Hi, Matthieu,
Ahh, you used the 32bit version. I used 64bit version. It is surprising
to find that the option for "Try to decrypt Kerberos blobs" only shows up in
32 bite version. I never expect that there is such a difference. Anyway, I
can decrypt it now. Thanks!
Hongwei
Hello Hongwei,
I made a screencast on a windows machine explaining how to decrypt FRS
traffic, I'm sure that following the instruction in this demo you'll
succeed.
Here is the file:
http://athena.matws.net/mat/pres/frs.avi
Regards.
Matthieu.
On 21/10/2011 23:20, Hongwei Sun wrote:
Matthie
Matthieu,
Do you get a chance to capture the screen shot with the FRS1 packets
displayed ?It will be ideal if I can decrypt myself, but I cannot get a
version of wireshark to allow me to do that. So the screen shot at least show
me all the packet sequences so I have something to work wi
Hi hongwei I'm planning to work on it tomorrow,
the best though would be to catch me tomorrow so that I can show you in
a live demo.
Matthieu
On 20/10/2011 00:59, Hongwei Sun wrote:
Matthieu,
Do you have a chance to send the information I request below? I have a
trouble to see the seque
Matthieu,
Do you have a chance to send the information I request below? I have a
trouble to see the sequence of the packets without decrypting it. If you
don't have time to work on it, I can archive it and we can work on it whenever
you get time.
Thanks!
Hongwei
-Original Message
Matthieu,
Can you send me the screenshot you mentioned in your e-mail ? Even I
cannot make the decryption work with the correct version, looking at the screen
may help me know the scenario.
Thanks!
HOngwei
-Original Message-
From: Hongwei Sun
Sent: Tuesday, October 11, 2011 5:
Matthieu,
I downloaded the wireshark 1.6.2 ,which is the latest version I can
download. But I still don't see the option for me to provide the file name for
keytab file in krb5 screen. What is the minimum version of Wireshark for me
to use with your keytab file for decryption ?I am r
