Wireshark Kerberos AES decryption issue
Jaideep Padhye
jdthebigj at yahoo.com
Mon Jun 14 09:07:42 MDT 2010
>I downloaded and built the metze's wireshark branch. Everything went fine as per the instructions. I used Samba 4 net vampire tool to fetch the server keys and make a keytab. I took a capture of the vampire session from Samba4 <-> >Win2k8 server and I had following observations:
>1] Wireshark was able to decrypt the AP-REQ/ AP-REP encrypted parts in the Bind/Bind-ack packets respectively.
>2] It was able to get the subkey for the session.
>3] The encrypted data in the Request/Response packets was NOT decrypted.
>
>My questions are as follows:
>1] Is this behavior expected. If so, then can someone explain me the reason?
>2] If this behavior is not expected, can someone help me in fixing the issue?
>
>Thanks,
>
>Jaideep
>
Can someone help me with this issue?
Thanks,
Jaideep
More information about the samba-technical
mailing list