🦈 Wireshark Packet Analysis Lab

PRACIVO LAB — INTENTIONALLY VULNERABLE
Home PCAP Files HTTP Sniffing FTP Creds DNS Analysis Telnet Wireshark Filters
⚠️ Pracivo Security Lab — Download PCAP files and open them in Wireshark. Each file contains hidden credentials or sensitive data to find.

Telnet Session Interception

Reading Telnet Sessions in Wireshark

# Telnet sends EVERYTHING in cleartext — keystrokes, passwords, output
# Apply filter:
telnet or tcp.port == 23

# Follow TCP stream to read the entire session:
# Right click → Follow → TCP Stream
# You will see the login prompt, username, password, and all commands

# The telnet_router_session.pcap file shows:
# - Router login (ram / pracivo)
# - Commands run after login
# - Router configuration output

# Why this matters:
# Many old routers and network devices still use Telnet by default
# Always use SSH (port 22) instead of Telnet