[jcifs] NTLM authentication with Windows 2003 Server - not really solved

Thomas Bley thomas.bley at simple-groupware.de
Fri Oct 20 21:26:12 GMT 2006 

Hello,

I've made some tests on this:
I'm using Windows 2003 Service Pack 1 as server and a WinXP SP2 box with
Firefox 2.0rc3/IE7 as client. By default, "Digitally sign communications
(always)" and "(if client agrees)" is disabled in the local security
settings (under "/Local policies/Security Options/"). When it is
disabled, NTLM and basic authentication providing the password as plain
text work without any problems.
When I enable signing, Windows warns that this breaks compatibility with
clients, services and applications.

After enabling, basic authentication with the plain text password still
works without any problems. (To get these results reproducable, I
restarted Tomcat and the browsers every time I changed the policies on
the server)
After enabling, I get "access denied" with NTLM. I'm using the default
ssnLimit. After the first connect with NTLM breaks, I am no longer able
to do a basic authentication with the browser.

Mike, maybe you have some time to watch the debug output ?

Using NTLM with Firefox gives this output:

SmbComNegotiate[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x001
8,flags2=0xC003,signSeq=0,tid=0,pid=46677,uid=0,mid=1,wordCount=0,byteCount=12,w
ordCount=0,dialects=NT LM 0.12]
00000: FF 53 4D 42 72 00 00 00 00 18 03 C0 00 00 00 00 | SMBr......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 01 00 |..........U╢....|
00020: 00 0C 00 02 4E 54 20 4C 4D 20 30 2E 31 32 00 |....NT LM 0.12. |

New data read: Transport1[0.0.0.0<00>/192.168.0.6:0]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 | SMBr......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 01 00 |..........U╢....|

byteCount=46 but readBytesWireFormat returned 26
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,fla
gs=0x0098,flags2=0xC003,signSeq=0,tid=0,pid=46677,uid=0,mid=1,wordCount=17,byteC
ount=46,wordCount=17,dialectIndex=0,securityMode=0xF,security=user,encryptedPass
words=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=4356,maxRawSize=65536,ses
sionKey=0x00000000,capabilities=0x0001F3FD,serverTime=Sat Oct 21
07:50:03 CEST 2
006,serverTimeZone=420,encryptionKeyLength=8,byteCount=46,encryptionKey=0x7195A9
B2BEC34199,oemDomainName=WORKGROUP]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 | SMBr......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 01 00 |..........U╢....|
00020: 11 00 00 0F 32 00 01 00 04 11 00 00 00 00 01 |....2.......... |

[actionLoginNtlm] Fri Oct 20 22:50:02 CEST 2006
WebDisk-Debug[ntlm-login]: serve
r=192.168.0.6, domain=, username=administrator
SmbComNegotiate[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x001
8,flags2=0xC003,signSeq=0,tid=0,pid=46677,uid=0,mid=1,wordCount=0,byteCount=12,w
ordCount=0,dialects=NT LM 0.12]
00000: FF 53 4D 42 72 00 00 00 00 18 03 C0 00 00 00 00 | SMBr......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 01 00 |..........U╢....|
00020: 00 0C 00 02 4E 54 20 4C 4D 20 30 2E 31 32 00 |....NT LM 0.12. |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 | SMBr......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 01 00 |..........U╢....|

byteCount=46 but readBytesWireFormat returned 26
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,fla
gs=0x0098,flags2=0xC003,signSeq=0,tid=0,pid=46677,uid=0,mid=1,wordCount=17,byteC
ount=46,wordCount=17,dialectIndex=0,securityMode=0xF,security=user,encryptedPass
words=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=4356,maxRawSize=65536,ses
sionKey=0x00000000,capabilities=0x0001F3FD,serverTime=Sat Oct 21
07:50:03 CEST 2
006,serverTimeZone=420,encryptionKeyLength=8,byteCount=46,encryptionKey=0xAFFD05
6FFEBF728F,oemDomainName=WORKGROUP]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 | SMBr......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 01 00 |..........U╢....|
00020: 11 00 00 0F 32 00 01 00 04 11 00 00 00 00 01 |....2.......... |

