⚠ Educational demo — intentionally insecure
This page sends credentials in plain text over HTTP.
Use Wireshark or tcpdump -A on the local network to capture the POST body.
🔓 Member Login
POST /login.php HTTP/1.1
Host:192.168.1.10
Content-Type:application/x-www-form-urlencoded
username=alice&password=hunter2
↑ Exactly what Wireshark captures on HTTP — password fully visible