Results 1 to 4 of 4

Thread: Sniff http passwords

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    4

    Default Sniff http passwords

    Hi again,

    I have an question thats about password sniffing.
    I am just trying things for fun so no illegal stuff, but theres one question i have to ask.
    There's a ton of stuff about getting an https password, but how can i sniff a password thats form an http site?

    What kind of software do i have to use to get the password?

  2. #2
    Very good friend of the forum TAPE's Avatar
    Join Date
    Jan 2010
    Location
    Europe
    Posts
    599

    Default Re: Sniff http passwords

    Well, considering that you may be new to this scene and possibly new to Backtrack, I would say that
    reading and Googling is your best option to get a better understanding of what is possible and how
    to protect against it.

    To help you on your way, read up on ;
    > MiTM
    > ettercap
    > arpspoof
    > dsniff

    After you have read up and have experienced some options, check back again.

  3. #3
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    4

    Default Re: Sniff http passwords

    @ TAPE

    I'm not really a newbie . I know all kind of stuff like you said, but it only detects https passwords and if i log in on a http site the password does not show up.

  4. #4
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Sniff http passwords

    Quote Originally Posted by diamondeyes View Post
    @ TAPE

    I'm not really a newbie . I know all kind of stuff like you said, but it only detects https passwords and if i log in on a http site the password does not show up.
    Come on, someone experienced in the things you have just claimed to know about wouldn't need to ask this question. This is exactly why TAPE responded the way he did, and its why I didnt respond the first time I read this thread after seeing TAPE's response, because he is right, you need to obtain more of an understanding of how this process works. Really, go and do what TAPE suggested, and add Wireshark to the list of things to read up on.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Similar Threads

  1. [Video] How to: Crack HTTP passwords (hydra)
    By g0tmi1k in forum BackTrack Videos
    Replies: 28
    Last Post: 04-12-2011, 02:52 AM
  2. ettercap sniff hashed passwords, how to use them?
    By 0biwan in forum Beginners Forum
    Replies: 7
    Last Post: 07-18-2010, 03:30 AM
  3. Is it possible to capture HTTP passwords (Ettercap)
    By OldGregg in forum OLD Newbie Area
    Replies: 8
    Last Post: 07-11-2009, 12:39 PM
  4. Router and http code to test passwords
    By dlink in forum OLD Newbie Area
    Replies: 5
    Last Post: 12-11-2007, 12:50 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •