No worries.
Good that it works for you now.
Since you have already mailed both the keytab and the capture file to
a public mailing list;
maybe you can add a small "decrypting kerberos" page to the wiki and
attach the keytab and capture file to that page so that others can
test the feature as well?
And some descruption on how to create a keytab file if you only know
the password?
That would be a GREAT addition to the wiki!
best regards
ronnie
On 8/17/05, Xiaoguang Liu <syslxg@xxxxxxxxx> wrote:
> yes....... now I see it too.
> that is to say, I already made it yesterday! But I failed to find out.
> maybe I did some something stupid. Execuse my bothering. Thank you for
> your time and effort.
>
>
>
> On 8/17/05, ronnie sahlberg <ronniesahlberg@xxxxxxxxx> wrote:
> > Hm,
> >
> >
> > It decrypts both des and rc4 just fine on my machine.
> >
> > See attached output for some of the packets.
> >
> >
> > You have enabled kerberos decryption in the preferences, right?
> > And specified the proper path to the keytab file?
> >
> >
> >
> > On 8/16/05, Xiaoguang Liu <syslxg@xxxxxxxxx> wrote:
> > > Hi all,
> > >
> > > When I know ethereal 0.10.12 can decrypt kerberos data, I was so
> > > excitting. But after testing and research 20+ hours, I failed to work
> > > this feature out. Now I am wondering what on earth did I do wrong.
> > >
> > > Below is my last test, after creating keytab and capture kerberos
> > > traffic, I still can not see the decrypted kerbers info. Every things
> > > looks the same as I did not specify a keytab file. ( I did enable the
> > > "try to decrypt kerberos blob" option)
> > > I also attach the keytab and cap trace file. Please help me check what
> > > would be the problem.
> > >
> > > It will also be highly appricated if anyone can send me a sample of
> > > keytab and cap file, so that I can have a look at this cool feature.
> > >
> > > OS: Fedora core 4
> > > Ethereal: ethereal-0.10.12.SVN.15374-1.fc4.i386.rpm from
> > > http://www.ethereal.com/distribution/buildbot-builds/rpm/
> > >
> > > KDC: windows 2003 (IP 10.5.3.1)
> > > realm: DENYDC.COM
> > > princ:
> > > 1. u5@xxxxxxxxxx
> > > dump NT hash by dumpwd3e.exe, then create keytab file by ktutil on FC4
> > > ktutil:addent -key -p u5@xxxxxxxxxx -k 3 -e arcfour-hmac-md5
> > > 2. des@xxxxxxxxxx (
> > > create keytab file ktpass.exe on windows 2003
> > >
> > > file attached:
> > > 816.key, contains keys for u5 and des
> > > 816.cap, des and u5 login for a Windows XP
> > > 816fc4.cap, des and u5 login from FC4 by "kinit -k -t 816.key
> > > u5@xxxxxxxxxx"
> > >
> > >
> >
> >
> > _______________________________________________
> > Ethereal-users mailing list
> > Ethereal-users@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-users
> >
> >
> >
> >
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>