am sorry for this dumb question, but am using RawCap to detect packets sent

Question

0

Asked: June 18, 20262026-06-18T01:18:36+00:00 2026-06-18T01:18:36+00:00

am sorry for this dumb question, but am using RawCap to detect packets sent

0

am sorry for this dumb question, but am using RawCap to detect packets sent and received to learn what is sent in HTTP, and the page is a simple application made using Tornado and MongoDB, when i capture packets, i dont find the password in any packet sent.

Why? i dont use any encrypted protocole like HTTPS, it’s a simple HTTP and cant see the password.

here is the file:
The result

as you can see, Mongodb answers the value of the database, and brings the password as it is saved (PBKDF2), but cant see the one sent from the first time.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-18T01:18:37+00:00

Editorial Team

2026-06-18T01:18:37+00:00Added an answer on June 18, 2026 at 1:18 am

Most likely, you don’t see the password because the page is using HTTP basic authentication which encodes the username and password using base64. Look for a string like:

Authorization: SomeRealmName QWxhZGRpbjpvcGVuIHNlc2FtZQ==

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

am sorry for this dumb question, but am using RawCap to detect packets sent

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply