I am trying to change the sent date on a Microsoft outlook email.
Here's what I've done so far:
* Exported outlook folder containing a single email to a .pst file
* Opened .pst file in hex editor and checked value at offset 10, which is 0x17, confirming file is a unicode pst file
* Checked bCryptMethod byte at offset 513, which is 0x01, meaning the file is encrypted using NDB_CRYPT_PERMUTE method.
* Decrypt file using method described here:
https://msdn.microsoft.com/en-us/library/office/ff386229(v=office.12).aspx
* Open decrypted file and found date stamp, which is in format:
TAMANS-MB111-121117164625Z-34782 (DDMMYYHHMMSS)
* Found corresponding (encrypted) bytes in original file and changed them to a new date
* Tried importing new file into outlook only to get an invalid block error due to CRC mismatch
"CRC mismatch (read 6EBE8399, computed 31408368)"
* Changed CRC to computed value for that block in hex editor
* Tried importing file again, only to get an error due to invalid header:
!!Header CRC mismatch (read=7611F2D3, computed=3772C705)
* Changed CRC value for header to computed value
* Imported file again, this time with no errors!
* However sent date on email remains the same
* So I take the edited file, and decrypt it again, just to check that the timestamp was changed correctly, and it was.
So the date must also be stored elsewhere in the .pst file, but I haven't been able to find it.
I used the above steps to change the content of the email, and it worked fine, without having to change the CRC value for the header.
So I thought I was onto something when changing the timestamp invalidated the CRC for the file header as well as the block,
however the date remained the same when I imported the email.
So my question is: Where else in the .pst file is the date stored?
BTW I am doing this for fun, not profit
references:
https://msdn.microsoft.com/en-us/library/office/gg615595(v=office.14).aspx
https://blogs.msdn.microsoft.com/openspecification/2012/02/08/ms-pst-how-to-decode-data-pages-using-permutative-decoding/
https://msdn.microsoft.com/en-us/library/office/ff386229(v=office.12).aspx
https://blogs.msdn.microsoft.com/openspecification/2010/11/30/ms-pst-how-to-navigate-the-node-btree/
3  6293  Luuk 1,047
Expert 1GB
In the docs:
2.6.1.3.1 Immutability
This file format specification treats the NDB as an immutable store. What this means is that, with the exception of the header and allocation metadata pages, the data in the NDB MUST NOT be modified in-place. Instead, a new copy of the data needs to be written at a new location, and then, when all references of the pre-existing data have been removed, the old data can be purged
it's in capitals, 'MUST NOT' ... ;)
Hi thanks for your response, does "MUST NOT" mean "CAN NOT" then?
I couldn't find any mention of a timestamp in that doc, but it must be stored there somewhere
Luuk 1,047
Expert 1GB
it's the part of the sentence after 'MUST NOT'.
one can do it, but :
- a new copy of the data needs to be written at a new location
- when all references of the pre-existing data have been removed
I , personally, only use Outlook to change a pst-file ;)
Sign in to post your reply or Sign up for a free account.
Similar topics
by: pythos |
last post by:
How do you change a file's last-modified date and timestamp in Python?
|
by: MyOracle |
last post by:
Hi everybody,
I just curious about change date(0000-00-00) to date (00-00-0000) in
mysql.Can anyone tell me about that.
Thanks.
izmanhaidi.
|
by: hpy_awad |
last post by:
I am writing stings ((*cust).name),((*cust).address)to a file using
fgets but rabish is being wrote to that file ? Look to my source
please and help me finding the reason why this rabish is being...
|
by: wil |
last post by:
Dear All,
In the linux platform, is there anyway I can in a C program change the
file create date?
Thanks,
wil.
|
by: Amintas Lopes Neto |
last post by:
Hi everybody,
I am unsuccessfully trying to open an RFT file using
ASP .NET 2003.
The data stored in the database is like this:
{\rtf1\ansi\deff0\deftab720{\fonttbl{\f0\fswiss MS Sans...
|
by: Tom C. |
last post by:
Does anyone know how to add the File System Editor to a Visual Studio 2003
installation?
Thanks!
|
by: terrychangsharp |
last post by:
I think this must be easy but, alas, I can't find it!
Is there any function I can use to change a file's date/time?
|
by: nataria |
last post by:
Hi,
I have a problem in transforming date format.
Originally I transform an access database data into XML then transform the XML doc into another XML with different strucutre.
The original...
|
by: Bface |
last post by:
Hi all,
Hope everyone had a good holiday. I am having a difficult time changing the date format of a field from Excel. I have never had this problem before. I link the excel spreadsheet to my DB,...
|
by: kako0000000 |
last post by:
Hello Dear this is my first Topic i know not how this.
i change .dll file not change ( Resource Editor ) how can i this
Thanks
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| |
