Ask Your Question

rdp decryption over ssl

asked 2018-11-23 04:18:40 +0000

Rockky gravatar image

I have a piece of software that sends keystrokes over RDP using SendKeys, but currently it isn't working and I want to know why. I have access to both client and server encryption keys, so the plan was to decrypt the session and see what is being sent, and why it fails, but when I go to configure the RSA keys list, I get the following message:

While 'rdp' is a valid dissector filter name, that dissector is not configured to support ssl decryption. If you need to decrypt 'rdp' over ssl, please contact the Wireshark development team.

What are my options here? Can this be achieved?

Thanks for any assistance.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2019-08-23 18:38:43 +0000

Cy1337 gravatar image

You should specify tpkt instead of rdp as the underlying protocol. I guess some of the documentation out there is out of date. Please refer to Wireshark Wiki RDP Page for details.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2018-11-23 04:18:40 +0000

Seen: 1,268 times

Last updated: Aug 23 '19