Click here to Skip to main content
13,004,099 members (112,528 online)
Click here to Skip to main content
Add your own
alternative version

Tagged as


4 bookmarked
Posted 19 Feb 2010

Decrypt Remote Desktop Mobile password

, 19 Feb 2010
Rate this:
Please Sign up or sign in to vote.
How to decrypt password from default.rdp on windows mobile


I found the article about decrypting saved RDP passwords at and

Fortunately, decrypting a saved Windows Mobile password is not as complicated as on Desktop PCs. There is no entropy (???) etc.

As soon as you start RemoteDesktopMobile (RDM) and click connect and RDM gets a connection, it saves a \Windows\default.rdp file. If [] Save Password was checked, the RDP file will have the encrypted password inside:


You will also find all other optional settings from the connect and options dialog in the file.

In contrast to DesktopPC, the encryption always uses only the number of bytes needed for the password and is NOT filled up to 512 bytes. Secondly, there is no real user management on Windows Mobile and so you only need one flag (CRYPTPROTECT_UI_FORBIDDEN) during encrypt and decrypt. The description string for CryptProtectData is always “rdp”.

DATA_BLOB blobIn, blobOut;
blobIn.cbData = pSizeIn;
blobIn.pbData = (PBYTE )pByteTemp;// szPass;
blobOut.cbData = 0;
blobOut.pbData = NULL;
if (!CryptProtectData(&blobIn, L"rdp", NULL, NULL, NULL, 
DATA_BLOB blobIn, blobOut;
blobIn.cbData = nBytes;
blobIn.pbData = pPassBytes;
blobOut.cbData = 0;
blobOut.pbData = NULL;
if (!CryptUnprotectData(&blobIn, NULL, NULL, NULL, NULL, 

The only hard problem (for me) was the converting of hex strings back to byte array and reading the rdp file into a string.

The attached sample apps (MINOR ERROR CHECKING!) show how to decrypt and encrypt RDP passwords. When you click [Start], the sample app will open an existing default.rdp file and show you the unencrypted password.

For encrypt, the unicode (!) string is used including the terminating \0! When you decrypt the byte array getting back from CryptUnprotectData(), the terminating \0 of the Unicode string is included.

As with rdp files on desktop PC, you cannot use the default.rdp created on one device on another device. The decryption will only work correctly on the same device!

BTW: If you try to port this to C#: CryptProtectData and CryptUnprotectData are available in CoreDll.DLL, there is no separate crypt32.dll on Windows Mobile 5/6.

<!-- Social Bookmarks BEGIN --> <!-- Social Bookmarks END -->


This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


About the Author

Germany Germany
No Biography provided

You may also be interested in...

Comments and Discussions

QuestionVERY GOOD Pin
y_boy5-Jul-11 20:08
membery_boy5-Jul-11 20:08 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.170627.1 | Last Updated 19 Feb 2010
Article Copyright 2010 by hjgode
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid