[jcifs] NtlmHttpFilter + Normal Authentication
Paulo Alexandre Figueiredo Gonçalves
paulo at hdfigueira.min-saude.pt
Fri Jul 27 15:23:18 GMT 2007
Skipped content of type multipart/alternative-------------- next part --------------
SmbComNegotiate[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0018,flags2=0xC003,signSeq=0,tid=0,pid=44371,uid=0,mid=8,wordCount=0,byteCount=12,wordCount=0,dialects=NT LM 0.12]
New data read: Transport2[ffaut02.hdff.pt/192.168.1.2:0]
00000: FF 53 4D 42 72 00 00 00 00 98 03 C0 00 00 00 00 |ÿSMBr......À....|
00010: 00 00 00 00 00 00 00 00 00 00 53 AD 00 00 08 00 |..........SÂ....|
SmbComNegotiateResponse[command=SMB_COM_NEGOTIATE,received=false,errorCode=0,flags=0x0098,flags2=0xC003,signSeq=0,tid=0,pid=44371,uid=0,mid=8,wordCount=17,byteCount=34,wordCount=17,dialectIndex=0,securityMode=0xF,security=user,encryptedPasswords=true,maxMpxCount=50,maxNumberVcs=1,maxBufferSize=16644,maxRawSize=65536,sessionKey=0x00000000,capabilities=0x0001F3FD,serverTime=Fri Jul 27 14:41:42 WEST 2007,serverTimeZone=65476,encryptionKeyLength=8,byteCount=34,encryptionKey=0xD9F483601EBC581B,oemDomainName=HDFF]
Default credentials (jcifs.smb.client.username/password) not specified. SMB signing may not work propertly. Skipping DC interrogation.
27/Jul/2007 14:40:06 org.apache.catalina.cluster.session.DeltaManager requestCompleted
SEVERE: Unable to serialize delta request for sessionid [9110A17FF87AFFC67F2A8C55D1928C5B.node01]
java.io.NotSerializableException: jcifs.UniAddress
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1075)
at java.io.ObjectOutputStream.defaultWriteFields(ObjectOutputStream.java:1369)
at java.io.ObjectOutputStream.writeSerialData(ObjectOutputStream.java:1341)
at java.io.ObjectOutputStream.writeOrdinaryObject(ObjectOutputStream.java:1284)
at java.io.ObjectOutputStream.writeObject0(ObjectOutputStream.java:1073)
at java.io.ObjectOutputStream.writeObject(ObjectOutputStream.java:291)
at org.apache.catalina.cluster.session.DeltaRequest$AttributeInfo.writeExternal(DeltaRequest.java:346)
at org.apache.catalina.cluster.session.DeltaRequest.writeExternal(DeltaRequest.java:263)
at org.apache.catalina.cluster.session.DeltaManager.unloadDeltaRequest(DeltaManager.java:711)
at org.apache.catalina.cluster.session.DeltaManager.requestCompleted(DeltaManager.java:1294)
at org.apache.catalina.cluster.tcp.ReplicationValve.send(ReplicationValve.java:548)
at org.apache.catalina.cluster.tcp.ReplicationValve.sendMessage(ReplicationValve.java:535)
at org.apache.catalina.cluster.tcp.ReplicationValve.sendSessionReplicationMessage(ReplicationValve.java:517)
at org.apache.catalina.cluster.tcp.ReplicationValve.sendReplicationMessage(ReplicationValve.java:427)
at org.apache.catalina.cluster.tcp.ReplicationValve.invoke(ReplicationValve.java:361)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
treeConnect: unc=\\ffaut02.hdff.pt\IPC$,service=?????
sessionSetup: accountName=paulo,primaryDomain=HDFF
LM_COMPATIBILITY=0
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 2B 36 0C F3 6F FA DF 2F A0 82 66 55 49 D1 01 2C |+6.óoúß/ .fUIÑ.,|
00020: 66 BF 37 15 85 07 4F 18 |f¿7...O. |
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 2B 36 0C F3 6F FA DF 2F A0 82 66 55 49 D1 01 2C |+6.óoúß/ .fUIÑ.,|
00020: 66 BF 37 15 85 07 4F 18 |f¿7...O. |
update: 1 4:220
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 00 00 |ÿSMBs......À....|
00010: 00 00 00 00 00 00 00 00 00 00 53 AD 00 00 09 00 |..........SÂ....|
00020: 0D 75 00 9C 00 04 41 0A 00 01 00 00 00 00 00 18 |.u....A.........|
00030: 00 18 00 00 00 00 00 54 10 00 00 5F 00 7F 9F 88 |.......T..._....|
00040: 23 00 0F E8 7A CE F4 30 C2 95 B5 49 FC E2 89 9F |#..èzÎô0Â.µIüâ..|
00050: 24 53 FA 25 AC 2B 36 0C F3 6F FA DF 2F A0 82 66 |$Sú%¬+6.óoúß/ .f|
00060: 55 49 D1 01 2C 66 BF 37 15 85 07 4F 18 00 70 00 |UIÑ.,f¿7...O..p.|
00070: 61 00 75 00 6C 00 6F 00 00 00 48 00 44 00 46 00 |a.u.l.o...H.D.F.|
00080: 46 00 00 00 4C 00 69 00 6E 00 75 00 78 00 00 00 |F...L.i.n.u.x...|
00090: 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF 00 DE |j.C.I.F.S....ÿ.Þ|
000A0: DE 00 00 01 00 35 00 00 5C 00 5C 00 66 00 66 00 |Þ....5..\.\.f.f.|
000B0: 61 00 75 00 74 00 30 00 32 00 2E 00 68 00 64 00 |a.u.t.0.2...h.d.|
000C0: 66 00 66 00 2E 00 70 00 74 00 5C 00 49 00 50 00 |f.f...p.t.\.I.P.|
000D0: 43 00 24 00 00 00 3F 3F 3F 3F 3F 00 |C.$...?????. |
digest:
00000: 8C 50 7A C8 80 A3 5A D5 B5 75 2A 15 04 1B 36 07 |.PzÈ.£ZÕµu*...6.|
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC007,signSeq=0,tid=0,pid=44371,uid=0,mid=9,wordCount=13,byteCount=95,andxCommand=0x75,andxOffset=156,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=24,unicodePasswordLength=24,capabilities=4180,accountName=paulo,primaryDomain=HDFF,NATIVE_OS=Linux,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0x0000,signSeq=0,tid=0,pid=44371,uid=0,mid=0,wordCount=4,byteCount=53,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,password=,path=\\ffaut02.hdff.pt\IPC$,service=?????]
