1,234
edits
Changes
→Apache traffic
* This time the traffic will be between alice and lin1, and we'll do the packet capture on lin1a1, which is the gateway out of the asg1 network:<source>tcpdump -i eth1 tcp -w gatewaytcp.pcap</source>
* Which will capture all TCP traffic going through the gateway, including the communication we want to sniff.
* Open Firefox in the alice machine, close the extra tabs, and go to lin1.yourusername.ops. Type in the username and password to see your webpage.
* Stop the packet capturing on the gateway, scp the gatewaytcp.pcap file to c7host, and open it with wireshark.
* Look for a line with GET / HTTP/1.1 in the info column, and an "Authorization" line in the Hypretext Transfer Protocol section of that packet.
* With just a bit of browsing you should be able to find the username and password you've typed in when you logged in. Notice that no cracking of brute-forcing was needed.
