I am using wireshark currently to capture credssp authentication packets for a RDP protocol implementation. I see that wireshark has dissectors for credssp, but in my captures it will not break down the detail of the TSRequest items like PublicKey, NegoToken or authInfo. Can the current version do this? I have also been looking at the dissector code to determine if it can be modified to support this, but could use a pointer to some documentation discussing how the dissectors are structured. My test changes thus far are not compiling. I was looking at bringing in the SPNEGO asn1 definitions into the credssp dissector since the negotoken is already defined in spnego. In going this route would I just need to modify the credssp.cnf file? or would I also need to modify the credssp.asn to import the NegotiateToken from SPNEGO? asked 18 Sep '13, 09:28  nikel |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
