[jcifs] SMB signing without a WINS server
Jeroen ter Voorde
j.tervoorde at home.nl
Wed Sep 14 07:43:52 GMT 2005
Hi all,
I've tried setting up the NTLM HTTP filter using a Win 2003 domain
controller (mixed mode) without setting
the jcifs.netbios.wins setting. I've tried 1.1.11 and 1.2.3.
It works fine when i disable required signing on the server (offcourse).
It also works fine when smb signing is enabled and a wins server is
specified. When i don't specify a wins server i get a signature
verification failure which results in an SmbAuthException.
I figured jcifs can't find my domain controller (VM_2003_SERVER) so i've
tried adding the domain controller netbios name as well as the domain
name to dns and to an lmhosts file. This didn't help.
Any ideas?
Thanks, Jeroen
This is my filter config:
<init-param>
<param-name>jcifs.http.domainController</param-name>
<param-value>192.168.0.144</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.domain</param-name>
<param-value>QOLINTERN</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.username</param-name>
<param-value>hans</param-value>
</init-param>
<init-param>
<param-name>jcifs.smb.client.password</param-name>
<param-value>test123</param-value>
</init-param>
And the debug info:
New data read: Transport1[0.0.0.0<00>/192.168.0.144:445]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 | SMBr......└....|
00010: 00 00 00 00 00 00 00 00 00 00 0C FE 00 00 01 00 |...........■....|
byteCount=58 but readBytesWireFormat returned 26
NodeStatusRequest[nameTrnId=1,isResponse=false,opCode=QUERY,isAuthAnswer=false,
sTruncated=false,isRecurAvailable=false,isRecurDesired=false,isBroadcast=false,
esultCode=0,questionCount=1,answerCount=0,authorityCount=0,additionalCount=0,qu
stionName=* <00>,questionType=0x0021,questionClass=IN,recordName=n
ll,recordType=0x0000,recordClass=0x0000,ttl=0,rDataLength=0]
NetBIOS: new data read from socket
00000: 00 01 00 00 00 01 00 00 00 00 00 00 20 43 4B 41 |............ CKA|
00010: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 |AAAAAAAAAAAAAAAA|
00020: 41 41 41 41 41 41 41 41 41 41 41 41 41 00 00 21 |AAAAAAAAAAAAA..!|
00030: 00 01 |.. |
NodeStatusResponse[nameTrnId=1,isResponse=true,opCode=QUERY,isAuthAnswer=true,i
Truncated=false,isRecurAvailable=false,isRecurDesired=false,isBroadcast=false,r
sultCode=0,questionCount=0,answerCount=1,authorityCount=0,additionalCount=0,que
tionName=null,questionType=0x0000,questionClass=IN,recordName=* <0
>,recordType=0x0021,recordClass=IN,ttl=0,rDataLength=191]
00000: 00 01 84 00 00 00 00 01 00 00 00 00 20 43 4B 41 |............ CKA|
00010: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 |AAAAAAAAAAAAAAAA|
00020: 41 41 41 41 41 41 41 41 41 41 41 41 41 00 00 21 |AAAAAAAAAAAAA..!|
00030: 00 01 00 00 00 00 00 BF 08 56 4D 5F 32 30 30 33 |.......┐.VM_2003|
00040: 5F 53 45 52 56 45 52 20 00 44 00 51 4F 4C 49 4E |_SERVER .D.QOLIN|
00050: 54 45 52 4E 20 20 20 20 20 20 00 C4 00 51 4F 4C |TERN .─.QOL|
00060: 49 4E 54 45 52 4E 20 20 20 20 20 20 1C C4 00 56 |INTERN .─.V|
00070: 4D 5F 32 30 30 33 5F 53 45 52 56 45 52 20 20 44 |M_2003_SERVER D|
00080: 00 51 4F 4C 49 4E 54 45 52 4E 20 20 20 20 20 20 |.QOLINTERN |
00090: 1B 44 00 51 4F 4C 49 4E 54 45 52 4E 20 20 20 20 |.D.QOLINTERN |
000A0: 20 20 1E C4 00 51 4F 4C 49 4E 54 45 52 4E 20 20 | .─.QOLINTERN |
000B0: 20 20 20 20 1D 44 00 01 02 5F 5F 4D 53 42 52 4F | .D...__MSBRO|
000C0: 57 53 45 5F 5F 02 01 C4 00 00 0C 29 BA B4 C5 00 |WSE__..─...)║┤┼.|
000D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00100: 00 00 00 00 00 00 00 00 00 |......... |
treeConnect: unc=\\VM_2003_SERVER\IPC$,service=?????
