Help needed on dumping user input database in Google chrome
#11
(05-29-2018, 10:53 AM)Vector Wrote: I appreciate you Eku, but i don't consider myself to be someone that wants to see other people fail. In fact i like helping out. So in that vein;

@OP
You want to send it off to a server you control? What do you have in place on this server that allows you to receive data? Is it an FTP server? Is it a website that has a form for uploads? Or do you want to receive it via SMTP? I agree that it would be a good idea to send over the entire SQLite file and parse it from your end.

Depending on how you answer my questions on how you would like to receive the data there are multiple ways to go about it.

In any case, a quick Google search led me to this.

https://gist.github.com/pcdinh/2102372

It's a little python script that will send out an email with attached files. The files will be base64 encoded as well, adds a small layer of security as they are in transit. Just add your var `path2` at the array called files like so `files = [path2]` in fact i think you can just leave the brackets out, you don't need an array for a single file.

I could go on, and i might if you want to send it to some place that is not an SMTP server. But since you mentioned you are good at interpreting Python, i am just going to leave it at that for now.
Hey, I was just wondering why it would be needed to be encoded into base64.You said that it "adds a small layer of security" but anyone can easily decode this.Is there something more i am missing?
Reply
#12
(05-29-2018, 01:30 PM)Zot Wrote:
(05-29-2018, 10:53 AM)Vector Wrote: I appreciate you Eku, but i don't consider myself to be someone that wants to see other people fail. In fact i like helping out. So in that vein;

@OP
You want to send it off to a server you control? What do you have in place on this server that allows you to receive data? Is it an FTP server? Is it a website that has a form for uploads? Or do you want to receive it via SMTP? I agree that it would be a good idea to send over the entire SQLite file and parse it from your end.

Depending on how you answer my questions on how you would like to receive the data there are multiple ways to go about it.

In any case, a quick Google search led me to this.

https://gist.github.com/pcdinh/2102372

It's a little python script that will send out an email with attached files. The files will be base64 encoded as well, adds a small layer of security as they are in transit. Just add your var `path2` at the array called files like so `files = [path2]` in fact i think you can just leave the brackets out, you don't need an array for a single file.

I could go on, and i might if you want to send it to some place that is not an SMTP server. But since you mentioned you are good at interpreting Python, i am just going to leave it at that for now.
Hey, I was just wondering why it would be needed to be encoded into base64.You said that it "adds a small layer of security" but anyone can easily decode this.Is there something more i am missing?

The original script was written in order to deliver a payload of some kind. In example if an e-mail application is configured to be on the look out for suspicious strings in order to block incoming messages that might be malicious, this would probably help in avoiding such counter measures.
Reply
#13
Base64 is just the default encoding of emails. Look at your email headers, behind the SSL there’s a 99% chance that it’s base64 encoded

And @Null, I wrote it for work lol. I have to audit people sometimes
Reply
#14
(05-30-2018, 03:38 AM)ekultek Wrote: Base64 is just the default encoding of emails. Look at your email headers, behind the SSL there’s a 99% chance that it’s base64 encoded

And @Null, I wrote it for work lol. I have to audit people sometimes

SMTP lib handles all encoding for emails in Python. So if that is the case, why would you need to base64 encode the attachment seperately if not in order to bypass mail filters, kind one the ones that you designed for MailAdmin?

Look at the Gist i posted, the author only encodes the 'payload' part separately in base64.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Who can help me remove crypt from .DAT files? Saddam 1 1,307 10-26-2021, 06:03 PM
Last Post: dev
  Help me hacking WPA2 wifi brandroot 5 12,536 03-01-2021, 08:13 PM
Last Post: Vector
  HEY FAMILY.. Help me out :-( ALPXHAX 7 15,335 12-26-2020, 04:47 PM
Last Post: FancyBear
  Help me astronomo 4 10,512 12-12-2020, 11:11 PM
Last Post: Insider