NETWORKING

  • 12/08/2015
    7:30 AM
  • Rating: 
    0 votes
    +
    Vote up!
    -
    Vote down!

Decoding SMTP Authentication Using Wireshark

In this video, Tony Fortunato shows how Wireshark can decrypt the Base54 encoding on an SMTP trace file.

In my last video, I discussed HTTP Basic authentication. I also demonstrated that some network protocol analyzers like Wireshark can decode the Base64 encoding scheme used by HTTP Basic.

In this video, I show you – using Wireshark -- that even the Simple Mail Transfer Protocol (SMTP) can use Base64 encoding as a very basic, weak form of encryption. 

Base64 is a binary-to-text encoding scheme that is generally used to transfer content-based messages and works by dividing every three bits of binary data into six bit units. This new data is represented in a 64-radix numeral system and as seven-bit ASCII text. Because each bit is divided into two bits, the converted data is 33%, or one-third, larger than the original data. Like binary data, Base64-encoded resultant data is not human readable.

The lesson here would be to be aware of what form of encryption you are using.


Comments

posted video interview discussing this article on LMTV