Ethereal-dev: [Ethereal-dev] Some thoughts about passwords and decryption with Ethereal
Hi,
Devin and I have had a discussion today about the use of passwords from
the preferences dialog boxes for two protocols.
Now that he has supplied code that can be given a password and can decode
the Sign&Seal in NTLMSSP, and it can also decrypt the new password in a
SAMR change password request, two things came to me:
1. Currently, you have to enter the same password into two dialog boxes.
One for NTLMSSP and one for SAMR. They are the same password.
2. There will be other protocols relating to Windows where it would be
good to have that ability. With the non-sign&seal case, and some of the
earlier RAP-based password changing protocols it would be useful to decode
those as well.
It seems to me that it might be possible to endow the SMB protocol with
the password and have other protocols layered on top of it ask for those
passwords.
Secondly, at the moment, only the one password can be specified, but there
might be many conversations in a capture, so we need to give some thought
to how to obtain a password on a per-conversation basis?
Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com