How to Analyze Network Packets using Wireshark

Here is a simple process of analysing packets using wireshark. Packets are captured using a tool called wireshark which is one of the most popular tool to capture packets being sent over a network. This can be used to perform man in the middle attack or to sniff the network over a network. By sniffing a network, targets traffic can be checked or http passwords being sent over the network can be checked.



THIS IS FOR EDUCATIONAL PURPOSE ONLY, I AM NOT RESPONSIBLE FOR ANY ILLEGAL ACTIVITIES DONE BY VISITORS, THIS IS FOR ETHICAL PURPOSE ONLY



REQUIREMENTS:

        1. Windows / Linux Machine

        2. Wireshark --> Download Here

What Is Wireshark


Wireshark is one if the best network protocol analyser, this can capture and analyse the packers over the network and perform a sniffing attack or man in middle attack.


Features:

  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Capture files compressed with gzip can be decompressed on the fly
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis

How Network Packet Analysis is done?


Step 1: Download and Install Wireshark

Step 2: Open Wireshark and Select Interface as “Wifi” or what ever interface you are trying to sniff. 



Step 3: All the Packets that are being transferred over the network will be shown. Here i am trying to sniff my own packets to be used as example for this tutorial. 



Step 4:  Try generating some packets, surf over the internet for a min and try checking if it is present in the wireshark or not. Here I will open way2sms and check the packets in wireshark. Just to make sure the packets got sniffed or not.
if someone on your network is browsing something, everything gets sniffed. As long as the wireshark is running; all the traffic generated by the whole network can be recorded or sniffed. 




Step 5: Lot of packets were capture as shown in the figure below




Step 6: now search for the string way2sms as I opened way2sms website. Type “frame contains way2sms

here way2sms is the website i used as an example. if you know which website the target is visiting and you want to capture the data of that particular website; such a filter can be used. 

Select HTTP protocol and  POST Info, then right click on it --> Follow --> TCP Stream 


Step 7: Here you can see the packets from way2sms, if the victim, logged into the website; you can see the login credentials as well. 




That's how you sniff traffic over a network very easily. 

==========     Hacking Don't Need Agreements     ==========
Just Remember One Thing You Don't Need To Seek Anyone's  Permission To Hack Anything Or Anyone As Long As It Is Ethical, This Is The Main Principle Of Hacking Dream
    Thank You for Reading My Post, I Hope It Will Be Useful For You

I Will Be Very Happy To Help You So For Queries or Any Problem Comment Below Or You Can Mail Me At Bhanu@HackingDream.net


Bhanu Namikaze
Bhanu Namikaze

Bhanu Namikaze is an Ethical Hacker, Web Developer, Student and Mechanical Engineer. He Enjoys writing articles, Blogging, Solving Errors, Social Surfing and Social Networking. Feel Free to let me know any of your concerns about hacking or let me know if you need any more methods on hacking anything. Enjoy Learning

Loading...