Annotation of /sourceforge.net/trunk/rdpproxy/README

=======================================
rdpproxy: Man-in-the-middle RDP sniffer
        Matt Chapman <matthewc@cse.unsw.edu.au>
        Modified by Erik Forsberg <forsberg at cendio dot se>


NOTE: This is a tool for developers, so it is a bit rough around the
edges :)

RDP4
----
Old Microsoft RDP4 clients should work "out of the box". Although with
this version of rdpproxy, they don't. Umm.. don't know why.

RDP5, Administration mode
-------------------------
You will need to replace tsprivkey.der with the private key from your
Terminal Server.  To do this, dump its secrets with Todd Sabin's
lsadump2 (sold separately).  Then pass the output of lsadump2 through
extractkey.pl (just dumps that particular secret in binary) and finally
rsa2der.

RDP5, Application mode
----------------------
This works as it should as far as I can see. 


=======================================
pparser.py: Parser for turning rdpproxy output into readable form.
        Erik Forsberg <forsberg at cendio dot se>
        
pparser.py can be used to get a more readable form of the packet trace
output by rdpproxy. Just as rdpproxy, it's a developer tool, so it's
usability may sometimes be.. uhm.. challenging :-).

pparser.py can output several formats, but basically, only the TXT
format is interesting unless you write a master thesis :-).

pparser.py can sort out packets based on what channel they occur on,
so it might very well be useful for developing support for new virtual
channels such as sound and local drive redirection.

In order to work, pparser.py expects ../keymaps to exist.

1	forsberg	429	=======================================
2			rdpproxy: Man-in-the-middle RDP sniffer
3			Matt Chapman <matthewc@cse.unsw.edu.au>
4			Modified by Erik Forsberg <forsberg at cendio dot se>
5
6
7			NOTE: This is a tool for developers, so it is a bit rough around the
8			edges :)
9
10			RDP4
11			----
12			Old Microsoft RDP4 clients should work "out of the box". Although with
13			this version of rdpproxy, they don't. Umm.. don't know why.
14
15			RDP5, Administration mode
16			-------------------------
17			You will need to replace tsprivkey.der with the private key from your
18			Terminal Server. To do this, dump its secrets with Todd Sabin's
19			lsadump2 (sold separately). Then pass the output of lsadump2 through
20			extractkey.pl (just dumps that particular secret in binary) and finally
21			rsa2der.
22
23			RDP5, Application mode
24			----------------------
25			This works as it should as far as I can see.
26
27
28			=======================================
29			pparser.py: Parser for turning rdpproxy output into readable form.
30			Erik Forsberg <forsberg at cendio dot se>
31
32			pparser.py can be used to get a more readable form of the packet trace
33			output by rdpproxy. Just as rdpproxy, it's a developer tool, so it's
34			usability may sometimes be.. uhm.. challenging :-).
35
36			pparser.py can output several formats, but basically, only the TXT
37			format is interesting unless you write a master thesis :-).
38
39			pparser.py can sort out packets based on what channel they occur on,
40			so it might very well be useful for developing support for new virtual
41			channels such as sound and local drive redirection.
42
43			In order to work, pparser.py expects ../keymaps to exist.
44