Table of Contents TITLE:
Capture FTP & HTTP Basic Auth traffic in Wireshark to expose passwords sent in plain text.
Detailed YouTube Description:
In this eye-opening video, we demonstrate how easily passwords can be stolen when using insecure protocols like FTP and HTTP Basic Authentication. Using Wireshark, we capture traffic, follow TCP streams, and reveal credentials transmitted in plaintext.
You’ll see a real example of an FTP login where both the username and password are visible. Next, we’ll analyze HTTP Basic Auth traffic and show how credentials are exposed in headers — even when encoded in Base64. These demonstrations highlight exactly why outdated protocols remain a critical security risk.
For penetration testers, this technique provides undeniable evidence of insecurity during assessments. For defenders, the lesson is clear: always enforce secure alternatives like SFTP, SSH, or HTTPS to protect sensitive data from interception.
