This is our old Q&A Site. Please post any new questions and answers at

Hey all,

I'm trying to decrypt Kerberos blobs (like padata, etc..) appears in Microsoft Kerberos tickets iv'e captured with wireshark.

I got keytab for the user account, and i tried to use it with various of cipher suites (rc4/aes256) with the correct client configuration as well.

For some reason wireshark doesn't decrypt any of the blobs. My env is : AD Domain 2012 R2, Windows 10 Client. (x64 both)

Can anyone shed some light on this ?


asked 07 Apr '16, 12:20

speidy's gravatar image

accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 07 Apr '16, 12:20

question was seen: 1,302 times

last updated: 07 Apr '16, 12:20

p​o​w​e​r​e​d by O​S​Q​A