Decrypt kerberos traffic with wireshark using exported keytab
It has been two days in a row that I spend hours trying to decrypt kerberos traffic using wireshark.
For learning purposes, I want to be able to read the encrypted parts of tickets and authenticators inside of wireshark.
I know its possible and wireshark supply an option to import a keytab file.
I read about a tool named ktexport, but I searched all over and it is nowhere to be found.
So I tried ktpass, but it seems like it not meant for that purpose, and it didn't work for me anyhow.
My last resort was Wireshark's kerberos examples, that come with a keytab file, but they are not working either.
Can anyone help me?