Wireshark Packet Sniffer

Wireshark Packet Sniffer


Sniffers are the tools which extracts packets which are travelling from your Ethernet card. A packet is unit of data or information used to communicate.

Also Read:
 Website Hacking

All the information like webpage contents, mails, chats, usernames, passwords, cookies, sessions everything can be sniffed with these sniffing tools.

Wire Shark Tool:

Wire shark is open source and free software for sniffer. We can capture packets which are passing from our LAN card. It has lots of capabilities like analyzing protocols, VOIP calls traffic too can be detected, raw USB raw traffic.

Why waiting? Download it from wireshark.org. Let’s start capturing packets travelling from wire shark.

Procedure to Capture Packet:

  1. download and install wire shark.
  2. Select interface you desired to capture packets, from capture menu.
  3. Select interface. You want to capture.
  4. packets in your network will be displayed in top grid with complete information like source, destination, protocol length, info. Right click on any TCP packet choose 'follow TCP stream' to see the data in the stream of packets.

Note: if we use unencrypted protocols like HTTP, then all the data we enter will flow in unencrypted way. So it’s easy to sniff passwords with the help of sniffing tools like wire shark.

Other Supporting Tools :

1. Reverse IP lookup:

If an attacker tries to hack a website, he will check for all the possible or vulnerabilities then he will try to break into the website. What if the site has no vulnerabilities and the attacker still wants to hack the website?

If anyone website has a problem and is compromised by an attacker, then all the other websites can be compromised by him if gains root access to the server. But, the question here is how to find out the other website is hosted.

Reverse IP lookup is handy in such situations. The idea behind reverse IP lookup is to list out all the domains hosted on the same server. Here is an online service that performs reverse IP.

Click on the link and enter the domain name of your target.

2. IP address:

Hackers know that they are doing a crime and will be traced if they perform an attack directly with their original IP address. So they hide their original IP address. It becomes difficult for the investigators to trace them if attackers hide his original IP address.

How do they hide their identity?

This is possible with some wonderful tools called proxies and VPNs. There is the number of services available to hide our identity online. It can be a free service or a paid service. In paid services, since we pay some money it will be more reliable.

3. Proxy Servers:

A proxy acts as an intermediary between computer and server. It means we are not directly interacting with the server. Instead, we will interact with the proxy server which in turn interacts with the target server.

All the requests sent from our computer, will go to the server via a proxy server. There are different types of proxy servers available to us. Here I will discuss web proxy.

What is web proxy?

A web proxy is similar to other proxies in forwarding HTTP requests. But, web proxies accept the target server’s URL, within the browser window of a user. Then it processes the request and displays the results back to the user on his browser.

Where can I get these web proxies?

www.proxy.org you can get number of web proxies.

All we need to do is, select any one proxy from the huge list. Run it and browse your websites through that selected proxy.

What makes the difference?

If I browse a website without any proxy, then my original IP will be visible to my target website. If I use a proxy, my original IP will be hidden and the proxy’s IP will be visible to my target website.

Since proxy is acting as an intermediary, it can log all the data we are surfing including our computer’s IP address. So it is not 100% safe to use proxies for hiding your identity.

The major disadvantage with proxies is, many of those use HTTP protocol which causes our data to be passed in clear text format, which allows an attacker to sniff our passwords in plain text.

This problem can be avoided with the help of VPNs.

Credit: Sai Satish (Indian Servers CEO)