Examining Network Data Following SSL Employment
Purpose: To identify if any of the applications transmit unencrypted data over the Wi-Fi netwrok.

  • We perform wireless packet sniffing using Wireshark to passively observe traffic.
  • If the SSL/TSL is not employed, we are able to view the data as plain-text.
  • We also view and assess the cipher suites that’s apps use to establish a secure connection with the server

Demo: In the video above we passively sniff the data when we use the smartphone to: a) browse and log in onto a website that doesnt employ SSL
and b) log in onto Blackboard app. Using the frame contains built in filter in Wireshark, we observe that in the first case we can capture credentials
in plaintext. On the other hand Blackboard employs SSL and therefore the data is encrypted. Finally we capture and inspect the Client Hello
message which contains the list of supported cipher suites for the app in use.