Le 28/11/2023 à 18:24, David FORT via FreeRDP-devel a écrit :
Hi guys,
so I managed to move forward and complete a logon with remote
credential guards with my PoC, no credentials provided just using the
existing ccache.
The good news is that you enterely skip NTLM in this game, if during
NLA you don't give NTLM supplementary credentials, then there's no
attempt to negotiate NTLM in the authentication redirection channel.
To achieve the logon, only implementing the initial negotiateVersion
command was enough, but if you run some programs in the session that
would involve some creds, then you get extra calls to the channel. So
my question is what is your exact use-case, so that I can estimate
which calls should be implemented ?
BTW you hadn't any feedback to my last email, do you still consider
RCG for your project or are you thinking about alternatives ?
Best regards.
Wrong recipient, sorry list.
--
David FORT
website: https://www.hardening-consulting.com/
_______________________________________________
FreeRDP-devel mailing list
FreeRDP-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freerdp-devel