Wireshark is a tool to see a traffic around your network what kind of data and what kind protocol that are use in the network around you or we can say wireshark as packet analyzer. Wireshark is avaliable in linux, windows and mac os you can actuall just download it and install it in this link https://www.wireshark.org/download.html
Before we start to open wireshark i recommend that you can actually set your homepage to a blank page because if you set the browser to a specific homepage your wireshark will actually listen to the packet traffic and it's going to overwhelm you. I use iceweasel to configure the homepage go to the preference and set the homepage to blank page.
After your open your browser. now open your wireshark
Apply the interface list at your wireshark and choose that is actually have data moving through the network
Browse www.httprecipes.com it's a website that is design to actually test wireshark in your computer.
Now the wireshark start to capture the traffic that is actually flow at your network. Now we only interesting finding the http packet you can actually do that by filtering the packet with the column that have been provided or go to the display filter and type http.
After you done the filtering we can actually determine what kind of server that are use in the website
As you can see the server is use apache server 2.2.26
now as i mention at first we can actually know what data inside the cookies that is have been passing and grabbing password using wireshark
pretty simple
for cookies go to the :http://www.httprecipes.com/1/2/cookies.php
i try to enter two cookies in the website first one is williamsiscool and williamsiscool2.and when i try to run the wireshark filter the http packet and find the cookies
well as you can see i can actually see the cookies that is actually pass at the webpage.
now move one to the grabbing password
go to the:http://www.httprecipes.com/1/2/forms.php
i try to fill the user id section with "guest" and "guest123". now see your wireshark and filter the http and search for POST because in sql when we pass data. we can actually use GET and POST method
now you see there are bunch code ish at the lower section. that is actually encoded by POST method but you can solve this by go to display and click follow and choose tcp stream and you can see the data of the password and the user id
so if you have any critics or question you can comment at my blog and i open to any sharing about hacking stuff
have a lovely day ^_^