Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #43524
    Marek Kovalcik
    Participant

    Hello,
    I created Honeypot AP once with no password and once with password, both work well. I would like to sniff what user type into to password field, even if it is wrong password. I sniffed data with wireshark but I am not able to see the passphrases there. I am enclosing some screen and also captured traffic with wiresharek. Could you please advise me how to find to passwords ‘heslo123’ and ‘password’ in this captured data? I cannot see them there.

    On the enclosed screenshot you can see that python can’t open some files: dns2proxy.py, sslstrip.py, … Do I need these files for this? Because even without them the AP works.

    Screenshots and wireshark captured data: http://leteckaposta.cz/189904101

    Thank you

    #43591
    Diego PérezDiego Pérez
    Moderator

    Hi!
    I tried to open your pictures but it just never loads, can you try with a different host provider?

    Thanks!
    Diego

    #43600
    Marek Kovalcik
    Participant

    Hello,
    It is a ZIP file. I posted i to other host provider. It is czech provider. Just press “STÁHNOUT ZÁSILKU”. 🙂 It should work
    https://www.uschovna.cz/zasilka/BCURHH8I2WMBXV4P-386/JA9V36LZUZ

    #43658
    Diego PérezDiego Pérez
    Moderator

    Hi Marek!
    Ok, I could open your materials, do you mean you want to capture the password entered in the fake AP? or the paswword entered in any website the victim visits? Because for the fake AP the only method would be to use the fake Captive portal or fluxion.

    Let me know.
    Diego

    #43667
    Marek Kovalcik
    Participant

    Yes I want to capture the password entered in the fake AP. So this is impossible you say?

    #43712
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Not impossible but you need to use other tools, like the ones I mentioned.

    Greetings!
    Diego

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.