cyberdefenders / email-header-analyzer

E-Mail Header Analyzer
https://mailheaderanalyzer.herokuapp.com/
Other
654 stars 165 forks source link

IndexError: list index out of range #1

Closed acd62081 closed 7 years ago

acd62081 commented 7 years ago

Hi, I thought this project looked interesting and was trying to play around and see what it would look like but I keep getting an out of range error on line 80. However, line 122 c -= 1 produces a duplicate value when subtracting and then nothing below that line will print out.

My setup is: OS: Ubuntu 16.04 python version: 2.7.11 browser: Firefox and Chrome

Troubleshooting steps:

Added print line after line 80: print "Next_Time:" print next_line Output was expected: Next_Time: 1496848502 Next_Time: 1496848501 Next_Time: 1496849717

Omitted rest of output

However, when I added a print line for c value from line 122 the last line is duplicate number: print 'C Value:' print c Output of C Value: C Value: 13 C Value: 12 C Value: 11 C Value: 10 C Value: 9 C Value: 8 C Value: 7 C Value: 6 C Value: 5 C Value: 4 C Value: 3 C Value: 3

The complete traceback: Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1997, in call return self.wsgi_app(environ, start_response)

File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1985, in wsgi_app response = self.handle_exception(e)

File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1540, in handle_exception reraise(exc_type, exc_value, tb)

File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1982, in wsgi_app response = self.full_dispatch_request()

File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1614, in full_dispatch_request rv = self.handle_user_exception(e)

File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1517, in handle_user_exception reraise(exc_type, exc_value, tb)

File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1612, in full_dispatch_request rv = self.dispatch_request()

File "/usr/local/lib/python2.7/dist-packages/Flask-0.12.2-py2.7.egg/flask/app.py", line 1598, in dispatch_request return self.view_functionsrule.endpoint

File "/home/mal/MHA/server.py", line 80, in index email.utils.parsedate_tz(next_line[1])) IndexError: list index out of range

lnxg33k commented 7 years ago

@acd62081 Can you please paste the full raw headers ?

acd62081 commented 7 years ago

This is from a phishing email that I found online somewhere a few months ago and it happened to be the batch of emails that I grabbed from my collection when I started playing with your tool. I did find out that normal gmail and yahoo headers were parsed correctly.

After you asked for the headers I started playing around with the headers that I was using. I found that it works if I cut off part of the headers, so I narrowed it down to the offending line in the headers. The issue happens at line 53 of the headers posted below. If I remove line 53 it works.

