What they visually see is a list of network requests. Most of them are not interesting, because it’s just establishing a connection and finding the correct device to go to etc. Like others said, it gets dangerous when they can see what you sent over an unencrypted connection like HTTP. There they can see the payload in unencrypted form, aka plain text (even files get converted to plain text representation so by decoding it hackers can also see what images you downloaded, for example). Also, even if everything is encrypted, packet sniffing leads to valuable information nonetheless: patterns. If some requests and responses always look the same or come from the same location, this information can help the attacker “spoof” a legitimate responder by spamming the network with responses that look similar to those they observed. If they get lucky, a client browser / device mistakes them for a legitimate response, possibly leading to the user sending sensitive information to the hacker instead. This is pretty unlikely though and most hackers won’t go through that amount of work just to potentially get to sensitive data of one person. But given enough time and effort, it can happen.
Latest Answers