First of all i would like to wish you all a very happy new year!!!
In MWG v7.x when we decrypt SSL traffic, let's say of any banking website then is there any chance that if packet capture is taken at that time passwords of SSL websites are visible in pcap file?
I think since packet capture is taken at interface level the packet always keeps the HTTPS content in HTTPS format only. It decrypts analyzes and then re-encrpts the traffic and this re-encrypted traffic is captured on interface again. I am not sure if this is what exactly happens and need confirmation on it. I am taking in regard to only foward proxy.
My concern is HTTPS contant should not be available to anyone for analysis. It may contain user login credentials etc...
A packet capture would not contain the users credentials for SSL websites as it would be encrypted (as you described).
I would suggest reviewing the following disucssion, perhaps it is of interest: