.msg functionality

[azgaviperr]

Hello,

I love the tool but I need to run it using .msg extension instead of eml and it's seems like not possible currently.

Any plan on extending it to msg ?

[emalderson]

Hello, thanks for the interest in the tool. Unfortunately, since the inner workings of the tool are based on the EML file structure, adding the support to .msg files is not planned to be implemented in the near future. The modification would in fact require lots of work and tests. The .eml format has been chosen because it is the most widespread and encodes the email information in ASCII format, while the .msg format is binary and only used by Microsoft Outlook. It is not excluded that the feature will be added, but not in the near future.

Anyway, some tools do exist that allow you to convert an email from the .msg format to the .eml format, both open source and proprietary. I will also consider to integrate one of those tools in ThePhish to perform the conversion when I will have enough time to test them.

[azgaviperr]

I ma already trying to add this functionality with msg-parser, wondering if I could also try to use the tools already present in thehive.

What could be a good addition is the possibility to upload EML and use API. But I know I am going a bit foward of the actual tool.

Really like the project and work greatly with EML files.

Currently my workaround is to use Shuffle to grab the email and convert it to eml. then send back the email to the mailbox ^^ It's not so greenIT but it does work :)

[mclancy10006]

One observation is if you send .msg files as attachments to gmail/g-suite mailbox Google converts them to .eml files so the run in ThePhish just fine. There are some old projects that convert the .msg to /eml format as well which might be an option if you need to start with a .msg. See https://github.com/JoshData/convert-outlook-msg-file