So to test out this cool and dangerous software, first, go to the website: www.wireshark.org or if the URL does not work, then go to any search engines and search for "Wireshark" and you will come to the webpage as shown in screenshot below>>>>>
To download..... it should be very obvious.... just simply click the very big "Download Wireshark" icon or the link just below it.....After a successful download, double-click on the installer to run it and follow any default installation procedures....
After installing, go to your Start menu, move your cursor over the "All programs" to expand the list, click Wireshark and click Wireshark again...... Wireshark will start up and show you a page similar to the screenshot below....
(Just for some safty reasons I shall not show anymore screenshot and I will try my best to guide you well by words)Ok,,,, so after seeing this, click on the Capture tab and then choose Interfaces, select the network interface adapter for your computer and then click Start to let the program start capturing any packets that pass through your computer's network interface adapter.....
Next, go to your Start menu and search for a program call "Command prompt" and open it, there, type "ftp server1" and press the "enter" button on your keyboard... After which some comments will appear and after it does, type "quit" and press the "enter" button on your keyboard again, then click on the "exit" button to close the command prompt window....
Now, it is time for the fun part..... we shall now try to use the wireshark program to capture passwords and other login information....
So..... now open your web browser and go to www.bluehost.com/cgi-bin/uftp/ .... there, enter "Gerald" for the username and "happy" for the password and press Enter,, this will cause an error message to appear, telling you that your inputs are invalid...
Return to your wireshark window and click on the Edit tab and choose Find Packet... click on the String tab.... Under "Filter:" type "Gerald" and then click on the Find button.... it will highlight one of the packets captured and at the bottom half of your wireshark window, you will be able to see both the username and password that you have just entered, this can also be seen by any other attackers if they are also able to capture this particular "packet" or if they are able to view your computer records......
So remember to close your wireshark when you finish and choose not to save any data.....
REFLECTIONS!!!!!
I have learnt that a protocol analyzer is a computer software or hardware that can intercept and log traffic passing over a digital network or part of it.And through wireshark, a person can capture and view passwords and other infos. You can counter such problems by not blindly having passwords that are similar to any of your important accounts such as your bank accounts. So that if your password for some minor website account is being captured by others, they would not be able to access any of your important ones.... Or you can change your password frequently so that they will not be able to access your accounts even if they haved captured your passwords.
No comments:
Post a Comment