2.2.1.11.1.1 Info Packet (TS_INFO_PACKET)
The TS_INFO_PACKET structure contains extra information not passed to the server during the Basic Settings Exchange phase (section 1.3.1.1) of the RDP Connection Sequence, primarily to ensure that it gets encrypted (as auto-logon password data and other sensitive information is passed here).
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
CodePage |
|||||||||||||||||||||||||||||||
|
flags |
|||||||||||||||||||||||||||||||
|
cbDomain |
cbUserName |
||||||||||||||||||||||||||||||
|
cbPassword |
cbAlternateShell |
||||||||||||||||||||||||||||||
|
cbWorkingDir |
Domain (variable) |
||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
UserName (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
Password (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
AlternateShell (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
WorkingDir (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
extraInfo (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
CodePage (4 bytes): A 32-bit, unsigned integer. If the flags field does not contain the INFO_UNICODE flag (0x00000010), then this field MUST contain the ANSI code page descriptor being used by the client (for a list of code pages, see [MSDN-CP]) to encode the character fields in the Info Packet and Extended Info Packet (section 2.2.1.11.1.1.1). However, if the flags field contains the INFO_UNICODE flag, then the CodePage field MUST contain the active language identifier in the low-word<16> (for a list of language identifiers, see [MSDN-MUI]); the contents of the high-word MUST be ignored by the server. The active language identifier SHOULD be ignored by the server if the keyboardLayout field of the Client Core Data structure (section 2.2.1.3.2) is set to zero.<17>
flags (4 bytes): A 32-bit, unsigned integer. Option flags.
-
Flag
Meaning
INFO_MOUSE
0x00000001
Indicates that the client machine has a mouse attached.
INFO_DISABLECTRLALTDEL
0x00000002
Indicates that the CTRL+ALT+DEL (or the equivalent) secure access keyboard sequence is not required at the logon prompt.
INFO_AUTOLOGON
0x00000008
The client requests auto logon using the included user name, password and domain.
INFO_UNICODE
0x00000010
Indicates that the character set for strings in the Info Packet and Extended Info Packet (section 2.2.1.11.1.1.1) is Unicode. If this flag is absent, then the ANSI character set that is specified by the ANSI code page descriptor in the CodePage field is used for strings in the Info Packet and Extended Info Packet.
INFO_MAXIMIZESHELL
0x00000020
Indicates that the alternate shell (specified in the AlternateShell field of the Info Packet structure) MUST be started in a maximized state.
INFO_LOGONNOTIFY
0x00000040
Indicates that the client wants to be informed of the user name and domain used to log on to the server, as well as the ID of the session to which the user connected. The Save Session Info PDU (section 2.2.10.1) is sent from the server to notify the client of this information using a Logon Info Version 1 (section 2.2.10.1.1.1) or Logon Info Version 2 (section 2.2.10.1.1.2) structure.
INFO_COMPRESSION
0x00000080
Indicates that the CompressionTypeMask is valid and contains the highest compression package type supported by the client.
CompressionTypeMask
0x00001E00
Indicates the highest compression package type supported. See the discussion which follows this table for more information.
INFO_ENABLEWINDOWSKEY
0x00000100
Indicates that the client uses the Windows key on Windows-compatible keyboards.
INFO_REMOTECONSOLEAUDIO
0x00002000
Requests that audio played in a session hosted on a remote server be played on the server.
INFO_FORCE_ENCRYPTED_CS_PDU
0x00004000
Indicates that all client-to-server traffic is encrypted when encryption is in force. Setting this flag prevents the server from processing unencrypted packets in man-in-the-middle attack scenarios. This flag is not understood by RDP 4.0, 5.0, and 5.1 servers.
INFO_RAIL
0x00008000
Indicates that the remote connection being established is for the purpose of launching remote programs using the protocol defined in [MS-RDPERP] sections 2 and 3. This flag is not understood by RDP 4.0, 5.0, 5.1, and 5.2 servers.
INFO_LOGONERRORS
0x00010000
Indicates a request for logon error notifications using the Save Session Info PDU. This flag is not understood by RDP 4.0, 5.0, 5.1, and 5.2 servers.
INFO_MOUSE_HAS_WHEEL
0x00020000
Indicates that the mouse which is connected to the client machine has a scroll wheel. This flag is not understood by RDP 4.0, 5.0, 5.1, and 5.2 servers.
INFO_PASSWORD_IS_SC_PIN
0x00040000
Indicates that the Password field in the Info Packet contains a smart card personal identification number (PIN). This flag is not understood by RDP 4.0, 5.0, 5.1, and 5.2 servers.
INFO_NOAUDIOPLAYBACK
0x00080000
Indicates that audio redirection (using the protocol defined in [MS-RDPEA] sections 2 and 3) MUST NOT take place. This flag is not understood by RDP 4.0, 5.0, 5.1, and 5.2 servers. If the INFO_NOAUDIOPLAYBACK flag is not set, then audio redirection SHOULD take place if the INFO_REMOTECONSOLEAUDIO (0x00002000) flag is also not set.
INFO_USING_SAVED_CREDS
0x00100000
Any user credentials sent on the wire during the RDP Connection Sequence (sections 1.3.1.1 and 1.3.1.2) have been retrieved from a credential store and were not obtained directly from the user. This flag is not understood by RDP 4.0, 5.0, 5.1, 5.2, and 6.0 servers.
