0
i've been trying to use Wireshark to capture an email i am sending from my smartphone on the same wifi network. I'm using Kali Linux (not a virtual machine), i am in monitor mode, i have set up the right wpa2 decryption key, i did capture the four way handshake and i am getting some decrypted traffic to and from the ip adress of my phone, like TCP, HTTP, DNS and some other ones. However i can't find any traffic with common mail protocols like POP, SMTP or IMAP, which i've heard are really easy to grab and read due to the lack of encryption. That was the main reason i got interested in this topic, to see if i as someone who has no clue about all that could "steal" the content of a mail. Does anyone have a tip for me?
Thanks in advance for your help.
First of all thanks for your answer. How would i go about actually seeing that traffic? Do i somehow have to manually enter these ports somewhere to let wireshark know i want to capture them? – Snuffduff – 2018-08-10T20:41:43.620
Wireshark will collect the packets but without access to the private key and certificate from the server you will not be able to decrypt the traffic. – hardillb – 2018-08-10T20:43:02.273