We are adding new WebMail decoder to Xplico, but since there are a large number of WebMail on the web, we ask for your advice.
What are the WebMail to add to Xplico?
- Google Mail: HTTP GMail (30%, 77 Votes)
- Yahoo! Mobile (18%, 46 Votes)
- GMX: www.gmx.net (Germany) (10%, 25 Votes)
- Rouncube: roundcube.net (9%, 24 Votes)
- 163: www.163.com (China) (9%, 23 Votes)
- Horde: www.horde.org (9%, 23 Votes)
- Orange: webmail.orange.fr (France) (7%, 19 Votes)
- Libero: www.libero.it (Italy) (3%, 8 Votes)
- Rediff: www.rediff.com (India) (2%, 6 Votes)
- MYNET: mynet.com (Turkey) (2%, 4 Votes)
- TTNET: www.ttnet.com.tr (Turkey) (1%, 3 Votes)
Total Voters: 199
You can comment this post to add new webmail (not in the poll). In the comment specify:
- The service name
- WebMail URL
We will add your proposal in the poll.
This version introduces l7-patterns classifier for all flows not decoded, also there is the improvement of the real time acquisition, new features for the XI (Xplico Interface) and many bugs fixes.
- l7-patterns for all flows/protocols not decoded by xplico
- Xplico Interface (XI) improved
- python3 porting of many scripts
- realtime capture module improved
- facebook chat realtime view
- UTC/localtime bug fixes
- l2tp dissector bug fixes
- cli and lite dispatchers bug fixes
- telnet dissector bug fixes
- trigcap bug fixes
- new script named session_mng.pyc to facilitate the creation of new case and/or new session from command line
We thank naif for his support and his availability.
The decoding performance are:
- from command line: 5.9 MB/s
- from Xplico Interface (XI) with SQLite DB (=> lite dispatcher): 1.76 MB/s
- from Xplico Interface with MySQL DB (=> ximysql dispatcher): 4.09 MB/s
measured on an Aspire 5633WLMi (Intel Core 2 Duo processor T5500 with 1GB RAM an HD IDE controller) with the pcap http://domex.nps.edu/corp/scenarios/2009-m57/net/day11-18.dmp.zip (851 MB).
As always: Enjoy !
In this version new dissectors, new features and obviously many bugfix:
- Paltalk chat dissector
- MSN dissector (beta basic version)
- XI Cookie hijacking
- XI pagination for Images and Web
- XI XSS fixed
- XI bugfix
- Tim Hentenaa for his Paltalk reverse engineering
- Steve-William KISSI to have found various XSS
- Daniele Franchetto for MSN dissector
- Michele Dallachiesa for cookietools
In this version there are bugfix, dissectors improvements and new features:
- XI configuration pages
- XI administator pages
- XI multi-user
- IRC dissector
- ARP/RAP dissector
- radiotap dissector
- GeoMap latitude and longitude selectable from XI
- CLI decoding directory (xdecode) selectable
- Telent dissector with PIPI
- Paltalk Express dissector and aggregator (basic version)
- sftp/scp pcap files upload
Any feedback is welcome.
You can download source code and Ubuntu 10.04 package here.
This version brings some improvements and fixes some bugs too serious.
- RTP, FTP, Telnet, SIP dissectors improvements
- RTP bug fix
- Xplico Interface XSS Vulnerability fixed
- Xplico Interface updated to CakePHP 1.2.7
- new tool named trigcap to manage pcap
- new version (0.63) of videosnarf
- Maximiliano Soler from Security-Database and Marcos Garcia from Zero Science Lab for finding the vulnerability (XSS) and for helping us.
- Alex Antão for having supported us in finding a bug in RTP
You can download VirtualBox.org image, source code and Ubuntu 10.04 package here.