treeConnect: unc=\\192.168.0.6\ADMINISTRATOR,service=?????
sessionSetup: accountName=administrator,primaryDomain=
treeConnect: unc=\\192.168.0.6\IPC$,service=?????
sessionSetup: accountName=administrator,primaryDomain=
treeConnect: unc=\\192.168.0.6\IPC$,service=?????
sessionSetup: accountName=,primaryDomain=
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCo
de=0,flags=0x0018,flags2=0xC007,signSeq=0,tid=0,pid=46677,uid=0,mid=2,wordCount=
13,byteCount=39,andxCommand=0x75,andxOffset=100,snd_buf_size=4356,maxMpxCount=10
,VC_NUMBER=1,sessionKey=0,passwordLength=0,unicodePasswordLength=0,capabilities=
4180,accountName=,primaryDomain=,NATIVE_OS=Windows XP,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode
=0,flags=0x0018,flags2=0x0000,signSeq=0,tid=0,pid=46677,uid=0,mid=0,wordCount=4,
byteCount=45,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,
password=,path=\\192.168.0.6\IPC$,service=?????]
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 00 00 | SMBs......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 02 00 |..........U╢....|
00020: 0D 75 00 64 00 04 11 0A 00 01 00 00 00 00 00 00 |.u.d............|
00030: 00 00 00 00 00 00 00 54 10 00 00 27 00 00 00 00 |.......T...'....|
00040: 00 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 |..W.i.n.d.o.w.s.|
00050: 20 00 58 00 50 00 00 00 6A 00 43 00 49 00 46 00 | .X.P...j.C.I.F.|
00060: 53 00 00 00 04 FF 00 00 00 00 00 01 00 2D 00 00 |S.... .......-..|
00070: 5C 00 5C 00 31 00 39 00 32 00 2E 00 31 00 36 00 |\.\.1.9.2...1.6.|
00080: 38 00 2E 00 30 00 2E 00 36 00 5C 00 49 00 50 00 |8...0...6.\.I.P.|
00090: 43 00 24 00 00 00 3F 3F 3F 3F 3F 00 |C.$...?????. |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 73 00 00 00 00 98 07 C0 00 00 00 00 | SMBs......└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 02 00 |..........U╢. ..|

SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=false
,errorCode=0,flags=0x0098,flags2=0xC007,signSeq=0,tid=4099,pid=46677,uid=8192,mi
d=2,wordCount=3,byteCount=148,andxCommand=0x75,andxOffset=189,isLoggedInAsGuest=
false,nativeOs=Windows Server 2003 3790 Service Pack
1,nativeLanMan=Windows Serv
er 2003 5.2,primaryDomain=WORKGROUP]
00000: FF 53 4D 42 73 00 00 00 00 98 07 C0 00 00 00 00 | SMBs......└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 02 00 |..........U╢. ..|
00020: 03 75 00 BD 00 00 00 94 00 00 57 00 69 00 6E 00 |.u.╜......W.i.n.|
00030: 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00 |d.o.w.s. .S.e.r.|
00040: 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 00 |v.e.r. .2.0.0.3.|
00050: 20 00 33 00 37 00 39 00 30 00 20 00 53 00 65 00 | .3.7.9.0. .S.e.|
00060: 72 00 76 00 69 00 63 00 65 00 20 00 50 00 61 00 |r.v.i.c.e. .P.a.|
00070: 63 00 6B 00 20 00 31 00 00 00 57 00 69 00 6E 00 |c.k. .1...W.i.n.|
00080: 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00 |d.o.w.s. .S.e.r.|
00090: 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 00 |v.e.r. .2.0.0.3.|
000A0: 20 00 35 00 2E 00 32 00 00 00 57 00 4F 00 52 00 | .5...2...W.O.R.|
000B0: 4B 00 47 00 52 00 4F 00 55 00 50 00 00 03 FF 00 |K.G.R.O.U.P... .|
000C0: CC 00 01 00 06 00 49 50 43 00 00 00 |╠.....IPC... |

NetShareEnum[command=SMB_COM_TRANSACTION,received=false,errorCode=0,flags=0x0018
,flags2=0xC007,signSeq=0,tid=4099,pid=46677,uid=8192,mid=3,wordCount=14,byteCoun
t=46,totalParameterCount=19,totalDataCount=0,maxParameterCount=8,maxDataCount=65
023,maxSetupCount=0,flags=0x00,timeout=5000,parameterCount=19,parameterOffset=90
,parameterDisplacement=0,dataCount=0,dataOffset=110,dataDisplacement=0,setupCoun
t=0,pad=0,pad1=1]
00000: FF 53 4D 42 25 00 00 00 00 18 07 C0 00 00 00 00 | SMB%......└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 03 00 |..........U╢. ..|
00020: 0E 13 00 00 00 08 00 FF FD 00 00 00 00 88 13 00 |....... ².......|
00030: 00 00 00 13 00 5A 00 00 00 00 00 00 00 2E 00 00 |.....Z..........|
00040: 5C 00 50 00 49 00 50 00 45 00 5C 00 4C 00 41 00 |\.P.I.P.E.\.L.A.|
00050: 4E 00 4D 00 41 00 4E 00 00 00 00 00 57 72 4C 65 |N.M.A.N.....WrLe|
00060: 68 00 42 31 33 42 57 7A 00 01 00 FF FD |h.B13BWz... ² |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 25 22 00 00 C0 98 07 C0 00 00 00 00 | SMB%"..└..└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 03 00 |..........U╢. ..|

