First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

rdp decryption over ssl

I have a piece of software that sends keystrokes over RDP using SendKeys, but currently it isn't working and I want to know why. I have access to both client and server encryption keys, so the plan was to decrypt the session and see what is being sent, and why it fails, but when I go to configure the RSA keys list, I get the following message:

While 'rdp' is a valid dissector filter name, that dissector is not configured to support ssl decryption. If you need to decrypt 'rdp' over ssl, please contact the Wireshark development team.

What are my options here? Can this be achieved?

Thanks for any assistance.

Rockky's avatar
1
Rockky
asked 2018-11-23 04:18:40 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

You should specify tpkt instead of rdp as the underlying protocol. I guess some of the documentation out there is out of date. Please refer to Wireshark Wiki RDP Page for details.

Cy1337's avatar
1
Cy1337
answered 2019-08-23 18:38:43 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer