Cybersecurity Project: Demonstrating Username and Password Sniffing with Wireshark

Welcome to this latest edition of Everything Cybersecurity where we tackle the most common questions related to Cybersecurity. In this article, we will work on an interesting project centered around the process of capturing Telnet traffic using Wireshark to discover usernames and passwords used for server connections, just as a hacker would.

Throughout this project, we will utilize Ubuntu on VMware workstation pro to create a realistic home lab, install Telnet on our Ubuntu server, capture packets using Wireshark, filter the packets to display only Telnet-related data, and then follow TCP streams to reveal the login details, including usernames and passwords, along with a comprehensive record of server activities.

Here's a guide on how to carry out this project;

Step 1: Install and launch Wireshark

If you haven't already installed Wireshark, you can download and install it from the official website

Step 2: Download and Install VMware Workstation Pro

VMware Workstation Pro allows you to create and manage virtual machines on your host computer. Follow the link below to download and install VMware Workstation Pro: Download VMware Workstation Pro

?

Step 3: Create an Ubuntu Server Virtual Machine

Once VMware Workstation Pro is installed, create a new virtual machine for Ubuntu Server.

?? - Follow the prompts to set up the virtual machine.: Installing Ubuntu on VMware Workstation

Step 4: Configure Ubuntu Server Network Settings

After installing VMware Workstation Pro, configure the network settings of the Ubuntu Server virtual machine to ensure it is on the same network as your host computer. Here's how:

?? - Click on the ”VM“ and select "Settings."

?? - In the Settings window, navigate to the "Network Adapter" section.

?? - Set the network adapter to "NAT: Used to share the host's IP address." This setting allows the Ubuntu Server to share the host's IP address and be accessible from the host machine.

Step 5: Power On the Ubuntu Server and Obtain the IP Address

?? - After creating the Ubuntu Server virtual machine, power it on within VMware Workstation Pro.

?? - Run the command ifconfig to determine the IP address assigned to the Ubuntu Server.

Step 6: Install Telnet on Ubuntu Server

While in the terminal, install Telnet by running the following command:

????????????? sudo apt install telnetd        

Check if it is installed by running the following command

????????????? sudo dpkg -l | grep telnetd        

Here is a guide in case you encounter issues installing telnet; Here

Step 7: Select Network Interface to capture telnet traffic

Now launch your Wireshark, and you'll be prompted to select a network interface to capture traffic.

?? - Select “VMware Network Adapter VMnet8”

After selecting the network interface, it should look like this.

?

Step 8: Download Putty and Initiate Telnet Connection

Putty is a free and open-source SSH and Telnet client for Windows and Unix platforms and we will be using it to connect to our Ubuntu server. Download Putty

Open Putty on your host machine. In the "Host Name (or IP address)" field, enter the IP address of the Ubuntu Server virtual machine obtained in Step 5.

?? - Set the connection type to "Telnet" by selecting the appropriate radio button.

Once connected, you'll be prompted to enter your username and password.

Step 9: Monitor Wireshark for Telnet Traffic

As you log in to the Ubuntu Server via Telnet using Putty, Wireshark will capture the network traffic passing through the selected interface.

?? - Go to Wireshark and click on the "Stop" red button to halt the packet capture process.

Step 10: Analyze Telnet Packets with Wireshark

To further analyze Telnet traffic in Wireshark, apply a display filter to focus only on Telnet packets:

?? - Go to the filter box and enter "Telnet" as the filter criterion.

?? - Click "Apply" to filter for only Telnet traffic.

?? - Navigate to the "Analyze" tab in Wireshark.

?

?? - Select "Follow" and then click "TCP Stream."

?

This action will display a comprehensive view of the Telnet session you were sniffing, including the username and password transmitted in plain text.

This analysis demonstrates how hackers can intercept sensitive credentials via Telnet sessions, emphasizing the critical importance of encryption and secure protocols in network communication.

?

Conclusion

Following these steps, users can effectively capture and analyze Telnet traffic using Wireshark within a virtualized environment created with VMware Workstation Pro.

Important Notice: Ensure that you have proper authorization and consent before attempting to capture and inspect Telnet traffic. Also, respect privacy and legal boundaries when analyzing network traffic.

?#everythingcybersecurity hashtag#newsletter hashtag#ecsl hashtag#linkedin hashtag#odinakaresources hashtag#cybersecurity

?

?