diff options
| author | David Fort <contact@hardening-consulting.com> | 2023-11-23 15:10:48 +0100 |
|---|---|---|
| committer | David Fort <contact@hardening-consulting.com> | 2023-11-27 09:59:00 +0100 |
| commit | 653d79ef0939f5cf3b77e0fdd8b9b8898d70d4a3 (patch) | |
| tree | 84760f890139ef3db9167400dd5052a24ec857d1 /epan/dissectors/packet-rdp_drdynvc.c | |
| parent | ea259b8841eb74ba9dad0b9191c3332debd67fa6 (diff) | |
rdp: add preliminary RDPEAR channel support
Add the basic parsing for the redirected authentication channel also called
remote credential guard.
Diffstat (limited to 'epan/dissectors/packet-rdp_drdynvc.c')
| -rw-r--r-- | epan/dissectors/packet-rdp_drdynvc.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/epan/dissectors/packet-rdp_drdynvc.c b/epan/dissectors/packet-rdp_drdynvc.c index 1cdb288003..469dbe0c22 100644 --- a/epan/dissectors/packet-rdp_drdynvc.c +++ b/epan/dissectors/packet-rdp_drdynvc.c @@ -60,6 +60,7 @@ dissector_handle_t egfx_handle; dissector_handle_t rail_handle; dissector_handle_t cliprdr_handle; dissector_handle_t snd_handle; +dissector_handle_t ear_handle; #define PNAME "RDP Dynamic Channel Protocol" #define PSNAME "DRDYNVC" @@ -494,6 +495,9 @@ dissect_rdp_drdynvc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, case DRDYNVC_CHANNEL_AUDIOUT: call_dissector(snd_handle, tvb_new_subset_remaining(tvb, offset), pinfo, tree); break; + case DRDYNVC_CHANNEL_AUTH_REDIR: + call_dissector(ear_handle, tvb_new_subset_remaining(tvb, offset), pinfo, tree); + break; default: proto_tree_add_item(tree, hf_rdp_drdynvc_data, tvb, offset, -1, ENC_NA); break; @@ -608,6 +612,9 @@ dissect_rdp_drdynvc(tvbuff_t *tvb, packet_info *pinfo, proto_tree *parent_tree, case DRDYNVC_CHANNEL_AUDIOUT: call_dissector(snd_handle, targetTvb, pinfo, tree); break; + case DRDYNVC_CHANNEL_AUTH_REDIR: + call_dissector(ear_handle, targetTvb, pinfo, tree); + break; default: proto_tree_add_item(tree, hf_rdp_drdynvc_data, targetTvb, 0, -1, ENC_NA); break; @@ -848,6 +855,7 @@ void proto_reg_handoff_drdynvc(void) { rail_handle = find_dissector("rdp_rail"); cliprdr_handle = find_dissector("rdp_cliprdr"); snd_handle = find_dissector("rdp_snd"); + ear_handle = find_dissector("rdp_ear"); } /* |