NetShareEnumResponse[command=SMB_COM_TRANSACTION,received=false,errorCode=Access
is
denied.,flags=0x0098,flags2=0xC007,signSeq=0,tid=4099,pid=46677,uid=8192,mid
=3,wordCount=0,byteCount=0,totalParameterCount=0,totalDataCount=0,parameterCount
=0,parameterOffset=0,parameterDisplacement=0,dataCount=0,dataOffset=0,dataDispla
cement=0,setupCount=0,pad=0,pad1=0,status=0,converter=0,entriesReturned=0,totalA
vailableEntries=0]
00000: FF 53 4D 42 25 22 00 00 C0 98 07 C0 00 00 00 00 | SMB%"..└..└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 03 00 |..........U╢. ..|
00020: 00 00 00 |... |

treeConnect: unc=\\192.168.0.6\ADMINISTRATOR,service=?????
sessionSetup: accountName=administrator,primaryDomain=
treeConnect: unc=\\192.168.0.6\ADMINISTRATOR,service=?????
sessionSetup: accountName=administrator,primaryDomain=
treeConnect: unc=\\192.168.0.6\ADMINISTRATOR,service=?????
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode
=0,flags=0x0018,flags2=0xC007,signSeq=0,tid=0,pid=46677,uid=8192,mid=4,wordCount
=4,byteCount=63,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength
=1,password=,path=\\192.168.0.6\ADMINISTRATOR,service=?????]
00000: FF 53 4D 42 75 00 00 00 00 18 07 C0 00 00 00 00 | SMBu......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 20 04 00 |..........U╢. ..|
00020: 04 FF 00 00 00 00 00 01 00 3F 00 00 5C 00 5C 00 |. .......?..\.\.|
00030: 31 00 39 00 32 00 2E 00 31 00 36 00 38 00 2E 00 |1.9.2...1.6.8...|
00040: 30 00 2E 00 36 00 5C 00 41 00 44 00 4D 00 49 00 |0...6.\.A.D.M.I.|
00050: 4E 00 49 00 53 00 54 00 52 00 41 00 54 00 4F 00 |N.I.S.T.R.A.T.O.|
00060: 52 00 00 00 3F 3F 3F 3F 3F 00 |R...?????. |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 75 22 00 00 C0 98 07 C0 00 00 00 00 | SMBu"..└..└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 20 04 00 |..........U╢. ..|

SmbComTreeConnectAndXResponse[command=SMB_COM_TREE_CONNECT_ANDX,received=false,e
rrorCode=Access is
denied.,flags=0x0098,flags2=0xC007,signSeq=0,tid=0,pid=46677,
uid=8192,mid=4,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,supportSear
chBits=false,shareIsInDfs=false,service=null,nativeFileSystem=]
00000: FF 53 4D 42 75 22 00 00 C0 98 07 C0 00 00 00 00 | SMBu"..└..└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 20 04 00 |..........U╢. ..|
00020: 00 00 00 |... |

NetShareEnum[command=SMB_COM_TRANSACTION,received=false,errorCode=0,flags=0x0018
,flags2=0xC007,signSeq=0,tid=4099,pid=46677,uid=8192,mid=5,wordCount=14,byteCoun
t=46,totalParameterCount=19,totalDataCount=0,maxParameterCount=8,maxDataCount=65
023,maxSetupCount=0,flags=0x00,timeout=5000,parameterCount=19,parameterOffset=90
,parameterDisplacement=0,dataCount=0,dataOffset=110,dataDisplacement=0,setupCoun
t=0,pad=0,pad1=1]
00000: FF 53 4D 42 25 00 00 00 00 18 07 C0 00 00 00 00 | SMB%......└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 05 00 |..........U╢. ..|
00020: 0E 13 00 00 00 08 00 FF FD 00 00 00 00 88 13 00 |....... ².......|
00030: 00 00 00 13 00 5A 00 00 00 00 00 00 00 2E 00 00 |.....Z..........|
00040: 5C 00 50 00 49 00 50 00 45 00 5C 00 4C 00 41 00 |\.P.I.P.E.\.L.A.|
00050: 4E 00 4D 00 41 00 4E 00 00 00 00 00 57 72 4C 65 |N.M.A.N.....WrLe|
00060: 68 00 42 31 33 42 57 7A 00 01 00 FF FD |h.B13BWz... ² |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 25 22 00 00 C0 98 07 C0 00 00 00 00 | SMB%"..└..└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 05 00 |..........U╢. ..|

