Capturing form data being sent over a network...

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
User avatar
hawleyjr
BeerMod
Posts: 2170
Joined: Tue Jan 13, 2004 4:58 pm
Location: Jax FL & Spokane WA USA

Capturing form data being sent over a network...

Post by hawleyjr »

I have a conference later next month in which I will be demonstrating the use of https vs http. My focus will be encrypted strings vs non encrypted. I can draw all of the diagrams in the world but what I would like to do is demonstrate with a server how data can be intercepted. I don't want to hack anything or demonstrate any hacking methods. I don't care about hacking, nor does my audience (Insurance Principles). My plan was to bring a computer with an apache server running on it. Launch a browser using a secure form and one in a non secure form. And have some type of program on the server display what is being sent through the form. This isn't a question for a PHP forum; however, my expertise is in PHP and I figured someone should be able to point me into the right direction. Anyway, if anyone has any ideas, please let me know.

Thanks.

-J
ilovetoast
Forum Contributor
Posts: 142
Joined: Thu Jan 15, 2004 7:34 pm

Post by ilovetoast »

Weeeeeell. Aside from the obvious "you shouldn't be doing this" arguement, I'll actually answer your question somewhat.

You do this with an application called a packet sniffer. Doing it over a network requires more. I don't think I'll give any more info than that. I don't like to encourage anyone in this area.

peace
User avatar
hawleyjr
BeerMod
Posts: 2170
Joined: Tue Jan 13, 2004 4:58 pm
Location: Jax FL & Spokane WA USA

Post by hawleyjr »

I appreciate the direction. And I agree with you, I don't want to encourage anyone to be mischievous. However, it is hard to display the importance of internet security without solid examples. When your audience is as non-technical as they come, using words like “encrypted” and acronyms like “HTTPS” will confuse the heck out of them; I may as well be speaking in a foreign language.

I appreciate the help.

-JH
User avatar
AVATAr
Forum Regular
Posts: 524
Joined: Tue Jul 16, 2002 4:19 pm
Location: Uruguay -- Montevideo
Contact:

Post by AVATAr »

Sniffing.. check in google for Ethereal
Post Reply