I'm trying to use wireshark to snag AIM passwords on my network, (just for harmless friendly pranks) but I can't locate the password hash. I've found the packet that supposedly contains it, but the "value" field is blank. This is the plaintext translation of the section of the packet that supposedly contains the hash:
AIM Signon, Logon
TLV: Password Hash (MD5)
Value ID: Password Hash (MD5) (0x0025)
Length: 16
Value
Does anyone have any experience with this? I have tried using Cain & Abel also and it doesn't pick up any passwords for this either.
Find a local pizza place, movie theater, and more….then map the best route!
Find it!