Nowadays, hackers love to exploit our online world. They do so by creating fake websites or login pages to collect sensitive data. Hackers usually trick their victims into revealing sensitive information to the attackers or we called it a Phishing attack. Phishing is a type of social engineering attack often used to steal user data, including login credentials, and credit card numbers. 

In this sharing, we gonna used two tools, Wireshark and VMWare to do the demonstration of packet sniffing. But before that what are Wireshark and VMWare?

Wireshark:

• A free and open-source packet analyzer. 
• It is used for network troubleshooting, analysis, software and communications protocol development, and education.

VMWare:

• VMware Workstation is a line of Desktop Hypervisor products which lets users run virtual machines, containers and Kubernetes clusters.

Sniffing the network using Wireshark

Wireshark will be used to sniff data packets as they are transmitted over the HTTP protocol in this practical scenario. In this example, we will use Wireshark to sniff the network before logging into a web application that does not use secure communication to steal the login credentials.. We will use http://www.techpanda.org/  to access a web application.

The illustration below shows you the steps that you will carry out to complete this exercise without confusion:

By analyzing the HTTP protocol, you should be able to view the plaintext values of all the POST variables submitted to the server via HTTP protocol. You can now view the login credentials that have been captured by Wireshark.

For more details and step-by-step tutorials, you can watch the Youtube video. We did the demonstration during the sharing! Thank you!

For more details and information you can watch the video below, happy watching!!