View message source after base64 decoding?
Wanted to inspect the source of a suspicious email, but the body is just displaying as a block of base64 text in View Source. (When viewing the message in the main window, it's all text but for a couple of hyperlinks.) Is there a way to view the base64-decoded but not HTML-rendered source?
Solution eye eponami
I use Notepad++. Under plugins, it has a mime encoding/decoding option and can decode the base64 content. It usually turns into html. If it is really mischievous, it may have java script doohickeys that are intended to convert or generate text on the fly.
Take care to copy and paste (or select) accurately . The decoder knows that the number of characters in base64 content will always be divisible by four and will refuse to run if you select or paste in too many or too few characters.
Tanga eyano oyo ndenge esengeli 👍 0All Replies (2)
Solution eye oponami
I use Notepad++. Under plugins, it has a mime encoding/decoding option and can decode the base64 content. It usually turns into html. If it is really mischievous, it may have java script doohickeys that are intended to convert or generate text on the fly.
Take care to copy and paste (or select) accurately . The decoder knows that the number of characters in base64 content will always be divisible by four and will refuse to run if you select or paste in too many or too few characters.
So, again, the answer appears to be "no". :-( (I say "again" because of another posted question of mine about functionality.)
I do appreciate the response. Thanks for taking the time.
For future readers, I found a site that decodes base64 blocks: https://www.base64decode.org/. Just copy, then paste into the field on the page and hit DECODE.
In your scenario, Zenos, will Notepad++ interpret (run) the javascript? Just curious. But if so, yikes! (I'm only interested in seeing the textual representation.)