I'm currently working on a mock investigation, trying to catch a neighbor who is stealing a victims WiFi to make fraudulent online purchases.
How would I setup Wireshark to find transmissions of text over a network?
your request is pretty vague, but…
wireless
join the network and then listen on your wireless interface. you will have to get the wireless card in promiscuous mode to capture everything. backtrack may help here
wired
you will have to set up a mirrored port or get your monitoring gear inline between the switch and router, else you will only see traffic going to your switch port (ie destined for your computer)
I'm not hot on networking (I'm a dead disk kinda guy), so feel free to disregard anything I say here…
My suspicion is that Wireshark will prove little to nothing as purchases are usually made over HTTPS and therefore the crucial data may well be encrypted. You may get some initial connections and a browsing history from that but what does that prove?
A better tack might be to look at the connections to the router. Cheap routers provided by ISPs are next door to useless but with a good home/small office one, you might be able to log the MAC addresses of connected devices. MAC addresses can be spoofed but in the real world, rarely are (unless your 'real world ' is the hacker/cracker community). A MAC address in it's pure form will identify the device and at the very least, you can identify all the MAC addresses of the devices owned by your victim and eliminate them from your enquiry.
Wireshark may well reveal the ARP requests that contain the MAC address but as EricZimmerman has pointed out you need the right level of access on the network. You might want to have a look at kismet or aircrack_ng which are better able to look at wireless traffic than Wireshark which can only look at the traffic on the Ethernet layer.
Paul