Extracting Links from HTML Message

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Extracting Links from HTML Message

martin McCormick-3
There's a situation which is wasting a tremendous amount of my
time so anything that will move this beast along is greatly
appreciated.

        There is a web site

https://www.radioid.net

that I need to register an account on.  They want to make sure we
can receive their emails which I sure can but the email ping
involves going to some url which contains a serial number.  

        The fun part is that they also send a link in the clear
stating that you can paste it in your browser.

        Every single time I try that, the browser returns a
message stating that the link has already been used (game over!)

        There is an image file referenced in the ping that
contains a slightly different url and that might be one I could
use that works.

        Is there a way I can show this message and see the
embedded url in the image file?
Here is the output I get from "show.  Below that, I will also include
the un-processed body.

$ show
[ Message inbox:3782 ]
From:    [hidden email]
Subject: EMail Verification - Registration
RadioID Logo
Verification Image
If the above link does not work, please copy-paste this link into your
browser.
https://www.radioid.net/verify/token=SHTUI469E1GVO35SDTGK180BAHKLOP9FPF
R9GWQD

This email was sent to: [hidden email]

More legalese boiler plate follows.  Ya' gotta love stuff like
this.

        All I am interested in at this point is mechanically
extracting the url embedded in the image to see if I can stuff
that in to chrome and have any more luck in their security
theater production.  They've got a CAPTCHA in this site and
surprisingly, that part works fine.  Thanks for any constructive help.

Martin McCormick


        Here are the last couple of headers plus raw text:


To: [hidden email]
From: [hidden email]
Subject: EMail Verification - Registration
Content-Type: text/html; charset="ascii"
Mime-Version: 1.0

<!DOCTYPE html>
<html lang=3D"en">
<head>
    <style>
        p.one {
            border-style: solid;
            border-color: green;
            border-radius: 5px;
        }

        a {
            text-decoration: none;
            color: black;
        }
    </style>

    <meta charset=3D"UTF-8">
    <title>RadioID.net Email Verify</title>
</head>
<body style=3D"font-family: Arial, Helvetica, sans-serif;">
<table style=3D"margin: 0 auto; border: 0">

    <tr>
        <th style=3D"margin: 0 auto; width:200px">
            <img src=3D"https://www.radioid.net/images/radioid_logo.png" wi=
dth=3D"200" alt=3D"RadioID Logo">
        </th>
    </tr>
    <tr>
        <th style=3D"margin: 0 auto;">
            <table style=3D"margin: 0 auto; border: 0; width: 100%">
                <tr>
                    <td style=3D"margin: 0 auto;">
                        <table style=3D"margin: 0 auto; border: 0">
                            <tr>
                                <td>
                                    <p class=3D"one">
                                        <img src=3D"https://www.radioid.net=
/verify/SHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD" alt=3D"Verification Image=
">
                                    </p>
                                </td>
                            </tr>
                        </table>
                    </td>
                </tr>
            </table>
        </th>
    </tr>

    <tr>
        <td align=3D"center">
            If the above link does not work, please copy-paste this link in=
to your browser.<br>
            <span style=3D"color: #007bff">https://www.radioid.net/verify/t=
oken=3DSHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD</span>
        </td>
    </tr>

</table>
</body>
</html>

<br><br><br><br> This email was sent to: [hidden email]<br><br>Dis=
claimer<br><br>The information in this email may be confidential, legally p=
rivileged or otherwise. It is intended solely for the addressee. Access to =
this email by anyone else is unauthorised. If you are not the intended reci=
pient, any disclosure, copying, distribution or any action taken or omitted=
 in reliance on it, is prohibited and may be unlawful. Whilst all reasonabl=
e steps are taken to ensure the accuracy and integrity of information and d=
ata transmitted electronically and to preserve the confidentiality thereof,=
 no liability or responsibility whatsoever is accepted if information or da=
ta is, for whatever reasons, corrupted or does not reach its intended desti=
nation. Opinions, conclusions and other information in this message that do=
es not relate to the official business of the sender shall be understood as=
 neither given nor endorsed by it

Reply | Threaded
Open this post in threaded view
|

Re: Extracting Links from HTML Message

Ken Hornstein-2
>that I need to register an account on.  They want to make sure we
>can receive their emails which I sure can but the email ping
>involves going to some url which contains a serial number.  

Huh, so .... I ran into some "interesting" issues with that web site.

Specifically, I tried the same think you did.  But ... I had the web
page "continue" like I opened the web page even before I got the
message.  I am wondering if some intervening spam scanner visited that
link?

Honestly, why not just mhstore the whole HTML and then open that file
with your favorite web browser?  I just tried that and it works fine.

--Ken

Reply | Threaded
Open this post in threaded view
|

Re: Extracting Links from HTML Message

Jude DaShiell
In reply to this post by martin McCormick-3
tesseract maybe will extract that text from that image.

On Mon, 6 Jan 2020,
Martin McCormick wrote:

