tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Email Content Extraction From payload

From: Shameem Ahamed <shameem.ahamed () hotmail com>
Date: Fri, 3 Apr 2009 20:44:00 +0530

Hello Julian,

I am analyzing the HTTP protocol itself.


Problem is , when i try to print the payload (It is represented as a pointer to the u_char data type), it gives me 
binary data , of course it includes some ascii data ( the http request headers).  

My inference is the e-mail content and other details, are in that binary format.  I was thinking that, there should be 
some means for getting that specific binary data in the user form ( some data structure, which represents that binary 
info).


Regards,
Shameem


From: julian () mehnle net
To: tcpdump-workers () lists tcpdump org
Subject: Re: [tcpdump-workers] Email Content Extraction From payload
Date: Fri, 3 Apr 2009 13:38:24 +0000

Shameem Ahamed wrote:


Yes, i am getting the payload. But the only thing is the payload is in
binary format.


I have no idea what that means.  What protocol are you trying to analyze?  
HTTP?  SMTP?  If it's either of those, then there's nothing particularly
"binary" about them, unless HTTP compression is going on.


I am trying to capture the webmail traffic, Like Yahoo!,  AOL Mail etc.


That's a very helpful piece of information!  Still, I don't see what's
"binary" about HTTP traffic from/to http://mail.yahoo.com and 
http://webmail.aol.com.  Are they playing dirty tricks and not just using 
plain HTTP?


And that payload consists of all the http methods ,  protocol specific
data and user data(e-mail content). I want the payload stripped and get
only the user data(e-mail details).  Is there any other library, which
helps to do this?


I don't think there are libraries that can extract individual e-mails from 
captured HTTP traffic from/to any webmail services.

-Julian


_________________________________________________________________
Windows Live Messenger. Multitasking at its finest.
http://www.microsoft.com/india/windows/windowslive/messenger.aspx-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.
Previous By Date Next
Previous By Thread Next

Current thread: