[Martin Visser <martinvisser99@xxxxxxxxx>]

Sergio,

The kpasswd field is only relevent for Kerberos passwords, such as you would be using when authenticating against Microsoft Active Directory, so it is not relevant for web-based authentication.

If the password is a field submitted via a HTTP GET or POST method then it probably can be found via a filter something like:-

http.request.method == POST && (data-text-lines contains yourpassword)

http.request.method == GET && (http.request.uri contains contains yourpassword)

Of course best practice would see that any passwords are protected via SSL (HTTPS) so you may not see a lot unless you have access to the server's SSL certificate private key. 

Regards, Martin

MartinVisser99@xxxxxxxxx

2009/7/7 SÉRGIO ARAÚJO <smfaraujo@xxxxxxxxx>

I want to know how i can filter passwords, i tried a filter like kpasswd.result_string but nothing cames when i introduce a password in a web page.

What i want is when a digit a password in a web page it can be filered and showned, for me to have a registration of the passwords i enter in web pages.
 
Please if u have that acknolegmente to do it reply to this message.

With all my regards, preciate

Thanks

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe