?
Solved

Data Capturing

Posted on 2014-04-18
8
Medium Priority
?
591 Views
Last Modified: 2014-05-03
Hi Experts,
I would be able to capture data as chatting messages and passwords come through my TP-Link router.

Appreciate for any help
0
Comment
Question by:lexmark1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 25

Assisted Solution

by:Zephyr ICT
Zephyr ICT earned 501 total points
ID: 40008517
Wireshark is the go-to tool for capturing packets, either on LAN or WAN, it won't give you the passwords or chat messages in a clear to see way but you can use filters to optimize it, more info to use Wireshark on WiFi: http://wiki.wireshark.org/CaptureSetup/WLAN

There's also loads of videos and howto's out there on using Wireshark to capture traffic.

Let me know if you need more info.
0
 
LVL 25

Assisted Solution

by:Mohammed Khawaja
Mohammed Khawaja earned 498 total points
ID: 40008577
Most sites that require authentication utilizes SSL and same for chats.  You will not be able to see them in plain-text as they will be encrypted.
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 40008696
If your IM client requires SSL/TLS, try using an SSL MiTM proxy, such as Burp Suite, Fiddler, or Charles.  Succeeding may depend on whether or not the IM client will inherently trust untrusted certs, or is configurable to do so.

Depending on the IM client, different approaches may be required-- for example Lync.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 36

Accepted Solution

by:
Kimputer earned 501 total points
ID: 40008730
Also, you're probably missing the hardware requirements to capture the actual packets (unless you got a hold of a fancy custom firmware). You need an old hub or managed switch with port mirroring on any end where ALL data packets come together, and connect your laptop with Wireshark before you can even start decoding the packets.

Situation 1:
It's a modem router, there's no WAN port (but directly to the phone line/ADSL). You can't capture Wifi! You need an extra switch besides the old hub or managed switch that I mentioned before. Connect all LAN cables to this switch, then a cable to the old hub or managed switch. Then a cable to the TPLink. Your laptop will be connected to the hub/managed switch
Situation 2:
It's a "normal" router with wifi. Connect WAN from TPLink to your hub/mananged switch, from there connect to the original location (probably modem). Connect laptop to hub/managed switch.
0
 

Author Comment

by:lexmark1
ID: 40010075
Thanks for all participators,
In deed I used a Cisco switch and connect my laptop to the mirror port also I used Wfilter software to track users I can see websites and web mail but not whatsapp and viber chatting also I am unable to see passwords.

Thanks
0
 
LVL 36

Expert Comment

by:Kimputer
ID: 40010763
Ok good to know. But those are indeed secured traffic. I'm not even sure is it's basic SSL/TSL, or if there's an extra own encryption layer above it (like Skype used to have). As stated above, if you try any man in the middle attack, you risk breaking the client (and if not, probably a big warning sign which might frighten the user into continuing his session).
And if an extra encryption layer is used, you might need months if not years to crack it.
0
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40010903
My question is what are you trying to achieve?
0
 

Author Comment

by:lexmark1
ID: 40014434
I want to be able to capture any chatting messages and any password in plain text.

Thanks
0

Featured Post

WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question