Haber si alguien me puede decir que entiende aqui...
Salu2
===========================================
=== Cain's RDP sniffer generated file ===
===========================================
[RDP connection]
--------------
Server address: 192.168.157.120
Client address: 192.168.156.18
--------------
- RDP server version: 4
- RC4 Key size: 2 (128-bit)
- Encryption level: 2 (medium)
- Server_random length: 32 bytes
[Server_random]
0000 8a a8 96 09 5a 80 2f 70 9a 5b d4 f0 98 5f 8a 82 ....Z./p.[..._..
0010 ce 2a 32 0a e6 44 40 4e f9 7a 0e 87 a1 53 a0 c2 .*
2..D@N.z...S..
- Flags: 0x1 (RDP4-style encryption)
- Found server RSA public key
- Server RSA key magic: 0x31415352 (RSA1)
- Server RSA modulus length + padding: 72 bytes
[Server RSA public key exponent (network byte order)]
0000 01 00 01 00 ....
[Server RSA public key modulus (network byte order)]
0000 cb 78 70 87 f9 39 4e a1 e8 ad 4b 66 2e ed a1 35 .xp..9N...Kf...5
0010 c7 60 d6 dd 5b 05 78 e8 15 cc 86 36 c9 13 2b 62 .`..[.x....6..+b
0020 50 7b fb 08 eb f3 ad cd 92 58 3f 13 03 86 c9 ea P{.......X?.....
0030 3f ef d0 7e f5 b9 d6 e2 83 c8 a2 58 62 bd 5b bb ?..~.......Xb.[.
- Generating man in the middle (mitm) RSA key pair...
- Replacing RSA server public key modulus in network packet...
[Mitm public key modulus (network byte order)]
0000 f9 b5 5a 98 74 37 3d f6 ad 76 e6 09 48 27 0c ee ..Z.t7=..v..H'..
0010 71 fb 74 c4 f1 18 cc 48 e3 0e 24 28 f5 62 b4 8d q.t....H..$(.b..
0020 1c 2c 32 df 19 5a 19 37 3b e3 2d 08 32 3e aa 5d .,2..Z.7;.-.2>.]
0030 8c e7 06 99 a4 ba c6 6f 80 b6 04 3b e9 74 0b dd .......o...;.t..
- Calculating packet checksums...
- Found RSA key signature
[Server RSA key signature (network byte order)]
0000 83 6c d8 8a bb fb 6f 46 41 46 6c 8d 81 b1 72 6b .l....oFAFl...rk
0010 3c 8a e9 d7 28 91 a1 c1 c9 13 56 9c 65 3c 85 87 <...(.....V.e<..
0020 b4 4e 37 50 a5 76 d1 11 16 d4 60 b7 cf b6 88 17 .N7P.v....`.....
0030 88 51 24 87 14 ff d9 ac 39 d1 92 de 75 a5 a2 5f .Q$.....9...u.._
0040 00 00 00 00 00 00 00 00 ........
- Calculating MD5 hash of mitm public key...
[MD5 hash of mitm public key]
0000 e4 29 46 a3 1a 1b 06 a4 43 0f ff e8 6e 49 8f 5d .)F.....C...nI.]
- Calculating signature of mitm public key digest...
- Replacing RSA server public key signature in network packet...
[Mitm RSA key signature (network byte order)]
0000 a1 2f b4 76 1c dd 9b dd b6 3e d8 25 44 a4 56 09 ./.v.....>.%D.V.
0010 ee 90 81 d9 b3 e2 d1 95 e8 7b 33 da 13 7a a2 a5 .........{3..z..
0020 6b 83 f1 f5 88 95 70 cf 96 a5 e7 f9 51 8c c8 0f k.....p.....Q...
0030 0d d4 bb 7e ac b0 12 a1 0d b2 6d 53 08 93 d9 4f ...~......mS...O
- Calculating packet checksums...
- Encrypted client_random length + padding: 72 bytes
[Encrypted client_random (network byte order)]
0000 77 46 75 cb 95 d2 17 ec 51 19 1e f6 70 ea 57 38 wFu.....Q...p.W8
0010 e3 a7 ec d2 7c e3 32 06 9d 65 83 21 12 fb b2 7d ....|.2..e.!...}
0020 1b 55 50 c5 1a 1e 41 53 39 23 b6 20 40 78 13 4a .UP...AS9#. @x.J
0030 c5 c9 43 a5 6d b2 ed 5c 1f fd c9 58 10 06 47 3b ..C.m..\...X..G;
- Decrypting client_random using mitm private key...
[Decrypted client_random]
0000 9b 3e a8 23 2d ad 13 2d 91 a5 9e e1 e5 20 dd e8 .>.#-..-..... ..
0010 da dd e9 da e8 d6 2f 24 ea 3d f5 82 3a 53 79 37 ....../$.=..:Sy7
- Preparing mitm client_random using server public key...
- Replacing client_random in network packet to the server...
[Mitm encrypted client_random (network byte order)]
0000 99 c9 8c 5a 4d e5 df 52 3e 06 b0 cb 72 92 e8 75 ...ZM..R>...r..u
0010 b7 88 6a 75 bd 7a 52 f0 aa 6f 19 31 e1 21 dd c9 ..ju.zR..o.1.!..
0020 8a c1 ee 47 ba 2f 66 46 66 cd 53 d1 ed 18 47 f3 ...G./fFf.S...G.
0030 a1 51 e9 2c 46 d9 fd 0a df 79 10 c3 e7 78 9d 90 .Q.,F....y...x..
- Calculating packet checksums...
- Generating RC4 encryption/decryption keys...
- RC4 key entropy: 128-bit
***************************************
- Symmetric encryption phase reached...
***************************************
[Client decrypted packet] - 369 bytes total; 342 bytes decrypted
0000 03 00 01 71 02 f0 80 64 00 06 03 eb 70 81 62 48 ...q...d....p.bH
0010 00 00 00 c6 f7 1b 9e 89 6a 32 69 09 04 09 04 b3 ........j2i.....
0020 43 00 00 16 00 0a 00 00 00 00 00 00 00 4d 00 41 C............M.A
0030 00 49 00 4c 00 2d 00 53 00 45 00 52 00 56 00 45 .I.L.-.S.E.R.V.E
0040 00 52 00 00 00 6d 00 61 00 79 00 74 00 65 00 00 .R...m.a.y.t.e..
0050 00 00 00 00 00 00 00 02 00 1e 00 31 00 39 00 32 ...........1.9.2
0060 00 2e 00 31 00 36 00 38 00 2e 00 31 00 35 00 36 ...1.6.8...1.5.6
0070 00 2e 00 31 00 38 00 00 00 40 00 43 00 3a 00 5c ...1.8...@.C.:.\
0080 00 57 00 49 00 4e 00 44 00 4f 00 57 00 53 00 5c .W.I.N.D.O.W.S.\
0090 00 73 00 79 00 73 00 74 00 65 00 6d 00 33 00 32 .s.y.s.t.e.m.3.2
00a0 00 5c 00 6d 00 73 00 74 00 73 00 63 00 61 00 78 .\.m.s.t.s.c.a.x
00b0 00 2e 00 64 00 6c 00 6c 00 00 00 2c 01 00 00 48 ...d.l.l...,...H
00c0 00 6f 00 72 00 61 00 20 00 65 00 73 00 74 00 2e .o.r.a. .e.s.t..
00d0 00 20 00 4f 00 72 00 2e 00 20 00 28 00 45 00 45 . .O.r... .(.E.E
00e0 00 2e 00 55 00 55 00 2e 00 20 00 79 00 20 00 43 ...U.U... .y. .C
00f0 00 61 00 6e 00 61 00 64 00 e1 00 29 00 00 00 00 .a.n.a.d...)....
0100 00 0a 00 00 00 05 00 02 00 00 00 00 00 00 00 00 ................
0110 00 00 00 48 00 6f 00 72 00 61 00 20 00 65 00 73 ...H.o.r.a. .e.s
0120 00 74 00 2e 00 20 00 4f 00 72 00 2e 00 20 00 28 .t... .O.r... .(
0130 00 45 00 45 00 2e 00 55 00 55 00 2e 00 20 00 79 .E.E...U.U... .y
0140 00 20 00 43 00 61 00 6e 00 61 00 64 00 e1 00 29 . .C.a.n.a.d...)
0150 00 00 00 00 00 0a 00 00 00 05 00 02 00 00 00 00 ................
0160 00 00 00 00 00 00 00 00 00 00 00 07 00 00 00 00 ................
0170 00 .
[Server decrypted packet] - 161 bytes total; 134 bytes decrypted
0000 03 00 00 a1 02 f0 80 68 00 01 03 eb 70 80 92 88 .......h....p...
0010 02 02 03 c2 14 08 bf fb 55 f2 1e 01 03 86 00 38 ........U......8
0020 c4 d7 11 0f a0 4e 48 b5 80 fc 2c e6 eb c1 11 e3 .....NH...,.....
0030 8b 67 21 58 65 db 40 d0 07 a7 eb d9 ad d8 ed 02 .g!Xe.@.........
0040 00 05 00 2c 00 00 00 4d 00 69 00 63 00 72 00 6f ...,...M.i.c.r.o
0050 00 73 00 6f 00 66 00 74 00 20 00 43 00 6f 00 72 .s.o.f.t. .C.o.r
0060 00 70 00 6f 00 72 00 61 00 74 00 69 00 6f 00 6e .p.o.r.a.t.i.o.n
0070 00 00 00 08 00 00 00 41 00 30 00 32 00 00 00 0d .......A.0.2....
0080 00 04 00 01 00 00 00 48 f5 00 00 01 00 00 00 0e .......H........
0090 00 0e 00 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d ...microsoft.com
00a0 00 .
[Client decrypted packet] - 1451 bytes total; 1424 bytes decrypted
0000 03 00 05 ab 02 f0 80 64 00 06 03 eb 70 85 9c 88 .......d....p...
0010 00 00 00 08 20 d7 20 54 3a 2b 66 12 83 90 05 01 .... . T:+f.....
0020 00 00 00 01 00 01 03 ab 24 50 79 c3 36 6b 95 b0 ........$Py.6k..
0030 52 d9 20 1e ee 40 97 b5 b4 d7 48 c1 c6 d2 93 a2 R. ..@....H.....
0040 9c c9 19 3f 11 58 1e 00 00 48 00 7f e7 b6 d8 55 ...?.X...H.....U
0050 47 cb 4a 72 cb 02 8d e4 8c 9e 50 5a 3d 1e a3 ab G.Jr......PZ=...
0060 bd 9c 3d 64 d8 70 b4 53 f1 51 db 7e 49 11 18 ee ..=d.p.S.Q.~I...
0070 bd 71 00 61 84 44 5a 48 39 a7 66 71 6d dd aa ad .q.a.DZH9.fqm...
0080 87 ef 4e ce 3b c7 b9 d7 8b 08 cc 00 00 00 00 00 ..N.;...........
0090 00 00 00 01 00 ec 04 30 82 04 e8 06 09 2a 86 48 .......0.....*.H
00a0 86 f7 0d 01 07 02 a0 82 04 d9 30 82 04 d5 02 01 ..........0.....
00b0 01 31 00 30 0b 06 09 2a 86 48 86 f7 0d 01 07 01 .1.0...*.H......
00c0 a0 82 04 bd 30 82 01 9b 30 82 01 49 a0 03 02 01 ....0...0..I....
00d0 02 02 08 01 9e 9a 51 76 79 48 a0 30 09 06 05 2b ......QvyH.0...+
00e0 0e 03 02 1d 05 00 30 4c 31 4a 30 19 06 03 55 04 ......0L1J0...U.
00f0 03 1e 12 00 42 00 4d 00 2d 00 4f 00 4e 00 4c 00 ....B.M.-.O.N.L.
0100 49 00 4e 00 45 30 2d 06 03 55 04 07 1e 26 00 53 I.N.E0-..U...&.S
0110 00 69 00 74 00 65 00 20 00 4c 00 69 00 63 00 65 .i.t.e. .L.i.c.e
0120 00 6e 00 73 00 65 00 20 00 53 00 65 00 72 00 76 .n.s.e. .S.e.r.v
0130 00 65 00 72 30 1e 17 0d 37 30 31 30 32 33 31 39 .e.r0...70102319
0140 32 35 30 32 5a 17 0d 34 39 31 30 32 33 31 39 32 2502Z..491023192
0150 35 30 32 5a 30 4c 31 4a 30 19 06 03 55 04 03 1e 502Z0L1J0...U...
0160 12 00 42 00 4d 00 2d 00 4f 00 4e 00 4c 00 49 00 ..B.M.-.O.N.L.I.
0170 4e 00 45 30 2d 06 03 55 04 07 1e 26 00 53 00 69 N.E0-..U...&.S.i
0180 00 74 00 65 00 20 00 4c 00 69 00 63 00 65 00 6e .t.e. .L.i.c.e.n
0190 00 73 00 65 00 20 00 53 00 65 00 72 00 76 00 65 .s.e. .S.e.r.v.e
01a0 00 72 30 5c 30 0d 06 09 2a 86 48 86 f7 0d 01 01 .r0\0...*.H.....
01b0 01 05 00 03 4b 00 30 48 02 41 00 a7 55 e3 f0 c0 ....K.0H.A..U...
01c0 e3 c3 6f 8f ac 05 d7 19 61 6f b4 cf d1 bb 05 27 ..o.....ao.....'
01d0 78 08 ef f0 38 62 9e 89 ef c4 5b 02 16 c8 b6 44 x...8b....[....D
01e0 ed fe 78 c8 a5 ee 2f 07 4c 5a 22 df ec 91 19 b5 ..x.../.LZ".....
01f0 fa 45 78 5d 45 e1 61 fc 5d 64 2d 02 03 01 00 01 .Ex]E.a.]d-.....
0200 a3 13 30 11 30 0f 06 03 55 1d 13 04 08 30 06 01 ..0.0...U....0..
0210 01 ff 02 01 00 30 09 06 05 2b 0e 03 02 1d 05 00 .....0...+......
0220 03 41 00 33 fc 49 b4 4e 24 75 8f 62 f3 f5 75 6b .A.3.I.N$u.b..uk
0230 a0 73 d8 22 94 68 4f 42 d2 3e 75 44 a2 26 5f 26 .s.".hOB.>uD.&_&
0240 67 c9 0d d0 e2 14 f3 87 78 45 ec a2 de 20 77 a7 g.......xE... w.
0250 59 c8 55 9f c6 a2 3f 59 25 38 64 4e a2 6a d0 b9 Y.U...?Y%8dN.j..
0260 4a 0f 8a 30 82 03 1a 30 82 02 c8 a0 03 02 01 02 J..0...0........
0270 02 05 03 00 00 00 fb 30 09 06 05 2b 0e 03 02 1d .......0...+....
0280 05 00 30 4c 31 4a 30 19 06 03 55 04 03 1e 12 00 ..0L1J0...U.....
0290 42 00 4d 00 2d 00 4f 00 4e 00 4c 00 49 00 4e 00 B.M.-.O.N.L.I.N.
02a0 45 30 2d 06 03 55 04 07 1e 26 00 53 00 69 00 74 E0-..U...&.S.i.t
02b0 00 65 00 20 00 4c 00 69 00 63 00 65 00 6e 00 73 .e. .L.i.c.e.n.s
02c0 00 65 00 20 00 53 00 65 00 72 00 76 00 65 00 72 .e. .S.e.r.v.e.r
02d0 30 1e 17 0d 30 38 30 33 31 33 31 37 32 37 34 35 0...080313172745
02e0 5a 17 0d 30 38 30 36 31 31 31 37 32 37 34 35 5a Z..080611172745Z
02f0 30 77 31 75 30 11 06 03 55 04 07 1e 0a 00 6d 00 0w1u0...U.....m.
0300 61 00 79 00 74 00 65 30 1b 06 03 55 04 03 1e 14 a.y.t.e0...U....
0310 00 41 00 44 00 4d 00 49 00 4e 00 56 00 45 00 4e .A.D.M.I.N.V.E.N
0320 00 55 00 53 30 43 06 03 55 04 05 1e 3c 00 31 00 .U.S0C..U...<.1.
0330 42 00 63 00 4b 00 65 00 56 00 57 00 63 00 4c 00 B.c.K.e.V.W.c.L.
0340 75 00 52 00 42 00 46 00 42 00 56 00 71 00 4b 00 u.R.B.F.B.V.q.K.
0350 38 00 39 00 6a 00 65 00 54 00 31 00 6f 00 47 00 8.9.j.e.T.1.o.G.
0360 58 00 34 00 3d 00 0d 00 0a 30 5c 30 0d 06 09 2a X.4.=....0\0...*
0370 86 48 86 f7 0d 01 01 01 05 00 03 4b 00 30 48 02 .H.........K.0H.
0380 41 00 a7 55 e3 f0 c0 e3 c3 6f 8f ac 05 d7 19 61 A..U.....o.....a
0390 6f b4 cf d1 bb 05 27 78 08 ef f0 38 62 9e 89 ef o.....'x...8b...
03a0 c4 5b 02 16 c8 b6 44 ed fe 78 c8 a5 ee 2f 07 4c .[....D..x.../.L
03b0 5a 22 df ec 91 19 b5 fa 45 78 5d 45 e1 61 fc 5d Z"......Ex]E.a.]
03c0 64 2d 02 03 01 00 01 a3 82 01 68 30 82 01 64 30 d-........h0..d0
03d0 14 06 09 2b 06 01 04 01 82 37 12 04 01 01 ff 04 ...+.....7......