Offending Line: Received: Wed, 7 Jun 2017 11:35:20 -0400

Full Headers: Received: from LOCALHOST-2.localtest.com (10.10.0.211) by LOCALHOST.localtest.com (10.10.0.201) with GENERIC SMTP Server (TLS) id 14.3.319.2; Wed, 7 Jun 2017 11:35:19 -0400 Received: from 127.0.0.1 (YESVIP [127.0.0.1]) by Outbound.localtest.com (Proprietary) with SMTP id C51B317EE6A for testuser@localtestemail.com; Wed, 7 Jun 2017 11:15:02 -0400 (EDT) Received: from postoffice.bbbb.com (postoffice.bbbb.com [100.100.214.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by localhost-3.localtest.com (Proprietary) with ESMTPS id E3718170FA7 for testuser@localtestemail.com; Wed, 7 Jun 2017 11:15:01 -0400 (EDT) Received: from gia4.bbbb.com (gia4.bbbb.com [100.100.214.18]) by postoffice.bbbb.com (Postfix) with ESMTP id 3wGCgT2lFnz18VRQr for testuser@localtestemail.com; Wed, 7 Jun 2017 15:35:17 +0000 (UTC) x-testconfig-received: from emtest1.bbbb.com [100.100.214.14] by gia81.bbbb.com via bbad (C8.MAIN.4.10L) with ESMTP id 868VFgPIu9792Ms8; Wed, 07 Jun 2017 15:34:20 -0000 X-testconfig-TAP-Score: 0 X-testconfig-Received: from eia.bbbb.com [100.100.214.18] by gia4.bbbb.com via xd (F8.test.4.10L) with ESMTP id 768VFgPIu9792Ms8; Wed, 07 Jun 2017 15:34:20 -0000 Received: from oogw0817.ocn.ad.jp [153.149.142.18] by eia.bbbb.com via sbbad (C8.MAIN.4.11U) with ESMTP id XID616VFgPIu1501Xd1; Wed, 07 Jun 2017 15:34:20 -0000 x-testconfig-source: 153.149.142.18 IN bkk-correspondent@fng-net.co.jp oogw0817.ocn.ad.jp CLR x-testconfig-msgid: XID616VFgPIu1501Xd1 Received: from of-smf-ucb004.ocn.ad.jp (of-smf-ucb004.ocn.ad.jp [153.149.143.5]) by oogw0817.ocn.ad.jp (Postfix) with ESMTP id BA05E30071C for testuser@localtestemail.com; Thu, 8 Jun 2017 00:34:19 +0900 (JST) Received: from of-smf-ucb004.ocn.ad.jp (of-smf-ucb004 [153.149.143.5]) by of-smf-ucb004.ocn.ad.jp (Postfix) with ESMTP id AB7DE2C022E for testuser@localtestemail.com; Thu, 8 Jun 2017 00:34:19 +0900 (JST) Received: from oa-ark-ucb031.ocn.ad.jp (oa-ark-ucb031.ocn.ad.jp [153.149.246.200]) by of-smf-ucb004.ocn.ad.jp (Switch-3.3.4/Switch-3.3.4) with ESMTP id v57FYJD2019562 for testuser@localtestemail.com; Thu, 8 Jun 2017 00:34:19 +0900 Received: from oa-archive03.ocn.ad.jp (oa-arf-ucb031.ocn.ad.jp [153.149.246.197]) by oa-ark-ucb031.ocn.ad.jp (Postfix) with ESMTP id 579833801D8 for testuser@localtestemail.com; Thu, 8 Jun 2017 00:34:19 +0900 (JST) Received: from 153.149.236.73 (153.149.236.73) by m-FILTER with ESMTP; Thu, 8 Jun 2017 00:26:02 +0900 Received: from fng-net.co.jp (mail.fng-net.co.jp [125.6.137.220]) by sgs-vcgw110.ocn.ad.jp (Postfix) with ESMTP id ECD2582027E for testuser@localtestemail.com; Wed, 7 Jun 2017 22:05:23 +0900 (JST) Received: (qmail 12251 invoked from network); 7 Jun 2017 22:05:23 +0900 Received: from 85.232.164.222.starhub.net.sg (HELO hp) (222.164.232.85) by mail.fng-net.co.jp with (DHE-RSA-AES256-SHA encrypted) SMTP; 7 Jun 2017 22:05:23 +0900 Return-Path: bkk-correspondent@fng-net.co.jp x-ms-exchange-organization-authsource: localhost.localtest.com Received: Wed, 7 Jun 2017 11:35:20 -0400 X-Priority: 3 X-MSMail-Priority: Normal Thread-Index: AQHS36Or5sDR1W92hUGavpGxSXarYQ== Message-ID: 20170610130523.ECD2572037E@sgs-vcgw110.ocn.ad.jp From: "Jack M Walling" bkk-correspondent@fng-net.co.jp To: "Test User" testuser@localtestemail.com Subject: Jack M Walling Date: Wed, 7 Jun 2017 09:05:17 -0400 MIME-Version: 1.0 Content-type: Multipart/mixed; charset=utf-8; boundary="00B0FEED_message_boundary" Content-Description: Multipart message

lnxg33k commented 7 years ago

That should be resolved with that last update. Feel free to reopen the issue incase it didn't work for you. Thanks.