Penetration Testing mailing list archives
DECODING EMAILS BETWEEN MS EXCHANGE AND A CLIENT - or RPC ENCRYPTION/ENCODING CRACKING/DECODING
From: "steve" <steve () logicallysecure org>
Date: Thu, 21 Jul 2005 02:09:19 +0100
We currently have a task that requires us to perform a capture of emails between an MS Exchange server and a MS Office Outlook (x400) client. I recognise a dirth of SMTP and POP sniffing programs out there but nothing seems to be able to decode the DCE RPC encoding/encryption of the exchange client communications. Is there anyone out there with knowledge of a product that will allow these emails to to captured and monitored. Oh before anyone suggests any exchange resident software, that option is out, we need to be external of the server and not a member of the domain - just sniffing the stuff as it goes by. Alternatively, does anyone know of a tool that will allow me to crack the RPC encryption/encoding to see the email in clear before I replay it to a server for keyword monitoring purposes? Oh the architecture is a 200 server with exch 2003 and a XP client with Office 2002 (incase that matters/helps) All tips gratefully received. Steve A steve<at>logicallysecure.org
Current thread:
- DECODING EMAILS BETWEEN MS EXCHANGE AND A CLIENT - or RPC ENCRYPTION/ENCODING CRACKING/DECODING steve (Jul 20)