03e0 04 01 00 05 00 30 3c 06 09 2b 06 01 04 01 82 37 .....0<..+.....7
03f0 12 02 01 01 ff 04 2c 4d 00 69 00 63 00 72 00 6f ......,M.i.c.r.o
0400 00 73 00 6f 00 66 00 74 00 20 00 43 00 6f 00 72 .s.o.f.t. .C.o.r
0410 00 70 00 6f 00 72 00 61 00 74 00 69 00 6f 00 6e .p.o.r.a.t.i.o.n
0420 00 00 00 30 56 06 09 2b 06 01 04 01 82 37 12 05 ...0V..+.....7..
0430 01 01 ff 04 46 00 30 00 00 01 00 00 00 ff 00 00 ....F.0.........
0440 00 09 04 00 00 1c 00 08 00 24 00 16 00 3a 00 01 .........$...:..
0450 00 41 00 30 00 32 00 00 00 41 00 30 00 32 00 2d .A.0.2...A.0.2.-
0460 00 35 00 2e 00 30 00 32 00 2d 00 53 00 00 00 05 .5...0.2.-.S....
0470 00 02 00 00 80 d4 80 00 00 00 00 30 81 88 06 09 ...........0....
0480 2b 06 01 04 01 82 37 12 06 01 01 ff 04 78 00 30 +.....7......x.0
0490 00 00 00 00 14 00 44 00 42 00 4d 00 2d 00 4f 00 ......D.B.M.-.O.
04a0 4e 00 4c 00 49 00 4e 00 45 00 00 00 36 00 39 00 N.L.I.N.E...6.9.
04b0 37 00 31 00 33 00 2d 00 36 00 34 00 30 00 2d 00 7.1.3.-.6.4.0.-.
04c0 34 00 34 00 37 00 37 00 33 00 39 00 31 00 2d 00 4.4.7.7.3.9.1.-.
04d0 34 00 35 00 33 00 39 00 31 00 00 00 53 00 69 00 4.5.3.9.1...S.i.
04e0 74 00 65 00 20 00 4c 00 69 00 63 00 65 00 6e 00 t.e. .L.i.c.e.n.
04f0 73 00 65 00 20 00 53 00 65 00 72 00 76 00 65 00 s.e. .S.e.r.v.e.
0500 72 00 00 00 00 00 30 2b 06 03 55 1d 23 01 01 ff r.....0+..U.#...
0510 04 21 30 1f a1 16 a4 14 42 00 4d 00 2d 00 4f 00 .!0.....B.M.-.O.
0520 4e 00 4c 00 49 00 4e 00 45 00 00 00 82 05 03 00 N.L.I.N.E.......
0530 00 00 fb 30 09 06 05 2b 0e 03 02 1d 05 00 03 41 ...0...+.......A
0540 00 0a f9 0e 83 c4 af cd bc ca 99 e9 85 c9 05 4b ...............K
0550 eb f3 51 ae b6 5f 11 01 fb c1 9a 4a c7 63 61 26 ..Q.._.....J.ca&
0560 37 22 3f 43 79 5e 96 79 7e 51 d1 9f 86 df 6c bb 7"?Cy^.y~Q....l.
0570 46 41 b6 39 c5 fb 98 5b 2e d4 fb a3 33 7d 04 9b FA.9...[....3}..
0580 f3 31 00 01 00 14 00 a0 3d 7e b2 32 34 66 81 35 .1......=~.24f.5
0590 52 68 73 80 7f 10 80 64 d6 f1 af 1b 8b 27 84 cd Rhs....d.....'..
05a0 b6 36 89 31 95 06 b6 15 16 4e ae .6.1.....N.
[Server decrypted packet] - 64 bytes total; 38 bytes decrypted
0000 03 00 00 40 02 f0 80 68 00 01 03 eb 70 32 88 02 ...@...h....p2..
0010 02 03 e0 4d f3 41 55 7e 11 f7 02 03 26 00 00 00 ...M.AU~....&...
0020 00 00 28 2f 0a 00 dc 58 db 85 c8 59 49 e9 9b cb ..(/...X...YI...
0030 32 2c 60 33 ed 6f 46 93 57 38 a9 8b 45 ce 53 3e 2,`3.oF.W8..E.S>
[Client packet not encrypted] - 9 bytes
0000 03 00 00 09 02 f0 80 21 80 .......!.
Autor
En línea