sessionSetup: accountName=hans,primaryDomain=
treeConnect: unc=\\VM_2003_SERVER\IPC$,service=?????
sessionSetup: accountName=hans,primaryDomain=QOLINTERN
LM_COMPATIBILITY=0
00000: AA 53 60 86 FF 31 C0 A8 70 91 85 5A 73 6F 49 16 |¬S`. 1└¿p..ZsoI.|
00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ю°&.SÃ|
00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
update: 0 0:40
00000: AA 53 60 86 FF 31 C0 A8 70 91 85 5A 73 6F 49 16 |¬S`. 1└¿p..ZsoI.|
00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ю°&.SÃ|
00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
update: 1 4:236
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 00 00 | SMBs......└....|
00010: 00 00 00 00 00 00 00 00 00 00 0C FE 00 00 02 00 |...........■....|
00020: 0D 75 00 AE 00 04 11 0A 00 01 00 00 00 00 00 18 |.u.«............|
00030: 00 18 00 00 00 00 00 54 10 00 00 71 00 04 0E E3 |.......T...q...Ò|
00040: 50 45 A6 57 C7 8E D3 F8 BF A6 D2 39 6E E3 52 53 |PEªWÃ.Ë°┐ªÊ9nÒRS|
00050: 45 F5 88 D7 E7 3D 4A 93 C2 9A C3 12 91 DF D1 A9 |E§.Îþ=J.┬.├..▀Ю|
00060: F8 26 0F 53 C7 25 FD 46 4D BE 0E E5 2F 00 68 00 |°&.SÃ%²FM¥.Õ/.h.|
00070: 61 00 6E 00 73 00 00 00 51 00 4F 00 4C 00 49 00 |a.n.s...Q.O.L.I.|
00080: 4E 00 54 00 45 00 52 00 4E 00 00 00 57 00 69 00 |N.T.E.R.N...W.i.|
00090: 6E 00 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 |n.d.o.w.s. .X.P.|
000A0: 00 00 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF |..j.C.I.F.S.... |
000B0: 00 00 00 00 00 01 00 33 00 00 5C 00 5C 00 56 00 |.......3..\.\.V.|
000C0: 4D 00 5F 00 32 00 30 00 30 00 33 00 5F 00 53 00 |M._.2.0.0.3._.S.|
000D0: 45 00 52 00 56 00 45 00 52 00 5C 00 49 00 50 00 |E.R.V.E.R.\.I.P.|
000E0: 43 00 24 00 00 00 3F 3F 3F 3F 3F 00 |C.$...?????. |
digest:
00000: EB 88 A1 84 C3 59 CD F0 26 18 ED C0 48 1A DA 47 |Ù.í.├Y═&.Ý└H.┌G|
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorC
de=The operation completed
successfully.,flags=0x0018,flags2=0xC007,signSeq=0,t
d=0,pid=65036,uid=0,mid=2,wordCount=13,byteCount=113,andxCommand=0x75,andxOffse
=174,snd_buf_size=4356,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=2
,unicodePasswordLength=24,capabilities=4180,accountName=hans,primaryDomain=QOLI
TERN,NATIVE_OS=Windows XP,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCod
=The operation completed
successfully.,flags=0x0018,flags2=0x0000,signSeq=0,tid
0,pid=65036,uid=0,mid=0,wordCount=4,byteCount=51,andxCommand=0xFF,andxOffset=0,
isconnectTid=false,passwordLength=1,password=,path=\\VM_2003_SERVER\IPC$,servic
=?????]
