Bootstrap FreeKB - Wireshark - View HTTP usernames and passwords
Wireshark - View HTTP usernames and passwords

Updated:   |  Wireshark articles

Lets say there is a Web page Notice this page is using the unencrypted HTTP protocol. We can follow these steps in Wireshark to capture the unencrypted packets:

  1. Start a capture in Wireshark.
  2. Navigate to and sign in. In this example, username and password Super-secret-password are used.
  3. Stop the catpure in Wireshark.
  4. Type HTTP into the Filter and select Apply.
  5. Highlight the POST /Account/Login packet.
  6. Expand HTML Form URL Encoded.


Using the same example, instead of signing in at, if we signed in the HTTPS page,, and run Wireshark, we can see the traffic is definitely encrypted, and we can not see the username or password.


Note: If we have access to the private key, we can decrypt the SSL traffic.

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Add a Comment

Please enter bbd4fa in the box below so that we can be sure you are a human.