt (Hotline Command-response Transaction) Protocol.Radio Frequency Identification (RFID), and Near-Field Communication (NFC).Lontalk (EIA-709.1) encapsulated in EIA-852.TrunkPack Network Control Protocol (TPNCP).Architecture for Control Networks (ACN).
DTLS JPAKE as used in ThreadGroup Commissioning. Pro-MPEG FEC - Professional video FEC data over RTP. Example 2: Dissection of encrypted (and UDP-encapsulated) IKEv2 and ESP messages. Example 1: ESP Payload Decryption and Authentication Checking Examples. Kerberos and keytab file for decryption. SMPP (Short Message Peer-to-Peer) Protocol. SAN Protocol Captures (iSCSI, ATAoverEthernet, FibreChannel, SCSI-OSD and other SAN related protocols). Lightweight Directory Access Protocol (LDAP). USB packets with Darwin (macOS, etc.) headers. Stream Control Transmission Protocol (SCTP). MS SQL Server protocol - Tabular Data Stream (TDS). PostgreSQL v3 Frontend/Backend Protocol. Server Message Block (SMB)/Common Internet File System (CIFS). Specific Protocols and Protocol Families. And you have just located the password and username you have entered on the unprotected login page - whether or not the password and username are correct are irrelevant. Once you get there look in the red text paragraphs and try to find what I was able to locate in the picture. Then you will right click on it and go down to "FOLLOW" then to "TCP STREAM". You can see exactly what I am talking about if you follow the pictures above. Then at the far right of the packet in the info section you will see something like ".login" or "/login". This drastically narrows the search and helps to slow down the traffic by minimizing what pops up on the screen. By filtering this you are now only looking at the post packet for HTTP. Wireshark comes with the option to filter packets. 
HTTP (Hyper Text Transfer Protocol) is the protocol we will be dealing with when looking for passwords. The second step to finding the packets that contain login information is to understand the protocol to look for.
0 kommentar(er)
