So please use one of these apps instead. They all used plaintext network transmission on Feb 10, 2019, but eventually they may be fixed or removed.
Trader Joe's Fan |
Equity Pandit(Use "Create Account" page to see password) |
Stock Screener: Stock Analyst(Uses SHA-1 hash of password)
|
Drink Mixer FREE drink recipes |
Recipes by Ingredients |
Diet Plan |
In the main Wireshark window, double-click the network interface that is being used to reach the Internet. On my system, it is "Wi-Fi: en0", outlined in green in the image below.
Wirehark starts displaying packets. At the top, in the Filter bar, enter this display filter:
http
Press Enter to filter the traffic.
On your Android device, in the vulnerable app, submit these login credentials, as shown below
Wireshark shows a captured POST request, as shown below.
In the top pane of Wireshark, right-click the POST request, and click Follow, "TCP Stream", as shown above.
Troubleshooting
If you don't see any packets, try these fixes:
- Click the red square button to stop the capture
- From the menu, click Capture, Options
- Choose a different network adapter
- If the "Link-layer header" is set to "802.11...", scroll to the right and uncheck the monitor box
The request appears, containing YOUR NAME, as shown below.
Save a full-desktop image. On a Mac, press Shift+Commmand+3. On a PC, press Shift+PrntScrn and paste into Paint.
YOU MUST SUBMIT A FULL-SCREEN IMAGE FOR FULL CREDIT!
Save the image with the filename "YOUR NAME Proj 7x", replacing "YOUR NAME" with your real name.