[Wireshark]How to detect clear-text traffic using Wireshark.

You will learn how to detect sensitive data flowing via the network in clear text format.

Why you need to know

Some of the applications allow their users to communicate via protocols like HTTP, FTP, Telnet. These protocols transfer data over TCP in clear text. As a network admin, you need to know how determine if there is any sensitive info flowing via the network.

Network Topology


1: Login Domain Controller

2: Start WampServer.

3: Make sure that windows firewall is off

4:Login DHCP server

5: install Cain&Abel + WinPcap

6:To configure Ethernet card, Configure from menu bar. Leave the settings set to default. Click OK

7:Click Start/stop sniffer tab and Sniffer tab

8:Click the plus (+) icon. The mac address scanner window appears, select Range button, enter the scan range– Check All Tests, then OK

9:Cain& Abel starts scanning for MAC address and lists all those found.

10: Click ARP bottom left and plus icon

11: Select (domain controller) from the left and (windows 10) from the right

12: Select the added IP address in the configuration/routed packets, and click Start/Stop ARP.

13: Open WireShark and choose the Ethernet

14: Go to windows 10 and open browser. Type

*If you get 403 error message like this

Go to WampServer > Apache > httpd-vhost.conf

When you open it, it looks like this

You change it to

So that you can see the login console (Sorry it’s Japanese)

You type username:admin, password:test and click login

15: Go back to domain controller and see WireShark

16: type “http contains wordpress”

17: Choose the HTTP post packet from the filtered list and right-click on its HTML form encoded and click Follow → TCP Steam

18:Wireshark -Follow TCP Stream window appears. This window contains the POST form data, along with the password used to log in to the wordpress website.


You learned how to detect sensitive data flowing via the network in clear text format.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store