Hacking Gmail

(Grace) #1

68 Part II — Getting Inside Gmail


You’ll be referring back to this figure in a page or two.

Now, stop the Tcpflow application with a judicious Control+c and open up the
login_capture.txtfile.

Cleaning Up the Log


Before looking through the log properly, it needs to be cleaned up a bit. There’s a
lot of information that you don’t need. For instance, every request sent by my
browser has this code, which is superfluous to your needs:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O;
en-GB; rv:1.7.5) Gecko/20041110 Firefox/1.0
Accept:
text/xml,application/xml,application/xhtml+xml,text/html;q=0.9
,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-gb,en;q=0.5
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive

Search for this code and replace it with a single new line. Next, toward the end,
line 1862 in my working version is a whole collection of requests and responses
for image files. You’re not interested in these at all, so you can reduce them until
they look like so:

192.168.016.053.64150-216.239.057.106.00080: GET
/gmail/help/images/logo.gif 216.239.057.106.00080-
192.168.016.053.64150: HTTP/1.1 200 OK

This makes things much more readable. Now, between lines 394 and 1712 (more
or less, it may be slightly different in your log file) is the serving of the one enor-
mous JavaScript file. Strip the code out, and replace it with your own comment.

Finally, right at the beginning, are a few pages going backward and forward that
seem to be made of utter nonsense. These are encrypted. So, again, strip them out
and replace them with a comment.

You should now have around 500 lines of traffic between your browser and Gmail.
It’s time to step through it and see what is going on. To see the entire boot
sequence log, flip to Appendix A and look through Listing A-3.

Stepping Through the Gmail Boot Sequence


To be able to write an API, you need to know how the login works, so we shall start
there. In all of the following, my machine has the IP address 192.168.016.053.
Free download pdf