Wireshark is soooo nice. Whoever wrote that deserves a big award.

Nice vid Shannon! Ah I remember my first wireshark session. First thing I did, is see if I could snag my credentials on a locally hosted cms I managed. Yup. WELL that got me thinking. Time to buy a cert. LoL.

what is the third party website you said? that can show your password on plain text

I just heard on the Security Now broadcast (or one in the last 3 months) that there's a way that you can decrypt your own TLS traffic to see the innards. Your browser will automatically decrypt and put the information in a special file that Wireshark can read. Google 'Security Now Episode 573' and go to the transcript, search for Wireshark. "I have in the show notes the link to the write-up, a detailed write-up of the way to decrypt TLS browser traffic with Wireshark. It turns out that developers can place an environment variable in their system, SSLKEYLOGFILE. So you set the SSL key log file to a specific filename. And Firefox and Chrome, only those two, but who needs anything else, will honor that environment variable. And here's the key. Every TLS connection the browser establishes, it logs the cryptographic keys for the connection. " Steve says it's good for developers. I'm not 100% sure it will be useful for hackers, but I believe there's nothing stopping us from decrypting our own TLS traffic. This could be extremely useful to look for potential vulnerabilities with the data an app is sending via encrypted channels. Good luck!

Haha, good to see that I wasn't the only one who registered the "433"-mistake throughout this video and video-description! :P

Excellent information.

your your inside your own network so you can sniff all data but its not always sent encrypted as it was a post method, its then encrypted and compared to the encrypted stored version for comparison sending it encrypted already requires client side script that could give away how it all works whitch would be less secure! its not as easy as you think to deal with encryption all the time at every level but storing it is very easy to make secure, then it relies on your files and how safe they are lol

HI HOW CAN I GET IP ADDRESS OF KZbinR FROM THEIR COMMENTS CAN I SNIFF THEIR COMMENTS HUH

where i find plaintestpassword?

Great information Shannon, new security analyst and HakTip has been my best friend as of late. Good thing your easy on the eyes...smoking hot.

Hey tehcie, use some hacking method to choke that green splash on your hair

hey can you pleas show me how to find password of my router tnx :)

ah, the webdriver has brought me in my chains here. how unspecific. how irrelevant.

ache tee tee pee - HTTP lol