Capture SMTP Email
tcpdump -nn -l port 25 | grep -i 'MAIL FROM\|RCPT TO'
Extract HTTP Passwords in POST Requests
tcpdump -s 0 -A -n -l | egrep -i "POST /|pwd=|passwd=|password=|Host:"
Capture FTP Credentials and Commands
tcpdump -nn -v port ftp or ftp-data
Capture all plaintext passwords
tcpdump port http or port ftp or port smtp or port imap or port pop3 or port telnet -l -A | egrep -i -B5 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user '
If you want to catch on htb or any other platform you have play the role as middleware to catch the passwords.
In other words:
The traffic must be routed from the (your) machine where you run the last command to get/catch the plain passwords.
source your machine destination
Only in this case you can catch the plain text
You have to play the middleware route role for traffic between source and destination