On Wed, Oct 24, 2007 at 11:39:15AM -0500, DePriest, Jason R. wrote:
> Unfortunately, I can't seem to locate any good technical documentation
> on how RDP does what it does.
>
> I considered looking at the linux programs that use it (rdesktop) and
> trying to read their code, but I don't write code myself so it would
> be hit or miss.
>
> RDP is Microsoft's baby and I don't know where to look for in depth
> docs on it.
>
> Does anyone have a link or two to some helpful stuff that would help
> me break the code? Or will I just need to figure it the hard way?
There is little to no public documentation on Remote Desktop. I wanted
to implement RDP dissection in Wireshark a while back and gave up (I had
just finished off the VNC dissector which was a pain even with
documentation). Your best bet is to read the source code to rdesktop
(which is poorly documented if I remember correctly) and the articles
under the "Documentation" section of www.rdesktop.org. It is a shame
they did not document the protocol(s) in a nice fashion while writing
the code to rdesktop. I do not mean to discourage you or anyone from
trying to figure it out as it would be a great feature to have in
Wireshark. I would be willing to help if someone could figure out at
least enough to get started :)
Steve