Is there any way to decode base64 encoded files from within Investigator other than resorting to outside tools? I've tried opening the session in Wireshark, but base64 decoding seems to be broken under Windows. Any suggestions?
My solution thus far has been to:
- save files from the session from the Content window
- Open the file in an hex editor
- Select the appropriate bytes and run them through a base64 decoder (there's a function in notepad++ to do this, as well as various Web sites).
- Save the contents to a file and open with the appropriate application.
Anything shorter or simple?