Sniffing — Wireshark
Grab HTTP POST request data
Apr 25, 2021
Navigate http://ezi2care.jkm.gov.my/login and fill in the User ID and Password fields.
Start Wireshark and click Login on http://ezi2care.jkm.gov.my/login. Filter for “http” protocol results
Click on the destination 203.217.179.134. Check the description under Packet Details Pane by clicking HTML Form URL Encoded or Hypertext Transfer Protocol — search for userid and password.
On the “Host” row / line, please confirm that the IP we selected above is belongs to the ezi2care.jkm.gov.my
Tips
Alternatively, we can use “http.request.method == “POST” as the filter to show only POST methods under Packet List Pane.