Hello all, I am not familiar with wireshark, can any one please tell me how can I capture the SMTP payload in ASCII format, thanks in advance. asked 12 Dec '15, 09:22  Nazzoka edited 12 Dec '15, 10:19  grahamb ♦ |
One Answer:
Just capture the traffic as normal, then use a display filter of "smtp". As long as the SMTP traffic isn't encrypted you can see the payload by right-clicking any packet in the SMTP conversation and then selecting Follow -> TCP Stream. The resulting dialog will show the entire conversation which you can copy to the clipboard. The email be in multiple parts so you might have to do a little editing. answered 12 Dec '15, 10:18 grahamb ♦ edited 12 Dec '15, 10:20 |
Thanks a lot