Hi everybody, I'm studing wireshark and I'm trying to sniffing my webmail
password.These are some date that I pick up with it:
181445.680284192.168.1.*21*.52.84.153HTTPPOST /cp/ps/Main/login/Authenticate?trsId=4524631&rndPrx=0.7080723282452864
HTTP/1.1 (application/x-www-form-urlencoded)
with tcp stream:
GET /cp/ps/Main/loadingInside?d=domain.it&u=user&t=971554d47d100d66 HTTP/1.1
Host: mailbeta.domain.it
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.4)
Gecko/2008102920 Firefox/3.0.4
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer:
http://mailbeta.domain.it/cp/ps/Main/login/AuthenticateReal?callAPITONotify=false&va=1266882504441&d=domain.it&rndPrx=0.30611842451881544&isTestCp=false&u=user&cookieAccepted=yes&trsId=4524631&fromSso=yes&s=1266882504441
Cookie: JSESSIONID=FA2882B3A2BBEB8225F69FD763EF7D2A;
Domain=84.13.53.231.1266882471756605;
__utma=267072147.2053639337.1266882716.1266882716.1266882716.1;
__utmb=267072147.1.10.1266882716; __utmc=267072147;
__utmz=267072147.1266882716.1.1.utmcsr=google|utmccn=(organic)|
utmcmd=organic|utmctr=domain; LIB_ADV_CK=4-1-93-12-0;
LIB_SSO_CK=NzFhYmU0ZmYwYTQ5NDhiYzliMWY5YTRiNjE5MjRkMTlQ0vC74AjZ315eM4UlCxHlgg0DmffScSSgVQPNBxzfPQ%253D%253D;
LIB_NAME_CK=NWRlMTZjZDExM2RlNjVkYTZjZjZiNTEwMjcwMzgzZWQ6FsDDEOnrRcrmDFFW9%252Bnw;
WMAIL=smart; s=1266882504441; rndPrx=_0.30611842451881544; bk=wmail33:8000
I can see the username, &u=user.But I don't understand what should be the
password.There isn't a field "password" just a field iterate a lot close to
the username &u that is &t=971554d47d100d66.But it isn't my password.
What do you suggest me?
Thank for your help