kerberos decryption in wireshark enhancement
ronnie sahlberg
ronniesahlberg at gmail.com
Mon Oct 6 05:29:23 GMT 2008
Hi Michael,
Thanks.
I have also recently checked in initial support to decrypt CFX blobs
and it seems to work reasonably well.
I also tried your ktexport.exe recently but it would no longer produce
any keytabs:-(
Do you have a more uptodate version of ktexport.exe that works?
Maybe ktexport could be enhanced to export a keytab that also contain
some of the other popular enctypes (enctype 18?) in addition to
arcfour?
ronnie s
On Sat, Oct 4, 2008 at 3:34 AM, Michael B Allen <ioplex at gmail.com> wrote:
> On Fri, Oct 3, 2008 at 12:16 PM, ronnie sahlberg
> <ronniesahlberg at gmail.com> wrote:
>> List,
>>
>> Current SVN of Wireshark has been enhanced in the methods available to
>> specify the keytab file.
>>
>> In addition to specify one single file to read from the KRB5
>> preferences you can now also use -K <keytab> on the command line to
>> specify additional keytab file(s) to read/use.
>>
>> If you need to load multiple keytab files you can do this by
>> specifying -K multiple times on the command line.
>>
>>
>> This makes decryption of KRB and GSS much more convenient to use since
>> it avoids all the juggling back and forth between which file to
>> specify in the preferences.
>
> Nice work Ronnie. I've used Krb5 decryption feature many times and I'm
> glad to know about this change.
>
> Thanks,
> Mike
>
> --
> Michael B Allen
> PHP Active Directory SPNEGO SSO
> http://www.ioplex.com/
>
More information about the samba-technical
mailing list