Wireshark-users: Re: [Wireshark-users] Hello
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: Martin Visser <martinvisser99@xxxxxxxxx>
Date: Tue, 7 Jul 2009 17:00:13 +1000
Sergio,

The kpasswd field is only relevent for Kerberos passwords, such as you would be using when authenticating against Microsoft Active Directory, so it is not relevant for web-based authentication.

If the password is a field submitted via a HTTP GET or POST method then it probably can be found via a filter something like:-

http.request.method == POST && (data-text-lines contains yourpassword)

http.request.method == GET && (http.request.uri contains contains yourpassword)

Of course best practice would see that any passwords are protected via SSL (HTTPS) so you may not see a lot unless you have access to the server's SSL certificate private key.

Regards, Martin

MartinVisser99@xxxxxxxxx


2009/7/7 SÉRGIO ARAÚJO <smfaraujo@xxxxxxxxx>
I want to know how i can filter passwords, i tried a filter like kpasswd.result_string but nothing cames when i introduce a password in a web page.

What i want is when a digit a password in a web page it can be filered and showned, for me to have a registration of the passwords i enter in web pages.
 
Please if u have that acknolegmente to do it reply to this message.

With all my regards, preciate

Thanks

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe