SOConda – ekstrakcja załącznika z pliku .eml

Jak wyodrębnić załącznik z przesłanego pliku .eml do analizy?

agresor@soconda:~$ python3 -m venv emls (emls) agresor@soconda:~$ source emls/bin/activate (emls) agresor@soconda:~$ pip install eml-extractor Collecting eml-extractor Using cached eml_extractor-0.1.1-py3-none-any.whl.metadata (3.3 kB) Using cached eml_extractor-0.1.1-py3-none-any.whl (4.7 kB) Installing collected packages: eml-extractor Successfully installed eml-extractor-0.1.1 (emls) agresor@soconda:~$ du -k analyze_me.eml 25684 analyze_me.eml (emls) agresor@soconda:~$ eml-extractor -f analyze_me.eml PROCESSING FILE "analyze_me.eml" >> Attachment found: malware_sample.zip >> Saving attachment to "/home/agresor/Analyze Me/malware_sample.zip" Done. (emls) agresor@soconda:~$ du -k Analyze\ Me/malware_sample.zip 18668 Analyze\ Me/malware_sample.zip

Więcej informacji: EML Extractor