Decoding Gzip/Deflate issues
I'm trying to read the contents of packets sent from an Android device and some packets where Burp can detect Gzip compression, it shows the contents, however there are often times I see packets with this information and Burp can't decode or can't detect compression. How can I see the contents of this compressed packet contents?
The following is from a Android phone, manufacturer I suspect is collecting/spying on it's users with the activity of the phone to a head office, I'm curious to know what information it collects. Any help is appreciated. I've tried copying and pasting the compressed portion to a file and extracting using decompression software :) It didn't work.
For example this packet:
OST /tracker-api/tracker/trackerLog HTTP/1.1
Connection: close
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Linux; U; Android 6.0; en-au; 5044T Build/MRA58K) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Mobile Safari/537.36
Host: tracker-global.tclclouds.com
Accept-Encoding: gzip, deflate
Content-Length: 579
e=v3&data=gDm8W6MSWo42svBtqRQ56SCoDX4m_kjv9HH9hwM5iF1QyXHfvGM5t-RI1vV3uOeSOuGgdCj64MxW
193i3cdbzbnYbixJUZtVgICZ1Mygh6ysINqwCUq_S22ToPgoPPmi9MWJ3Eft7hGWVoanpfHwDH4e
ZwYhm4ovkDe8awCTTRV_nLhzogLuRBRRCLBVCJsGWSe9UoT4O8vSzeraqlYFQOTK55B1UjrYQHmm
laVLUPzz9OXetIC77b1Z5ngW32binYxrCir_tB3waUA-QEQy2Ht2c1TMc9dlVaC58i0O3-Sw406R
CsXZGjHoScC44NavPoDhk_Kwo92U-bvee5m91HuXms91A9xBPzsrz56YU5LA5ege6R0yI7xrwpEA
SYxLO8gyqHuSiF-yid34nB0C1wtleV9wEytfhVR0QiySXp60wL4n_8ZRJHZ9IYhmz-TdK6Hyg1st
74zvtTzWYOwp9fi2PAoc3BJawBbNgqSc8w38pe3MIdW21DCSj0M7_J8IOZJj1yYaYEprMuucrWzr
Qg==
&expect_server_compress=1
Decoding Gzip/Deflate issues
add a comment