Re: Passwordlist in Wireshark - User feedback wanted

[Sake Blok | SYN-bit <sake.blok () SYN-bit nl>]

> On 19 Jun 2019 (Wed), at 14:00, Dario Lombardo <lomato () gmail com> wrote:
> On Mon, Jun 17, 2019 at 1:42 PM Sake Blok | SYN-bit <sake.blok () syn-bit nl <mailto:sake.blok () syn-bit nl>> wrote:
> Hi Dario,
> To me for troubleshooting issues, it is sufficient to see the usernames and sometimes extract a password, but I do 
> not need a list of them
> For security awareness, you do not need the passwords, just the protocol and username and the fact that the password 
> is available in the pcap file
> For hacking you would want to have the full list, but then I would prefer people to use other available tools to keep 
> Wireshark on the friendly side of the line.
>
>
> Hi Sake
> I am partially convinced by what you said. Partially because I'm not totally convinced, but I think also that "for 
> troubleshooting it is sufficient to see the usernames" actually _IS_ a point.
> A solution that could kill 2 pigeons with a stone could be to leave the passwords behind, but add a shortcut to "go 
> to the packet" where you can find the actual password. That will raise the credentials to the attention of the 
> analyst, but would require a step, that is pretty similar to the regular wireshark use, to obtain the single password.
> The good part is that adding or removing the presence of the password is very easy, so adding them back, in case we 
> will want them, will not require too much work.
> Would it work?

Sounds like a good compromise to me!

Sake

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe