FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
BSD 3-Clause "New" or "Revised" License
641
stars
92
forks
source link
fix the encryptionMethods #1
Closed
0x4D31 closed 5 years ago
Possible values for encryptionMethods are 0x00000001, 0x00000002, 0x00000008 and 0x00000010. FATT doesn't extract the right values. https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/6b58e11e-a32b-4903-b736-339f3cfe46ec