> Date: Mon, 6 Jan 2020 08:03:14
> From: Martin McCormick <[hidden email]>
> To: [hidden email]
> Subject: Extracting Links from HTML Message
>
> There's a situation which is wasting a tremendous amount of my
> time so anything that will move this beast along is greatly
> appreciated.
>
> There is a web site
>
> https://www.radioid.net
>
> that I need to register an account on.  They want to make sure we
> can receive their emails which I sure can but the email ping
> involves going to some url which contains a serial number.
>
> The fun part is that they also send a link in the clear
> stating that you can paste it in your browser.
>
> Every single time I try that, the browser returns a
> message stating that the link has already been used (game over!)
>
> There is an image file referenced in the ping that
> contains a slightly different url and that might be one I could
> use that works.
>
> Is there a way I can show this message and see the
> embedded url in the image file?
> Here is the output I get from "show.  Below that, I will also include
> the un-processed body.
>
> $ show
> [ Message inbox:3782 ]
> From:    [hidden email]
> Subject: EMail Verification - Registration
> RadioID Logo
> Verification Image
> If the above link does not work, please copy-paste this link into your
> browser.
> https://www.radioid.net/verify/token=SHTUI469E1GVO35SDTGK180BAHKLOP9FPF
> R9GWQD
>
> This email was sent to: [hidden email]
>
> More legalese boiler plate follows.  Ya' gotta love stuff like
> this.
>
> All I am interested in at this point is mechanically
> extracting the url embedded in the image to see if I can stuff
> that in to chrome and have any more luck in their security
> theater production.  They've got a CAPTCHA in this site and
> surprisingly, that part works fine.  Thanks for any constructive help.
>
> Martin McCormick
>
>
> Here are the last couple of headers plus raw text:
>
>
> To: [hidden email]
> From: [hidden email]
> Subject: EMail Verification - Registration
> Content-Type: text/html; charset="ascii"
> Mime-Version: 1.0
>
> <!DOCTYPE html>
> <html lang=3D"en">
> <head>
>     <style>
>         p.one {
>             border-style: solid;
>             border-color: green;
>             border-radius: 5px;
>         }
>
>         a {
>             text-decoration: none;
>             color: black;
>         }
>     </style>
>
>     <meta charset=3D"UTF-8">
>     <title>RadioID.net Email Verify</title>
> </head>
> <body style=3D"font-family: Arial, Helvetica, sans-serif;">
> <table style=3D"margin: 0 auto; border: 0">
>
>     <tr>
>         <th style=3D"margin: 0 auto; width:200px">
>             <img src=3D"https://www.radioid.net/images/radioid_logo.png" wi=
> dth=3D"200" alt=3D"RadioID Logo">
>         </th>
>     </tr>
>     <tr>
>         <th style=3D"margin: 0 auto;">
>             <table style=3D"margin: 0 auto; border: 0; width: 100%">
>                 <tr>
>                     <td style=3D"margin: 0 auto;">
>                         <table style=3D"margin: 0 auto; border: 0">
>                             <tr>
>                                 <td>
>                                     <p class=3D"one">
>                                         <img src=3D"https://www.radioid.net=
> /verify/SHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD" alt=3D"Verification Image=
> ">
>                                     </p>
>                                 </td>
>                             </tr>
>                         </table>
>                     </td>
>                 </tr>
>             </table>
>         </th>
>     </tr>
>
>     <tr>
>         <td align=3D"center">
>             If the above link does not work, please copy-paste this link in=
> to your browser.<br>
>             <span style=3D"color: #007bff">https://www.radioid.net/verify/t=
> oken=3DSHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD</span>
>         </td>
>     </tr>
>
> </table>
> </body>
> </html>
>
> <br><br><br><br> This email was sent to: [hidden email]<br><br>Dis=
> claimer<br><br>The information in this email may be confidential, legally p=
> rivileged or otherwise. It is intended solely for the addressee. Access to =
> this email by anyone else is unauthorised. If you are not the intended reci=
> pient, any disclosure, copying, distribution or any action taken or omitted=
>  in reliance on it, is prohibited and may be unlawful. Whilst all reasonabl=
> e steps are taken to ensure the accuracy and integrity of information and d=
> ata transmitted electronically and to preserve the confidentiality thereof,=
>  no liability or responsibility whatsoever is accepted if information or da=
> ta is, for whatever reasons, corrupted or does not reach its intended desti=
> nation. Opinions, conclusions and other information in this message that do=
> es not relate to the official business of the sender shall be understood as=
>  neither given nor endorsed by it
>
>

--


Reply | Threaded
Open this post in threaded view
|

Re: Extracting Links from HTML Message

Andy Bradford-2
In reply to this post by martin McCormick-3
Thus said "Martin McCormick" on Mon, 06 Jan 2020 07:03:14 -0600:

> https://www.radioid.net/verify/token=SHTUI469E1GVO35SDTGK180BAHKLOP9FPF
> R9GWQD

This  URL  looks like  it  has  an embedded  newline  in  it (maybe  the
result of quoted-printable  content being poorly handled  by the senders
text/plain conversion.

What if you just try putting it all in one URL:

https://www.radioid.net/verify/token=SHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD

Andy
--
TAI64 timestamp: 400000005e139e47



Reply | Threaded
Open this post in threaded view
|

Re: Extracting Links from HTML Message

Ralph Corderoy
In reply to this post by martin McCormick-3
Hi Martin,

> $ show
...
> https://www.radioid.net/verify/token=SHTUI469E1GVO35SDTGK180BAHKLOP9FPF
> R9GWQD

> Here are the last couple of headers plus raw text:
> Content-Type: text/html; charset="ascii"
> Mime-Version: 1.0

Was there a ‘Content-Transfer-Encoding’ field too?

>                                         <img src=3D"https://www.radioid.net=
> /verify/SHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD" alt=3D"Verification Image=
> ">
...
>             <span style=3D"color: #007bff">https://www.radioid.net/verify/t=
> oken=3DSHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD</span>

Removing the quoted-printable encoding gives these two different URLS,
the first for the image to display, the second to open in lieu

    https://www.radioid.net/verify/SHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD
    https://www.radioid.net/verify/token=SHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD

The token is the same in both: SHTUI469E1GVO35SDTGK180BAHKLOP9FPFR9GWQD.

The message you got about the token already being used seems to be a
default for any unrecognised token,
e.g. https://www.radioid.net/verify/nmh-workers

Are you sure you didn't open the incomplete URL as Andy suggested?

--
Cheers, Ralph.