NetShareEnumResponse[command=SMB_COM_TRANSACTION,received=false,errorCode=Access
is
denied.,flags=0x0098,flags2=0xC007,signSeq=0,tid=4099,pid=46677,uid=8192,mid
=5,wordCount=0,byteCount=0,totalParameterCount=0,totalDataCount=0,parameterCount
=0,parameterOffset=0,parameterDisplacement=0,dataCount=0,dataOffset=0,dataDispla
cement=0,setupCount=0,pad=0,pad1=0,status=0,converter=0,entriesReturned=0,totalA
vailableEntries=0]
00000: FF 53 4D 42 25 22 00 00 C0 98 07 C0 00 00 00 00 | SMB%"..└..└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 05 00 |..........U╢. ..|
00020: 00 00 00 |... |

treeConnect: unc=\\192.168.0.6\ADMINISTRATOR,service=?????
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode
=0,flags=0x0018,flags2=0xC007,signSeq=0,tid=0,pid=46677,uid=8192,mid=6,wordCount
=4,byteCount=63,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength
=1,password=,path=\\192.168.0.6\ADMINISTRATOR,service=?????]
00000: FF 53 4D 42 75 00 00 00 00 18 07 C0 00 00 00 00 | SMBu......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 20 06 00 |..........U╢. ..|
00020: 04 FF 00 00 00 00 00 01 00 3F 00 00 5C 00 5C 00 |. .......?..\.\.|
00030: 31 00 39 00 32 00 2E 00 31 00 36 00 38 00 2E 00 |1.9.2...1.6.8...|
00040: 30 00 2E 00 36 00 5C 00 41 00 44 00 4D 00 49 00 |0...6.\.A.D.M.I.|
00050: 4E 00 49 00 53 00 54 00 52 00 41 00 54 00 4F 00 |N.I.S.T.R.A.T.O.|
00060: 52 00 00 00 3F 3F 3F 3F 3F 00 |R...?????. |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 75 22 00 00 C0 98 07 C0 00 00 00 00 | SMBu"..└..└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 20 06 00 |..........U╢. ..|

SmbComTreeConnectAndXResponse[command=SMB_COM_TREE_CONNECT_ANDX,received=false,e
rrorCode=Access is
denied.,flags=0x0098,flags2=0xC007,signSeq=0,tid=0,pid=46677,
uid=8192,mid=6,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,supportSear
chBits=false,shareIsInDfs=false,service=null,nativeFileSystem=]
00000: FF 53 4D 42 75 22 00 00 C0 98 07 C0 00 00 00 00 | SMBu"..└..└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 20 06 00 |..........U╢. ..|
00020: 00 00 00 |... |

[actionLoginNtlm] Fri Oct 20 22:50:02 CEST 2006
WebDisk-Debug[ntlm-login]: serve
r=192.168.0.6, domain=, username=administrator
treeConnect: unc=\\192.168.0.6\ADMINISTRATOR,service=?????
sessionSetup: accountName=administrator,primaryDomain=
LM_COMPATIBILITY=0
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 85 01 C2 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 |..┬Fq.╤«....^ε1π|
00020: A1 80 BA 55 46 BC 54 36 |í.║UF╝T6 |

update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 85 01 C2 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 |..┬Fq.╤«....^ε1π|
00020: A1 80 BA 55 46 BC 54 36 |í.║UF╝T6 |

update: 1 4:248
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 00 00 | SMBs......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 00 00 07 00 |..........U╢....|
00020: 0D 75 00 AE 00 04 11 0A 00 01 00 00 00 00 00 18 |.u.«............|
00030: 00 18 00 00 00 00 00 54 10 00 00 71 00 85 01 C2 |.......T...q...┬|
00040: 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 A1 80 BA |Fq.╤«....^ε1πí.║|
00050: 55 46 BC 54 36 85 01 C2 46 71 0B D1 AE 90 9A 02 |UF╝T6..┬Fq.╤«...|
00060: 17 5E EE 31 E3 A1 80 BA 55 46 BC 54 36 00 61 00 |.^ε1πí.║UF╝T6.a.|
00070: 64 00 6D 00 69 00 6E 00 69 00 73 00 74 00 72 00 |d.m.i.n.i.s.t.r.|
00080: 61 00 74 00 6F 00 72 00 00 00 00 00 57 00 69 00 |a.t.o.r.....W.i.|
00090: 6E 00 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 |n.d.o.w.s. .X.P.|
000A0: 00 00 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF |..j.C.I.F.S.... |
000B0: 00 00 00 00 00 01 00 3F 00 00 5C 00 5C 00 31 00 |.......?..\.\.1.|
000C0: 39 00 32 00 2E 00 31 00 36 00 38 00 2E 00 30 00 |9.2...1.6.8...0.|
000D0: 2E 00 36 00 5C 00 41 00 44 00 4D 00 49 00 4E 00 |..6.\.A.D.M.I.N.|
000E0: 49 00 53 00 54 00 52 00 41 00 54 00 4F 00 52 00 |I.S.T.R.A.T.O.R.|
000F0: 00 00 3F 3F 3F 3F 3F 00 |..?????. |

digest:
00000: 42 22 D6 C6 3E 40 1E 37 1E 5C EC 9D AA 0C 93 BD |B"╓╞>@.7.\∞.¬..╜|

SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCo
de=0,flags=0x0018,flags2=0xC007,signSeq=0,tid=0,pid=46677,uid=0,mid=7,wordCount=
13,byteCount=113,andxCommand=0x75,andxOffset=174,snd_buf_size=4356,maxMpxCount=1
0,VC_NUMBER=1,sessionKey=0,passwordLength=24,unicodePasswordLength=24,capabiliti
es=4180,accountName=administrator,primaryDomain=,NATIVE_OS=Windows
XP,NATIVE_LAN
MAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode
=0,flags=0x0018,flags2=0x0000,signSeq=0,tid=0,pid=46677,uid=0,mid=0,wordCount=4,
byteCount=63,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,
password=,path=\\192.168.0.6\ADMINISTRATOR,service=?????]
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 42 22 | SMBs......└..B"|
00010: D6 C6 3E 40 1E 37 00 00 00 00 55 B6 00 00 07 00 |╓╞>@.7....U╢....|
00020: 0D 75 00 AE 00 04 11 0A 00 01 00 00 00 00 00 18 |.u.«............|
00030: 00 18 00 00 00 00 00 54 10 00 00 71 00 85 01 C2 |.......T...q...┬|
00040: 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 A1 80 BA |Fq.╤«....^ε1πí.║|
00050: 55 46 BC 54 36 85 01 C2 46 71 0B D1 AE 90 9A 02 |UF╝T6..┬Fq.╤«...|
00060: 17 5E EE 31 E3 A1 80 BA 55 46 BC 54 36 00 61 00 |.^ε1πí.║UF╝T6.a.|
00070: 64 00 6D 00 69 00 6E 00 69 00 73 00 74 00 72 00 |d.m.i.n.i.s.t.r.|
00080: 61 00 74 00 6F 00 72 00 00 00 00 00 57 00 69 00 |a.t.o.r.....W.i.|
00090: 6E 00 64 00 6F 00 77 00 73 00 20 00 58 00 50 00 |n.d.o.w.s. .X.P.|
000A0: 00 00 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF |..j.C.I.F.S.... |
000B0: 00 00 00 00 00 01 00 3F 00 00 5C 00 5C 00 31 00 |.......?..\.\.1.|
000C0: 39 00 32 00 2E 00 31 00 36 00 38 00 2E 00 30 00 |9.2...1.6.8...0.|
000D0: 2E 00 36 00 5C 00 41 00 44 00 4D 00 49 00 4E 00 |..6.\.A.D.M.I.N.|
000E0: 49 00 53 00 54 00 52 00 41 00 54 00 4F 00 52 00 |I.S.T.R.A.T.O.R.|
000F0: 00 00 3F 3F 3F 3F 3F 00 |..?????. |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 73 00 00 00 00 98 07 C0 00 00 96 5B | SMBs......└...[|
00010: 52 E4 70 0E 42 73 00 00 04 10 55 B6 01 18 07 00 |RΣp.Bs....U╢....|

SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=false
,errorCode=0,flags=0x0098,flags2=0xC007,signSeq=1,tid=4100,pid=46677,uid=6145,mi
d=7,wordCount=3,byteCount=148,andxCommand=0x75,andxOffset=189,isLoggedInAsGuest=
false,nativeOs=Windows Server 2003 3790 Service Pack
1,nativeLanMan=Windows Serv
er 2003 5.2,primaryDomain=WORKGROUP]
00000: FF 53 4D 42 73 00 00 00 00 98 07 C0 00 00 96 5B | SMBs......└...[|
00010: 52 E4 70 0E 42 73 00 00 04 10 55 B6 01 18 07 00 |RΣp.Bs....U╢....|
00020: 03 75 00 BD 00 00 00 94 00 31 57 00 69 00 6E 00 |.u.╜.....1W.i.n.|
00030: 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00 |d.o.w.s. .S.e.r.|
00040: 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 00 |v.e.r. .2.0.0.3.|
00050: 20 00 33 00 37 00 39 00 30 00 20 00 53 00 65 00 | .3.7.9.0. .S.e.|
00060: 72 00 76 00 69 00 63 00 65 00 20 00 50 00 61 00 |r.v.i.c.e. .P.a.|
00070: 63 00 6B 00 20 00 31 00 00 00 57 00 69 00 6E 00 |c.k. .1...W.i.n.|
00080: 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00 |d.o.w.s. .S.e.r.|
00090: 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 00 |v.e.r. .2.0.0.3.|
000A0: 20 00 35 00 2E 00 32 00 00 00 57 00 4F 00 52 00 | .5...2...W.O.R.|
000B0: 4B 00 47 00 52 00 4F 00 55 00 50 00 00 03 FF 00 |K.G.R.O.U.P... .|
000C0: D4 00 01 00 0E 00 41 3A 00 FF 4E 00 54 00 46 00 |╘.....A:. N.T.F.|
000D0: 53 00 00 00 |S... |

