unit42 · Crawled Jul 5, 2026

How We Added WebAuthn to a Browser-Based RDP Client

Read original article ↗

AI Summary

This article details a research effort to implement WebAuthn redirection in a browser-based RDP client, reverse-engineering Microsoft's undocumented internal handling of WebAuthn in Windows. The research uncovered that Microsoft's mstsc.exe uses an undocumented internal plugin path in webauthn.dll to process hash-only WebAuthn requests from older Windows servers, while public APIs require full clientDataJSON. The work enabled the first non-Windows implementation of WebAuthn redirection in an RDP client, predating FreeRDP's support. The findings highlight critical gaps in Microsoft's documentation and the complexity of cross-platform WebAuthn implementation in RDP environments.

AI-extracted · verify before operational use

No entities or IoCs were extracted from this article.