I have extracted the output of a pcap file, where it has encrypted jpeg image inside a word .doc & also .jpeg. How can I extract the same ?
asked 04 Sep '13, 09:29
by opening the rar file with WinRar and by entering the encryption key when WinRar asks for it!?!
If the rar file is not encrypted itself, you'll have to ask the sender of the email how he/she encrypted the files and also for the key. With that information you should be able to decrypt the files.
BTW: Obviously you already managed to extract the rar file from the SMTP conversation. So, how is this problem related to Wireshark?
answered 04 Sep '13, 15:07
Kurt Knochner ♦