update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 85 01 C2 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 |..┬Fq.╤«....^ε1π|
00020: A1 80 BA 55 46 BC 54 36 |í.║UF╝T6 |

update: 1 4:68
00000: FF 53 4D 42 32 00 00 00 00 18 07 C0 00 00 02 00 | SMB2......└....|
00010: 00 00 00 00 00 00 00 00 04 10 55 B6 01 18 08 00 |..........U╢....|
00020: 0F 02 00 00 00 00 00 20 03 00 00 00 00 00 00 00 |....... ........|
00030: 00 00 00 02 00 42 00 00 00 00 00 01 00 03 00 03 |.....B..........|
00040: 00 00 EF 03 |..∩. |

digest:
00000: E1 D1 64 A5 FB 90 32 C1 E4 25 E6 AB D9 74 CA A6 |ß╤dÑ√.2┴Σ%µ½┘t╩ª|

Trans2QueryFSInformation[command=SMB_COM_TRANSACTION2,received=false,errorCode=0
,flags=0x0018,flags2=0xC007,signSeq=2,tid=4100,pid=46677,uid=6145,mid=8,wordCoun
t=15,byteCount=3,totalParameterCount=2,totalDataCount=0,maxParameterCount=0,maxD
ataCount=800,maxSetupCount=0,flags=0x00,timeout=0,parameterCount=2,parameterOffs
et=66,parameterDisplacement=0,dataCount=0,dataOffset=68,dataDisplacement=0,setup
Count=1,pad=1,pad1=0,informationLevel=0x3EF]
00000: FF 53 4D 42 32 00 00 00 00 18 07 C0 00 00 E1 D1 | SMB2......└..ß╤|
00010: 64 A5 FB 90 32 C1 00 00 04 10 55 B6 01 18 08 00 |dÑ√.2┴....U╢....|
00020: 0F 02 00 00 00 00 00 20 03 00 00 00 00 00 00 00 |....... ........|
00030: 00 00 00 02 00 42 00 00 00 00 00 01 00 03 00 03 |.....B..........|
00040: 00 00 EF 03 |..∩. |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 32 22 00 00 C0 98 07 C0 00 00 16 3D | SMB2"..└..└...=|
00010: 73 B8 83 EC CE CA 00 00 04 10 55 B6 01 18 08 00 |s╕.∞╬╩....U╢....|

Trans2QueryFSInformationResponse[command=SMB_COM_TRANSACTION2,received=false,err
orCode=Access is
denied.,flags=0x0098,flags2=0xC007,signSeq=3,tid=4100,pid=46677
,uid=6145,mid=8,wordCount=0,byteCount=0,totalParameterCount=0,totalDataCount=0,p
arameterCount=0,parameterOffset=0,parameterDisplacement=0,dataCount=0,dataOffset
=0,dataDisplacement=0,setupCount=0,pad=0,pad1=0]
00000: FF 53 4D 42 32 22 00 00 C0 98 07 C0 00 00 16 3D | SMB2"..└..└...=|
00010: 73 B8 83 EC CE CA 00 00 04 10 55 B6 01 18 08 00 |s╕.∞╬╩....U╢....|
00020: 00 00 00 |... |

treeConnect: unc=\\192.168.0.6\IPC$,service=?????
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 85 01 C2 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 |..┬Fq.╤«....^ε1π|
00020: A1 80 BA 55 46 BC 54 36 |í.║UF╝T6 |

update: 1 4:88
00000: FF 53 4D 42 75 00 00 00 00 18 07 C0 00 00 04 00 | SMBu......└....|
00010: 00 00 00 00 00 00 00 00 00 00 55 B6 01 18 09 00 |..........U╢....|
00020: 04 FF 00 00 00 00 00 01 00 2D 00 00 5C 00 5C 00 |. .......-..\.\.|
00030: 31 00 39 00 32 00 2E 00 31 00 36 00 38 00 2E 00 |1.9.2...1.6.8...|
00040: 30 00 2E 00 36 00 5C 00 49 00 50 00 43 00 24 00 |0...6.\.I.P.C.$.|
00050: 00 00 3F 3F 3F 3F 3F 00 |..?????. |

digest:
00000: 5E 21 93 BA 74 72 A8 B0 C5 E5 29 B3 5E F4 A0 89 |^!.║tr¿░┼σ)│^⌠á.|

SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode
=0,flags=0x0018,flags2=0xC007,signSeq=4,tid=0,pid=46677,uid=6145,mid=9,wordCount
=4,byteCount=45,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength
=1,password=,path=\\192.168.0.6\IPC$,service=?????]
00000: FF 53 4D 42 75 00 00 00 00 18 07 C0 00 00 5E 21 | SMBu......└..^!|
00010: 93 BA 74 72 A8 B0 00 00 00 00 55 B6 01 18 09 00 |.║tr¿░....U╢....|
00020: 04 FF 00 00 00 00 00 01 00 2D 00 00 5C 00 5C 00 |. .......-..\.\.|
00030: 31 00 39 00 32 00 2E 00 31 00 36 00 38 00 2E 00 |1.9.2...1.6.8...|
00040: 30 00 2E 00 36 00 5C 00 49 00 50 00 43 00 24 00 |0...6.\.I.P.C.$.|
00050: 00 00 3F 3F 3F 3F 3F 00 |..?????. |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 75 22 00 00 C0 98 07 C0 00 00 53 8B | SMBu"..└..└..S.|
00010: 13 65 B8 1B 81 3B 00 00 00 00 55 B6 01 18 09 00 |.e╕..;....U╢....|

SmbComTreeConnectAndXResponse[command=SMB_COM_TREE_CONNECT_ANDX,received=false,e
rrorCode=Access is
denied.,flags=0x0098,flags2=0xC007,signSeq=5,tid=0,pid=46677,
uid=6145,mid=9,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,supportSear
chBits=false,shareIsInDfs=false,service=null,nativeFileSystem=]
00000: FF 53 4D 42 75 22 00 00 C0 98 07 C0 00 00 53 8B | SMBu"..└..└..S.|
00010: 13 65 B8 1B 81 3B 00 00 00 00 55 B6 01 18 09 00 |.e╕..;....U╢....|
00020: 00 00 00 |... |

update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 85 01 C2 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 |..┬Fq.╤«....^ε1π|
00020: A1 80 BA 55 46 BC 54 36 |í.║UF╝T6 |

update: 1 4:109
00000: FF 53 4D 42 25 00 00 00 00 18 07 C0 00 00 06 00 | SMB%......└....|
00010: 00 00 00 00 00 00 00 00 03 10 55 B6 00 20 0A 00 |..........U╢. ..|
00020: 0E 13 00 00 00 08 00 FF FD 00 00 00 00 88 13 00 |....... ².......|
00030: 00 00 00 13 00 5A 00 00 00 00 00 00 00 2E 00 00 |.....Z..........|
00040: 5C 00 50 00 49 00 50 00 45 00 5C 00 4C 00 41 00 |\.P.I.P.E.\.L.A.|
00050: 4E 00 4D 00 41 00 4E 00 00 00 00 00 57 72 4C 65 |N.M.A.N.....WrLe|
00060: 68 00 42 31 33 42 57 7A 00 01 00 FF FD |h.B13BWz... ² |

digest:
00000: B7 5A 65 D3 BD C0 B8 D9 9A 60 80 C7 62 0E 83 C5 |╖Ze╙╜└╕┘.`.╟b..┼|

NetShareEnum[command=SMB_COM_TRANSACTION,received=false,errorCode=0,flags=0x0018
,flags2=0xC007,signSeq=6,tid=4099,pid=46677,uid=8192,mid=10,wordCount=14,byteCou
nt=46,totalParameterCount=19,totalDataCount=0,maxParameterCount=8,maxDataCount=6
5023,maxSetupCount=0,flags=0x00,timeout=5000,parameterCount=19,parameterOffset=9
0,parameterDisplacement=0,dataCount=0,dataOffset=110,dataDisplacement=0,setupCou
nt=0,pad=0,pad1=1]
00000: FF 53 4D 42 25 00 00 00 00 18 07 C0 00 00 B7 5A | SMB%......└..╖Z|
00010: 65 D3 BD C0 B8 D9 00 00 03 10 55 B6 00 20 0A 00 |e╙╜└╕┘....U╢. ..|
00020: 0E 13 00 00 00 08 00 FF FD 00 00 00 00 88 13 00 |....... ².......|
00030: 00 00 00 13 00 5A 00 00 00 00 00 00 00 2E 00 00 |.....Z..........|
00040: 5C 00 50 00 49 00 50 00 45 00 5C 00 4C 00 41 00 |\.P.I.P.E.\.L.A.|
00050: 4E 00 4D 00 41 00 4E 00 00 00 00 00 57 72 4C 65 |N.M.A.N.....WrLe|
00060: 68 00 42 31 33 42 57 7A 00 01 00 FF FD |h.B13BWz... ² |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 25 22 00 00 C0 98 07 C0 00 00 E3 67 | SMB%"..└..└..πg|
00010: E3 3A 2E 81 D0 41 00 00 03 10 55 B6 00 20 0A 00 |π:..╨A....U╢. ..|

NetShareEnumResponse[command=SMB_COM_TRANSACTION,received=false,errorCode=Access
is
denied.,flags=0x0098,flags2=0xC007,signSeq=7,tid=4099,pid=46677,uid=8192,mid
=10,wordCount=0,byteCount=0,totalParameterCount=0,totalDataCount=0,parameterCoun
t=0,parameterOffset=0,parameterDisplacement=0,dataCount=0,dataOffset=0,dataDispl
acement=0,setupCount=0,pad=0,pad1=0,status=0,converter=0,entriesReturned=0,total
AvailableEntries=0]
00000: FF 53 4D 42 25 22 00 00 C0 98 07 C0 00 00 E3 67 | SMB%"..└..└..πg|
00010: E3 3A 2E 81 D0 41 00 00 03 10 55 B6 00 20 0A 00 |π:..╨A....U╢. ..|
00020: 00 00 00 |... |

doFindFirstNext: \
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 85 01 C2 46 71 0B D1 AE 90 9A 02 17 5E EE 31 E3 |..┬Fq.╤«....^ε1π|
00020: A1 80 BA 55 46 BC 54 36 |í.║UF╝T6 |

update: 1 4:84
00000: FF 53 4D 42 32 00 00 00 00 18 07 C0 00 00 08 00 | SMB2......└....|
00010: 00 00 00 00 00 00 00 00 04 10 55 B6 01 18 0B 00 |..........U╢....|
00020: 0F 12 00 00 00 0A 00 FF FF 00 00 00 00 00 00 00 |....... .......|
00030: 00 00 00 12 00 42 00 00 00 00 00 01 00 01 00 13 |.....B..........|
00040: 00 00 16 00 C8 00 00 00 04 01 00 00 00 00 5C 00 |....╚.........\.|
00050: 2A 00 00 00 |*... |

digest:
00000: A7 A6 AD B2 E5 86 12 A1 A6 45 9F 7F C5 E4 D5 D9 |ºª¡▓σ..íªE..┼Σ╒┘|

Trans2FindFirst2[command=SMB_COM_TRANSACTION2,received=false,errorCode=0,flags=0
x0018,flags2=0xC007,signSeq=8,tid=4100,pid=46677,uid=6145,mid=11,wordCount=15,by
teCount=19,totalParameterCount=18,totalDataCount=0,maxParameterCount=10,maxDataC
ount=65535,maxSetupCount=0,flags=0x00,timeout=0,parameterCount=18,parameterOffse
t=66,parameterDisplacement=0,dataCount=0,dataOffset=84,dataDisplacement=0,setupC
ount=1,pad=1,pad1=0,searchAttributes=0x16,searchCount=200,flags=0x00,information
Level=0x104,searchStorageType=0,filename=\]
00000: FF 53 4D 42 32 00 00 00 00 18 07 C0 00 00 A7 A6 | SMB2......└..ºª|
00010: AD B2 E5 86 12 A1 00 00 04 10 55 B6 01 18 0B 00 |¡▓σ..í....U╢....|
00020: 0F 12 00 00 00 0A 00 FF FF 00 00 00 00 00 00 00 |....... .......|
00030: 00 00 00 12 00 42 00 00 00 00 00 01 00 01 00 13 |.....B..........|
00040: 00 00 16 00 C8 00 00 00 04 01 00 00 00 00 5C 00 |....╚.........\.|
00050: 2A 00 00 00 |*... |

New data read: Transport2[0.0.0.0<00>/192.168.0.6:445]
00000: FF 53 4D 42 32 22 00 00 C0 98 07 C0 00 00 58 19 | SMB2"..└..└..X.|
00010: 8F 1D 66 C2 29 4F 00 00 04 10 55 B6 01 18 0B 00 |..f┬)O....U╢....|

Trans2FindFirst2Response[command=SMB_COM_TRANSACTION2,received=false,errorCode=A
ccess is
denied.,flags=0x0098,flags2=0xC007,signSeq=9,tid=4100,pid=46677,uid=614
5,mid=11,wordCount=0,byteCount=0,totalParameterCount=0,totalDataCount=0,paramete
rCount=0,parameterOffset=0,parameterDisplacement=0,dataCount=0,dataOffset=0,data
Displacement=0,setupCount=0,pad=0,pad1=0,sid=0,searchCount=0,isEndOfSearch=false
,eaErrorOffset=0,lastNameOffset=0,lastName=null]
00000: FF 53 4D 42 32 22 00 00 C0 98 07 C0 00 00 58 19 | SMB2"..└..└..X.|
00010: 8F 1D 66 C2 29 4F 00 00 04 10 55 B6 01 18 0B 00 |..f┬)O....U╢....|
00020: 00 00 00 |... |


(stripped IE7 debug output to reduce the message size)


bye
Thomas


Alvin Anwar wrote:
>
> Hm ...
>
> Not really solved, it will work properly once or twice before having 
> the same error again, as my previous previous post. I'll try to do 
> more testings before sending further e-mails (I feel like a spammer 
> now) - but the symptoms in my previous previous mail still stands.
>
> Regards, Alvin
>

More information about the jcifs mailing list