Re: Email Content Extraction From payload

[Shameem Ahamed <shameem.ahamed () hotmail com>]

Hello Julian,

Thanks for the reply.

I have tried a small code with libnids in my ubuntu machine.

I have modified the sample code provided by  Rafal Wojtczuk   in the libnids main page.

In that one also,  i have tried to print the data part in a file using the callback function and all the data was in 
binary format.

Also, libnids doesn't provide any  function to check the data in the payload ( higher OSI layer , possibly application 
layer for HTTP)

I am done with "stripping TCP headers", and i am here with a payload, which contains all the higher level headers and 
data.  I want to strip the higher level data and get only the data.


Regards,
Shameem


> From: julian () mehnle net
> To: tcpdump-workers () lists tcpdump org
> Subject: Re: [tcpdump-workers] Email Content Extraction From payload
> Date: Fri, 3 Apr 2009 09:10:53 +0000
>
> Shameem Ahamed wrote:
>
> > I want to get the e-mail details (Email Body, Subject, To, CC and
> > attachment details) from the e-mail send pcap i created using
> > wireshark.
> >
> > Can any one help me regarding this ?.
> >
> > I am doing a project to capture and present high level (layer 7) data
> > content(payload)  from pcap file
>
> Try libnids:
>
>   http://libnids.sourceforge.net
>
> It performs TCP flow reassembly and all the neat stuff that your local TCP 
> stack usually does.
>
> I recently did something similar in Python and used the pynids Python 
> binding to great effect.
>
> -Julian

_________________________________________________________________
Windows Live Messenger. Multitasking at its finest.
http://www.microsoft.com/india/windows/windowslive/messenger.aspx-
This is the tcpdump-workers list.
Visit https://cod.sandelman.ca/ to unsubscribe.