The Ethical Hacker Network - Webmail in Win 7

EH-Net > Ethical Hacking Discussions and Related Certifications > Forensics (Moderator: don) > Webmail in Win 7

Pages: [1] 2 Go Down

« previous next »

	Author	Topic: Webmail in Win 7 (Read 8704 times)
0 Members and 1 Guest are viewing this topic.

Joshsevo

Sr. Member

Offline

Posts: 278

Webmail in Win 7

« on: July 15, 2011, 01:33:53 PM »

So our friends at Microsfot moved the spot where the webmail such as yahoo, hotmail, gmail to a different spot and without cracking open my SANS computer Forensics books. Anyone know exactly where it is?

Got a Hotmail acct I need to look at for some emails.


	Logged

Security+, Network+, C|EH, CHFI, CPT

cd1zz

Hero Member

Offline

Posts: 561

Re: Webmail in Win 7

« Reply #1 on: July 15, 2011, 04:07:44 PM »

I don't understand. Why cant you just go to hotmail.com, gmail.com and yahoo.com?

What "spot" are you talking about?


	Logged

OSCE | OSCP | GXPN | OSWP | CISSP
http://www.pwnag3.com
http://www.networkadminsecrets.com

hayabusa

Hero Member

Offline

Posts: 1633

Re: Webmail in Win 7

« Reply #2 on: July 15, 2011, 07:54:38 PM »

Yeah... This one lost me, too. Please elaborate more, on what it is you're actually trying to do.


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

Data_Raid

Full Member

Offline

Posts: 165

Re: Webmail in Win 7

« Reply #3 on: July 16, 2011, 06:14:52 AM »

Spot = URL ?


	Logged

All men by nature desire knowledge.

Aristotle

hayabusa

Hero Member

Offline

Posts: 1633

Re: Webmail in Win 7

« Reply #4 on: July 16, 2011, 07:06:33 AM »

Quote from: Data_Raid on July 16, 2011, 06:14:52 AM

<LOL>


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

Joshsevo

Sr. Member

Offline

Posts: 278

Re: Webmail in Win 7

« Reply #5 on: July 19, 2011, 01:39:12 PM »

Sorry, We are trying to look for webmail on a suspects HDD. Since windows 7 revamped so much stuff, they moved where they keep the files of webmail.

I assume that you guys know that the computers keeps these files on the HDD even though it's webmail.

So before in like XP the files were kept in Local/App data/users...etc. These are usually just remenants of the emails and may need to be "carved" out. Just seeing if anyone knows.


	Logged

Security+, Network+, C|EH, CHFI, CPT

lorddicranius

Sr. Member

Offline

Posts: 447

Re: Webmail in Win 7

« Reply #6 on: July 19, 2011, 01:57:13 PM »

I didn't know that. Can you elaborate? Mind you, I'm not very well versed on forensics

What format are/were these remnants in?


	Logged

GSEC, eCPPT, Sec+

hayabusa

Hero Member

Offline

Posts: 1633

Re: Webmail in Win 7

« Reply #7 on: July 19, 2011, 02:06:19 PM »

Browser cache?


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

nonexistententity

Newbie

Offline

Posts: 15

Re: Webmail in Win 7

« Reply #8 on: July 19, 2011, 02:30:17 PM »

You mean like:

C:\Users\%USERNAME%\AppData\Local\Microsoft\Windows\Temporary Internet Files?

That information is always available in the browser settings.

-N33


	Logged

hayabusa

Hero Member

Offline

Posts: 1633

Re: Webmail in Win 7

« Reply #9 on: July 19, 2011, 02:46:17 PM »

Yeah, that's where I was leading him.


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

nonexistententity

Newbie

Offline

Posts: 15

Re: Webmail in Win 7

« Reply #10 on: July 19, 2011, 02:51:44 PM »

Quote from: hayabusa on July 19, 2011, 02:46:17 PM

Yeah, that's where I was leading him.

Were you leaning more towards a "find the answer" method? Sorry if I jumped the gun on ya, bro.

-N33


	Logged

hayabusa

Hero Member

Offline

Posts: 1633

Re: Webmail in Win 7

« Reply #11 on: July 19, 2011, 02:55:51 PM »

Yep, I was, but that's OK. They'll find the answer with your guidance, too. Wink


	Logged

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH

Joshsevo

Sr. Member

Offline

Posts: 278

Re: Webmail in Win 7

« Reply #12 on: July 20, 2011, 01:17:28 PM »

I sent an email to my SANS instructor and he said that it won't be in a specific spot but there will be remnants of the files left in different spots such as memory,

Here' is his response:

Grabbing webmail is like recovering any other browser artifact. It is
not kept in any particular place so your stuck working browser cache
data, memory, etc. That is why tools like IEF are popular...and
pricey.


	Logged

Security+, Network+, C|EH, CHFI, CPT

lorddicranius

Sr. Member

Offline

Posts: 447

Re: Webmail in Win 7

« Reply #13 on: July 20, 2011, 01:25:17 PM »

Ooh, ok. I see now. Browser cache makes sense. I had it in my head that there was something comparable to .PST's or something that I wasn't aware of haha


	Logged

GSEC, eCPPT, Sec+

Joshsevo

Sr. Member

Offline

Posts: 278

Re: Webmail in Win 7

« Reply #14 on: July 20, 2011, 01:52:00 PM »

I was too and that's why I posed the question like I did, sorry for the confusion. But that's why I'm still an intern. Still learning. I won't forget this now.


	Logged

Security+, Network+, C|EH, CHFI, CPT

Pages: [1] 2 Go Up

« previous next »

Jump to: