How can you view an HTTP request in transit?

how can you view an HTTP request in transit?

In Google Chrome, sometimes you will see the https: protocol in the URL bar with a red strike through it. Clicking on the info button says that not all elements on the page are encrypted, and may be viewed by others while in transit. My question is: how can one view any/all requests while in transit? I have read a little about HTTP sniffers, but those seem to be inspecting incoming/outgoing requests from your own machine. How can you intercept a request out in the ether, in a particular network?
Answer:

Packet Sniffers Packet sniffers allow you to see everything that is travelling on the network. http://www.wireshark.org/ is the most popular and free and is easy to download and install. With a packet sniffer, you can read in plaintext anything that is not encrypted. These require that you have access to the network where the communication is coming from (either server or host). You cannot read packets on a network that you do not have access to. That is why you have heard that they read what is coming from your own computer. But, it is possible to gain access to other networks. Wifi (public or hacked private) is a popular and easy means of gaining access to other's network traffic. Some attackers go to http://pwnieexpress.com/ http://ettercap.sourceforge.net/ to physically install sniffers in corporate networks so that they can access this type of data. HTTPS HTTPS encrypts information between a browser and the server so that sniffers cannot read the actual content of the communication. For a site that has a mix of HTTP and HTTPS content, parts of the communication will be readable, and some will not. Testing This is easy to test. Download and install Wireshark and start a capture. Then launch a web browser and navigate to a website that is not HTTPS. Stop the Wireshark capture, then look through the data. You will find the actual text of the website in the capture. Try again on an HTTPS website (google, for instance) and you will see that you cannot read the text from the website. Now try the whole process on a mixed website, and you will see what is encrypted and what is not. It is possible that ads and other 3rd party content has not been encrypted, for instance. Impacts Packet sniffers are the technical tools, but pre-packaged hacking tools use packet sniffers built into themselves to read this information and format it for malicious uses. http://codebutler.com/firesheep is the currently famous tool that can hijack someone's connection to Facebook and Twitter.

user1325378 at Information Security Visit the source

Was this solution helpful to you?

Other answers

In order to capture packets "out in the ether" you need to be able to control the endpoint or the medium in which the communication is operating. In the case of wired connections, you need to control the server, switch, router, etc, or tap into the line directly. In the case of wifi, you can use wireshark as @schroeder has mentioned coupled with your wifi card. The problem here is that if the wifi router uses encryption, then without effort you will only be able to see your own traffic. As for your own usage, depending on your operating system, you might find http://fiddler2.com/fiddler2/ to be a much lighter-weight and easier to use/understand debugging proxy for Windows. Start it up and Chrome should automatically use it. All requests can go through there. And to top it all off, you can introduce an SSL certificate to allow you to decrypt your HTTPS sessions.

logicalscope

You can use any packet sniffer that you are comfortable with, the main feature allowing you to listen all packets at Ether belonging to your network is http://en.wikipedia.org/wiki/Promiscuous_mode. Normally, tools like Wireshark allow to listen in promiscuous mode at ethrent w/o any external config. But even if its not working, you can search for your NIC to be configured in promiscuous mode (given it supports that).

AbhishekKr

A slight aside, but in the OP's specific case of viewing a web page in chrome: you can hit f12, or ctrl-shift-i to bring up the developers tools and click on the network tab. Refresh the page to see a list of all network requests made by the browser. Click an individual request in the list to see details of that request.

Cheekysoft

What you are looking for is a man in the middle attack. A man in the middle attack is when someone between you an the server is reading/modifying your communication. Some know methods of archiving this is: arp-spofing. arp-spoffing is used on local network to insert you in the communication between your target and your gateway to the internet. http://www.oxid.it/cain.html is a tool that can do this and can also find passwords and usernames from unencrypted connections dns-spofing. a url like www.google.com translates to a ip by dns. so if you control the dns you control where all url points. So then you point all sites to your computer and make it act like a proxy.

KilledKenny

Can I suggest using scapy for this? I have a post on Stack Overflow talking about how to do this. Not sure how much programming experience you have but this solution should be plug and play after you get Scapy and Python installed on the box. What this will provide is an easier and quick snapshot of each and every http request you make on your box without needing to stop and drill down into a packet. Please see http://stackoverflow.com/questions/10184016/complete-http-get-with-scapy/10205888#10205888

dc5553

I think the best way understand how easy is to sniff HTTP traffic is read about http://en.wikipedia.org/wiki/Firesheep With WiFi access you don't need to seat on the wire any more.

AaronS

Another great tool that hasn't been recommended is http://mitmproxy.org/. It lets you: Intercept and modify HTTP traffic on the fly Save HTTP conversations for later replay and analysis Replay both HTTP clients and servers Make scripted changes to HTTP traffic using Python SSL interception certs generated on the fly

Siddhartha Tesla

Related Q & A:

How can I send an http request at a specific time?Best solution by Stack Overflow
How can I view my old messages?Best solution by Yahoo! Answers
How can I view the attachments from messages in Yahoo Groups?Best solution by Yahoo! Answers
How can you view Verizon wireless messages online?Best solution by community.verizonwireless.com
How can I view another person's webcam?Best solution by Yahoo! Answers

Just Added Q & A:

How many active mobile subscribers are there in China?Best solution by Quora
How to find the right vacation?Best solution by bookit.com
How To Make Your Own Primer?Best solution by thekrazycouponlady.com
How do you get the domain & range?Best solution by ChaCha
How do you open pop up blockers?Best solution by Yahoo! Answers

For every problem there is a solution! Proved by Solucija.

Got an issue and looking for advice?
Ask Solucija to search every corner of the Web for help.
Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.