Re: Passwordlist in Wireshark - User feedback wanted

[Dario Lombardo <lomato () gmail com>]

Actually no code for extracting credentials has been added. It's a tap that
collects them and shows a table with them. The credentials already exist in
wireshark in clear text.
2 protocols have been instrumented so far, http (basic and header auth) and
ftp.

On Sat, Jun 15, 2019, 09:57 Tomasz Moń <desowin () gmail com> wrote:

> On Fri, Jun 14, 2019 at 10:27 PM Roland Knall <rknall () gmail com> wrote:
> > There is a patch currently waiting for inclusion. It would allow for
> dissectors to easily make credentials (username/password) available and
> present them in a tool window in Wireshark.
>
> I understand that you mean, that it'd be easy to present the
> credentials if the dissector is able to extract/derive the password.
> If the protocol is cryptographically secure, then without keys, the
> change in question won't have any impact, right?
>
> In other words, it is not about integrating some password cracking
> mechanism but rather API to simply present the decoded information?
> ___________________________________________________________________________
> Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> Archives:    https://www.wireshark.org/lists/wireshark-dev
> Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
>              mailto:wireshark-dev-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe