Wireshark · Wireshark-users: [Wireshark-users] Kerberos

Wireshark-users: [Wireshark-users] Kerberos

From: "j.snelders" <j.snelders@xxxxxxxxxx>

Date: Tue, 22 Dec 2009 12:34:33 +0100

Since the release of Wireshark 1.0.9 Kerberos traffic is not decrypted anymore.
The problem still exists in the latest version: 1.2.5.

Wireshark 1.2.5 contains the following dll's:
k5sprt32.dll
32KB
Date Modified: 10-06-2009
file version: 
- 1.6.3.16
- 1.6-kfw-3.2.2

krb5_32.dll
704KB
Date Modified: 10-06-2009
file version: 
- 1.6.3.16
- 1.6-kfw-3.2.2


The problem is solved, when you replace the dll's.
Download SB_Win_DLL_Pack.zip:
http://www.scriptbasic.org/download/SB_Win_DLL_Pack.zip
Copy k5sprt32.dll and krb5_32.dll to C:\Program Files\Wireshark
Open the capture file by double-clicking and the kerberos traffic is decrypted.

SB_Win_DLL_Pack.zip contains the following dll's:
(compare the file size to the "Wireshark" dll's)
k5sprt32.dll
20KB
Date Modified: 28-06-2009
file version: 
- 1.6.3.16
- 1.6-kfw-3.2.2

krb5_32.dll
620KB
Date Modified: 28-06-2009
file version: 
- 1.6.3.16
- 1.6-kfw-3.2.2

Is this problem related to bug 3521?

Another curious thing:
De packets stay ENcrypted, when you first start Wireshark and then select
File -> Open.

Thanks
Joan

Follow-Ups:
- Re: [Wireshark-users] Kerberos
  - From: Gerald Combs

Prev by Date: [Wireshark-users] sniffer newbie: network latency : output questions
Next by Date: Re: [Wireshark-users] Cannot capture on Xircom PCMCIA NIC
Previous by thread: [Wireshark-users] sniffer newbie: network latency : output questions
Next by thread: Re: [Wireshark-users] Kerberos
Index(es):
- Date
- Thread