Hack website using wireshark

For each and every website you will be submitting all you credentials.All the details get stored on their database.But when a website allows you to authenticate using HTTPS to capture the traffic and later analyze that from over a LAN.But doing this over a LAN is very easy and you don't believe how insecure HTTPS is.So let's take a simple website.

1.Start Wire shark and capture the traffic.
2.After opening wireshark go to Capture-->Interface and select the interface which you need it may be wlan0 , mon0 etc.
3.After that click on START and it automatically starts capturing.
4.Wireshark captures all the traffic.Now login to any website by submitting username and password
5.When you submit your username and password and clicked on login it automatically generates POST method.

Analyze Post Data
1.Now right click on that you can see there  "Follow TCP Stream"

You can see something like this
 
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: non=non; expires=Thu, 07-Nov-2024 23:52:21 GMT; path=/
Set-Cookie: password=e4b7c855be6e3d4307b8d6ba4cd4ab91; expires=Thu, 07-Nov-2024 23:52:21 GMT; path=/
Set-Cookie: scifuser=sampleuser; expires=Thu, 07-Nov-2024 23:52:21 GMT; path=/
Location: loggedin.php
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8 

So there you can see the username and password.I don't think that password can be that much long. Sounds interesting.Now try to identify the hash type

How to identify hash type

1.Use hash identifier to find out what type of hash it is.
2.Now open the terminal box and paste the hash value,it automatically searches for it.
3.It must be definitely MD5 hash value.
4.crack that MD5 hash value using this command

root@kali:~# hashcat -m 0 -a 0 /root/wireshark-hash.lf /root/rollstoys.txt.

So by using this command your final out come will be like this
Username:sampleuser
password: e4b7c855be6e3d4307b8d6ba4cd4ab91:simplepassword