This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hey all,

I'm trying to decrypt Kerberos blobs (like padata, etc..) appears in Microsoft Kerberos tickets iv'e captured with wireshark.

I got keytab for the user account, and i tried to use it with various of cipher suites (rc4/aes256) with the correct client configuration as well.

For some reason wireshark doesn't decrypt any of the blobs. My env is : AD Domain 2012 R2, Windows 10 Client. (x64 both)

Can anyone shed some light on this ?

Thx.

asked 07 Apr '16, 12:20

speidy's gravatar image

speidy
6112
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×62
×18
×11

question asked: 07 Apr '16, 12:20

question was seen: 1,175 times

last updated: 07 Apr '16, 12:20

p​o​w​e​r​e​d by O​S​Q​A