Facebook POST request capture

As you guessed, Facebook uses HTTPS, what that means is that requests to Facebook.com regardless of whether they are GET or POST requests are not sent over HTTP, instead they are sent over HTTPS in an encrypted form which the 'http' filter in Wireshark wont be able to display as regular HTTP requests. If you want to view the encrypted HTTPS traffic including data to Facebook, select 'tcp' as the filter and you should find requests that you are looking for. Facebook uses HTTPS for transmission for security reasons, as you suspected, so actually Facebook is receiving data, just your filter is not displaying it to you.

Read More about HTTPS at: http://en.wikipedia.org/wiki/HTTPS

For interception of Requests to Facebook.com use a proxy such as Burp Suite or OWASP ZAP. They will allow you to intercept and modify/monitor the traffic sent in real-time.

Hope this helps.

I would recommend using Fiddler for this instead. First you will need to MITM yourself though as Facebook sends this request over HTTPS.

You can do this in fiddler by going to Tools -> Fiddler Options -> HTTPS and ticking:

• Capture HTTPS Connects
• Decrypt HTTPS Traffic

Then you will see a scary warning, as shown below:

Clicking Yes will install an HTTPS certificate onto your computer, decrypt all of your HTTPS traffic and show this in Fiddler. This includes Facebook login requests.