Wifi networks are “better” for sniffing than switched ones, because you can capture every packet without any particular attacks (see ManInTheMiddle) modulo information loss.
– aircrack-ng suite (precisely airodump-ng)
– bssid, channel and encryption key of network (is your conscience clear?)
– wireless card that works in monitor mode
Enable monitor mode:
airmon-ng start <interface>
airodump-ng <monitorif> -c <channel> -d <bssid> -w <filename>
When you have captured enough packets, it’s wireshark time!
Open the .cap file with wireshark:
Edit -> Preferences -> Protocols
Check “Enable decryption“.
Specify the encryption key in the respective field.
Be careful with syntax! See this page:
Click “Apply” then “OK“.
Now you can understand why open networks are so dangerous!
No, you can’t (well, not so easily) retrieve crypted data!
For this, there are various attack that I’ll not teach🙂
See http POST command and guess what happens when you login at an insecure webpage.