Decoding SMTP Authentication Using Wireshark
In this video, Tony Fortunato shows how Wireshark can decrypt the Base54 encoding on an SMTP trace file.
December 8, 2015
![Network Computing logo Network Computing logo](https://eu-images.contentstack.com/v3/assets/bltde8121fc52c5c8f3/blt3f3d0318f746b1c2/65a530e4187606040a1d8b8c/placeholder.png?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
In my last video, I discussed HTTP Basic authentication. I also demonstrated that some network protocol analyzers like Wireshark can decode the Base64 encoding scheme used by HTTP Basic.
In this video, I show you – using Wireshark -- that even the Simple Mail Transfer Protocol (SMTP) can use Base64 encoding as a very basic, weak form of encryption.
Base64 is a binary-to-text encoding scheme that is generally used to transfer content-based messages and works by dividing every three bits of binary data into six bit units. This new data is represented in a 64-radix numeral system and as seven-bit ASCII text. Because each bit is divided into two bits, the converted data is 33%, or one-third, larger than the original data. Like binary data, Base64-encoded resultant data is not human readable.
The lesson here would be to be aware of what form of encryption you are using.
About the Author(s)
You May Also Like