Hello Julian, Thanks for the reply.
I have tried a small code with libnids in my ubuntu machine. I have modified the sample code provided by Rafal Wojtczuk in the libnids main page. In that one also, i have tried to print the data part in a file using the callback function and all the data was in binary format. Also, libnids doesn't provide any function to check the data in the payload ( higher OSI layer , possibly application layer for HTTP) I am done with "stripping TCP headers", and i am here with a payload, which contains all the higher level headers and data. I want to strip the higher level data and get only the data. Regards, Shameem > From: jul...@mehnle.net > To: tcpdump-workers@lists.tcpdump.org > Subject: Re: [tcpdump-workers] Email Content Extraction From payload > Date: Fri, 3 Apr 2009 09:10:53 +0000 > > Shameem Ahamed wrote: > > > I want to get the e-mail details (Email Body, Subject, To, CC and > > attachment details) from the e-mail send pcap i created using > > wireshark. > > > > Can any one help me regarding this ?. > > > > I am doing a project to capture and present high level (layer 7) data > > content(payload) from pcap file > > Try libnids: > > http://libnids.sourceforge.net > > It performs TCP flow reassembly and all the neat stuff that your local TCP > stack usually does. > > I recently did something similar in Python and used the pynids Python > binding to great effect. > > -Julian _________________________________________________________________ Windows Live Messenger. Multitasking at its finest. http://www.microsoft.com/india/windows/windowslive/messenger.aspx- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
