One of the things I keep my eyes peeled for are items that involve security implications. Full disclaimer: I am not a security guru nor do I profess to be one, but I do understand some of the more obvious issues.
For example, many of you are probably familiar with the term "clear text." This is when data or credentials are transmitted in a text format. Obviously, this is not a good thing since anyone who happens to intercept sensitive data will be able to easily see it..
Hence, the introduction of encryption so that your data is encoded in such a manner that only authorized applications can read the data. Unfortunately, as many people know, different types of encryption have their weaknesses.
In this video I cover the simplest form of HTTP authentication: HTTP Basic. With this method, your data is encoded with Base64 in transit. Some people even go as far as calling this encryption, but I don’t want to go down that rabbit hole. Suffice to say, we can all agree the data is no longer in clear text.
I show you that with Wireshark and no additional downloads, plugins or scripts, you can see if an application is using HTTP Basic. Wireshark will decode the authorization string, revealing the credentials. The syntax presented is simply username:password.
Please keep in mind that this something specific to Wireshark, so you should take a moment to try your own protocol analyzer to see how it fares.