New data read: Transport1[VM_2003_SERVER<00>/192.168.0.144:445]
00000: FF 53 4D 42 73 00 00 00 00 98 07 C0 00 00 FB E1 | SMBs......└..¹ß|
00010: 03 29 AA FA B2 7D 00 00 06 40 0C FE 00 70 02 00 |.)¬·▓}... at .■.p..|
LM_COMPATIBILITY=0
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ю°&.SÃ|
00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ю°&.SÃ|
00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
update: 1 4:218
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 00 00 | SMBs......└....|
00010: 00 00 00 00 00 00 00 00 00 00 0C FE 00 00 03 00 |...........■....|
00020: 0D 75 00 9C 00 04 11 0A 00 01 00 00 00 00 00 18 |.u..............|
00030: 00 18 00 00 00 00 00 54 10 00 00 5F 00 3D 4A 93 |.......T..._.=J.|
00040: C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 25 FD 46 |┬.├..▀Ю°&.SÃ%²F|
00050: 4D BE 0E E5 2F 3D 4A 93 C2 9A C3 12 91 DF D1 A9 |M¥.Õ/=J.┬.├..▀Ю|
00060: F8 26 0F 53 C7 25 FD 46 4D BE 0E E5 2F 00 68 00 |°&.SÃ%²FM¥.Õ/.h.|
00070: 61 00 6E 00 73 00 00 00 00 00 57 00 69 00 6E 00 |a.n.s.....W.i.n.|
00080: 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 00 00 |d.o.w.s. .X.P...|
00090: 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF 00 00 |j.C.I.F.S.... ..|
000A0: 00 00 00 01 00 33 00 00 5C 00 5C 00 56 00 4D 00 |.....3..\.\.V.M.|
000B0: 5F 00 32 00 30 00 30 00 33 00 5F 00 53 00 45 00 |_.2.0.0.3._.S.E.|
000C0: 52 00 56 00 45 00 52 00 5C 00 49 00 50 00 43 00 |R.V.E.R.\.I.P.C.|
000D0: 24 00 00 00 3F 3F 3F 3F 3F 00 |$...?????. |
digest:
00000: 52 4E 35 9E D3 05 06 6F 92 D3 9C 6B 90 24 6D C0 |RN5.Ë..o.Ë.k.$m└|
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorC
de=The operation completed
successfully.,flags=0x0018,flags2=0xC007,signSeq=0,t
d=0,pid=65036,uid=0,mid=3,wordCount=13,byteCount=95,andxCommand=0x75,andxOffset
156,snd_buf_size=4356,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=24
unicodePasswordLength=24,capabilities=4180,accountName=hans,primaryDomain=,NATI
E_OS=Windows XP,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCod
=The operation completed
successfully.,flags=0x0018,flags2=0x0000,signSeq=0,tid
0,pid=65036,uid=0,mid=0,wordCount=4,byteCount=51,andxCommand=0xFF,andxOffset=0,
isconnectTid=false,passwordLength=1,password=,path=\\VM_2003_SERVER\IPC$,servic
=?????]
New data read: Transport1[VM_2003_SERVER<00>/192.168.0.144:445]
00000: FF 53 4D 42 73 22 00 00 C0 98 07 C0 00 00 0F F6 | SMBs"..└..└...÷|
00010: 06 93 27 D9 00 F2 00 00 00 00 0C FE 00 00 03 00 |..'┘.‗.....■....|
update: 0 0:40
00000: AA 53 60 86 FF 31 C0 A8 70 91 85 5A 73 6F 49 16 |¬S`. 1└¿p..ZsoI.|
00010: 3D 4A 93 C2 9A C3 12 91 DF D1 A9 F8 26 0F 53 C7 |=J.┬.├..▀Ю°&.SÃ|
00020: 25 FD 46 4D BE 0E E5 2F |%²FM¥.Õ/ |
update: 1 4:14
00000: FF 53 4D 42 73 22 00 00 C0 98 07 C0 00 00 | SMBs"..└..└.. |
update: 2 0:8
00000: 01 00 00 00 00 00 00 00 |........ |
update: 3 26:13
00000: 00 00 00 00 0C FE 00 00 03 00 00 00 00 |.....■....... |
digest:
00000: 94 52 74 B2 8F 5C 8C 0C AA 06 EC DA 27 F0 A0 8B |.Rt▓.\..¬.ý┌'á.|
signature verification failure
00000: 94 52 74 B2 8F 5C 8C 0C |.Rt▓.\.. |
00000: 0F F6 06 93 27 D9 00 F2 |.÷..'┘.‗ |
NtlmHttpFilter: hans: 0xC0000022: jcifs.smb.SmbAuthException: Access is
denied.
java.net.SocketTimeoutException: Receive timed out
at java.net.PlainDatagramSocketImpl.receive(Native Method)
at java.net.DatagramSocket.receive(DatagramSocket.java:711)
at jcifs.netbios.NameServiceClient.run(NameServiceClient.java:184)
at java.lang.Thread.run(Thread.java:534)
More information about the jcifs
mailing list