Page 1 of 1

Capturing form data being sent over a network...

Posted: Fri Feb 27, 2004 4:27 pm
by hawleyjr
I have a conference later next month in which I will be demonstrating the use of https vs http. My focus will be encrypted strings vs non encrypted. I can draw all of the diagrams in the world but what I would like to do is demonstrate with a server how data can be intercepted. I don't want to hack anything or demonstrate any hacking methods. I don't care about hacking, nor does my audience (Insurance Principles). My plan was to bring a computer with an apache server running on it. Launch a browser using a secure form and one in a non secure form. And have some type of program on the server display what is being sent through the form. This isn't a question for a PHP forum; however, my expertise is in PHP and I figured someone should be able to point me into the right direction. Anyway, if anyone has any ideas, please let me know.

Thanks.

-J

Posted: Fri Feb 27, 2004 6:57 pm
by ilovetoast
Weeeeeell. Aside from the obvious "you shouldn't be doing this" arguement, I'll actually answer your question somewhat.

You do this with an application called a packet sniffer. Doing it over a network requires more. I don't think I'll give any more info than that. I don't like to encourage anyone in this area.

peace

Posted: Sun Feb 29, 2004 10:13 am
by hawleyjr
I appreciate the direction. And I agree with you, I don't want to encourage anyone to be mischievous. However, it is hard to display the importance of internet security without solid examples. When your audience is as non-technical as they come, using words like “encrypted” and acronyms like “HTTPS” will confuse the heck out of them; I may as well be speaking in a foreign language.

I appreciate the help.

-JH

Posted: Wed Mar 03, 2004 11:39 am
by AVATAr
Sniffing.. check in google for Ethereal