INFO_AUDIOCAPTURE
0x00200000
Indicates that the redirection of client-side audio input to a session hosted on a remote server is supported using the protocol defined in [MS-RDPEAI] sections 2 and 3. This flag is not understood by RDP 4.0, 5.0, 5.1, 5.2, 6.0, and 6.1 servers.
INFO_VIDEO_DISABLE
0x00400000
Indicates that video redirection or playback (using the protocol defined in [MS-RDPEV] sections 2 and 3) MUST NOT take place. This flag is not understood by RDP 4.0, 5.0, 5.1, 5.2, 6.0, and 6.1 servers.
INFO_RESERVED1
0x00800000
An unused flag that is reserved for future use. This flag MUST NOT be set.
INFO_RESERVED2
0x01000000
An unused flag that is reserved for future use. This flag MUST NOT be set.
INFO_HIDEF_RAIL_SUPPORTED
0x02000000
Indicates that the client supports Enhanced RemoteApp ([MS-RDPERP] section 1.3.3). The INFO_HIDEF_RAIL_SUPPORTED flag MUST be ignored if the INFO_RAIL (0x00008000) flag is not specified. Furthermore, a client that specifies the INFO_HIDEF_RAIL_SUPPORTED flag MUST send the Remote Programs Capability Set ([MS-RDPERP] section 2.2.1.1.1) to the server. The INFO_HIDEF_RAIL_SUPPORTED flag is not understood by RDP 4.0, 5.0, 5.1, 5.2, 6.0, 6.1, 7.0, 7.1, and 8.0 servers.
-
The CompressionTypeMask is a 4-bit enumerated value containing the highest compression package support available on the client. The packages codes are:
-
Value
Meaning
PACKET_COMPR_TYPE_8K
0x0
RDP 4.0 bulk compression (section 3.1.8.4.1).
PACKET_COMPR_TYPE_64K
0x1
RDP 5.0 bulk compression (section 3.1.8.4.2).
PACKET_COMPR_TYPE_RDP6
0x2
RDP 6.0 bulk compression ([MS-RDPEGDI] section 3.1.8.1).
PACKET_COMPR_TYPE_RDP61
0x3
RDP 6.1 bulk compression ([MS-RDPEGDI] section 3.1.8.2).
-
If a client supports compression package n then it MUST support packages 0...(n - 1).
cbDomain (2 bytes): A 16-bit, unsigned integer. The size in bytes of the character data in the Domain field. This size excludes the length of the mandatory null terminator.
cbUserName (2 bytes): A 16-bit, unsigned integer. The size in bytes of the character data in the UserName field. This size excludes the length of the mandatory null terminator.
cbPassword (2 bytes): A 16-bit, unsigned integer. The size in bytes of the character data in the Password field. This size excludes the length of the mandatory null terminator.
cbAlternateShell (2 bytes): A 16-bit, unsigned integer. The size in bytes of the character data in the AlternateShell field. This size excludes the length of the mandatory null terminator.
cbWorkingDir (2 bytes): A 16-bit, unsigned integer. The size in bytes of the character data in the WorkingDir field. This size excludes the length of the mandatory null terminator.
Domain (variable): Variable-length logon domain of the user (the length in bytes is given by the cbDomain field). The maximum length allowed by RDP 4.0 and RDP 5.0 servers is 52 bytes (including the mandatory null terminator), while all other versions of RDP servers allow a maximum length of 512 bytes (including the mandatory null terminator). The field MUST contain at least a null terminator character in Windows-1252 or Unicode format (depending on the presence of the INFO_UNICODE flag).
UserName (variable): Variable-length logon user name of the user (the length in bytes is given by the cbUserName field). The maximum length allowed by RDP 4.0 servers is 44 bytes (including the mandatory null terminator), while all other versions of RDP servers allow a maximum length of 512 bytes (including the mandatory null terminator). The field MUST contain at least a null terminator character in Windows-1252 or Unicode format (depending on the presence of the INFO_UNICODE flag). The contents of the UserName field SHOULD be ignored if the INFO_PASSWORD_IS_SC_PIN (0x00040000) flag is specified in the flags field.
Password (variable): Variable-length logon password of the user (the length in bytes is given by the cbPassword field). The maximum length allowed by RDP 4.0 and RDP 5.0 servers is 32 bytes (including the mandatory null terminator), while all other versions of RDP servers allow a maximum length of 512 bytes (including the mandatory null terminator). The field MUST contain at least a null terminator character in Windows-1252 or Unicode format (depending on the presence of the INFO_UNICODE flag).
AlternateShell (variable): Variable-length path to the executable file of an alternate shell, e.g. "c:\dir\prog.exe" (the length in bytes is given by the cbAlternateShell field). The maximum allowed length is 512 bytes (including the mandatory null terminator). This field MUST only be initialized if the client is requesting a shell other than the default. The field MUST contain at least a null terminator character in Windows-1252 or Unicode format (depending on the presence of the INFO_UNICODE flag).
WorkingDir (variable): Variable-length directory that contains the executable file specified in the AlternateShell field or any related files (the length in bytes is given by the cbWorkingDir field). The maximum allowed length is 512 bytes (including the mandatory null terminator). This field MAY be initialized if the client is requesting a shell other than the default. The field MUST contain at least a null terminator character in Windows-1252 or Unicode format (depending on the presence of the INFO_UNICODE flag).
extraInfo (variable): Optional and variable-length extended information used in all RDP versions, except for RDP 4.0, and specified in section 2.2.1.11.1.1.1.