The innerContext is Kerberos, so I'd like to see the
Mechanism and innerContextToken, so I can then decode the
innerContextToken as Krb5 and see the ticket, etc.
I can see the TGS-REP coming back to the client before it started GSS
with the server. I have the server's keytab file. Shouldn't I be
able to decrypt the enc-part of the service ticket in the TGS-REP? I
don't see where in the GUI to cause that to be decoded (I did specify
the keytab file in the protocol settings for the kerberos protocol).
Ultimately, my goal is to see the Microsoft authorization PAC, which
I'm trying to use in my code to perform authorization.
Thanks!
Brian Atkins
Guy Harris wrote:
Brian Atkins wrote:
I'm trying to decode the GSS-API conversation between a client and
server. I can see the traffic on the designated port, but when I select
"Decode As", the GSS-API protocol doesn't appear.
It's not a "protocol" *per se*. It's not something that usually (if
ever) occurs by itself, rather than encapsulated in some protocol such
as ONC RPC, DCE RPC, HTTP, DNS, LDAP, SMB, etc.. The encapsulations
differ enough that there's no "generic" GSS-API dissector used by all of
them - the dissectors for those protocols independently incorporate
knowledge of how to call GSS-API dissector functions.
What protocol is using GSS-API in your case?
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.19.2/1223 - Release Date: 1/13/2008 8:23 PM
--
Brian Atkins
Solutions Architect
Indicative Software, Inc.
From Visibility to Vision
www.indicative.com
Mobile: +1 919.757.7054
|