1 00:00:00,390 --> 00:00:01,030 OK. 2 00:00:01,110 --> 00:00:06,690 So in this story, I will show you how to sniff login information from the captive portal. 3 00:00:07,680 --> 00:00:14,700 So first off, make sure the access point is up and running, then in the Terminal Typekit shark and 4 00:00:14,700 --> 00:00:21,330 said the interface to double and zero and use DSW W to store the data in a file. 5 00:00:22,140 --> 00:00:27,420 So I'm going to put CAPTCHA iChat for the file and press enter. 6 00:00:28,080 --> 00:00:34,340 And now I'm capturing packets on double and zero interface in a file called Capture Cat. 7 00:00:35,790 --> 00:00:40,470 OK, now let's go to the Windows machine and connect to free Wi-Fi. 8 00:00:41,430 --> 00:00:47,550 And you can see when I connect to the access point, I automatically get directly to the login page. 9 00:00:48,690 --> 00:00:55,470 Now, let's say I want to access a different web page, so I will open a new tab and type google.com. 10 00:00:56,400 --> 00:01:02,340 And you can see I've been redirected to the login page where I need to pull the username and password. 11 00:01:03,300 --> 00:01:11,520 So I will type John for the username and put let me press in for the password and click login. 12 00:01:12,720 --> 00:01:20,760 OK, so let's go back to the machine and stop the capturing process and open the capture file, which 13 00:01:20,760 --> 00:01:22,800 is saved in the home directory. 14 00:01:23,580 --> 00:01:32,370 So if I use a place, you can see the CAPTCHA except for you now to open the file type Wireshark and 15 00:01:32,370 --> 00:01:33,660 the name of the fire. 16 00:01:34,320 --> 00:01:41,140 And here are the packets from the double and zero interface, which I have captured using Kiesha. 17 00:01:42,480 --> 00:01:48,870 Now the next step is to change the filter to 8TB and look for post request. 18 00:01:50,000 --> 00:01:53,120 And here is the Ekiti People's request. 19 00:01:53,450 --> 00:01:59,990 And if I go and click on the email form, you can see the username and password. 20 00:02:00,980 --> 00:02:04,550 So thanks for watching and I will see you next time.