New data read: Transport2[ffaut02.hdff.pt/192.168.1.2:0]
00000: FF 53 4D 42 73 00 00 00 00 98 07 C0 00 00 BE 14 |ÿSMBs......À..¾.|
00010: 4C E1 CF 36 98 58 00 00 01 90 53 AD 02 28 09 00 |LáÃ6.X....SÂ.(..|
SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0098,flags2=0xC007,signSeq=1,tid=36865,pid=44371,uid=10242,mid=9,wordCount=3,byteCount=138,andxCommand=0x75,andxOffset=179,isLoggedInAsGuest=false,nativeOs=Windows Server 2003 3790 Service Pack 1,nativeLanMan=Windows Server 2003 5.2,primaryDomain=HDFF]
NtlmHttpFilter: HDFF\paulo successfully authenticated against ffaut02.hdff.pt/192.168.1.2
##### try to connect with second user (first try)
treeConnect: unc=\\ffaut03.hdff.pt\IPC$,service=?????
sessionSetup: accountName=mario,primaryDomain=hdff
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: A5 A6 D3 CA F5 04 14 C4 92 DC 9D 00 B8 A5 2D 58 |¥¦ÓÊõ..Ä.Ü..¸¥-X|
00020: 2B 75 6A FD 40 D1 ED F0 |+ujý@ÑÃð |
update: 1 4:220
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 02 00 |ÿSMBs......À....|
00010: 00 00 00 00 00 00 00 00 00 00 53 AD 00 00 09 00 |..........SÂ....|
00020: 0D 75 00 9C 00 04 41 0A 00 01 00 00 00 00 00 18 |.u....A.........|
00030: 00 18 00 00 00 00 00 54 10 00 00 5F 00 13 27 FE |.......T..._..'þ|
00040: 5F 98 61 63 31 AA C9 B1 A3 A9 67 98 E4 BD 61 75 |_.ac1ªÉ±£©g.ä½au|
00050: 1A E1 22 CD 95 B9 F7 3E 54 77 D9 67 F6 5D 0D 74 |.á"Ã.¹÷>TwÙgö].t|
00060: 10 83 00 D4 4C 64 E6 8C 05 F3 ED 1A 8E 00 6D 00 |...ÔLdæ..óÃ...m.|
00070: 61 00 72 00 69 00 6F 00 00 00 48 00 44 00 46 00 |a.r.i.o...H.D.F.|
00080: 46 00 00 00 4C 00 69 00 6E 00 75 00 78 00 00 00 |F...L.i.n.u.x...|
00090: 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF 00 DE |j.C.I.F.S....ÿ.Þ|
000A0: DE 00 00 01 00 35 00 00 5C 00 5C 00 66 00 66 00 |Þ....5..\.\.f.f.|
000B0: 61 00 75 00 74 00 30 00 33 00 2E 00 68 00 64 00 |a.u.t.0.3...h.d.|
000C0: 66 00 66 00 2E 00 70 00 74 00 5C 00 49 00 50 00 |f.f...p.t.\.I.P.|
000D0: 43 00 24 00 00 00 3F 3F 3F 3F 3F 00 |C.$...?????. |
digest:
00000: E1 05 50 AF 5E DA 90 EB 6D CB AF 84 2A 1E C9 1B |á.P¯^Ú.ëm˯.*.É.|
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC007,signSeq=2,tid=0,pid=44371,uid=0,mid=9,wordCount=13,byteCount=95,andxCommand=0x75,andxOffset=156,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=24,unicodePasswordLength=24,capabilities=4180,accountName=mario,primaryDomain=HDFF,NATIVE_OS=Linux,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0x0000,signSeq=0,tid=0,pid=44371,uid=0,mid=0,wordCount=4,byteCount=53,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,password=,path=\\ffaut03.hdff.pt\IPC$,service=?????]
New data read: Transport1[ffaut03.hdff.pt/192.168.1.3:0]
00000: FF 53 4D 42 73 22 00 00 C0 98 07 C0 00 00 E6 85 |ÿSMBs"..À..À..æ.|
00010: 1A D7 25 14 25 1B 00 00 00 00 53 AD 00 00 09 00 |.×%.%.....SÂ....|
SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=Access is denied.,flags=0x0098,flags2=0xC007,signSeq=3,tid=0,pid=44371,uid=0,mid=9,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,isLoggedInAsGuest=false,nativeOs=,nativeLanMan=,primaryDomain=]
##### try to connect with second user (second try)
treeConnect: unc=\\ffaut02.hdff.pt\IPC$,service=?????
sessionSetup: accountName=mario,primaryDomain=hdff
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 2B 36 0C F3 6F FA DF 2F A0 82 66 55 49 D1 01 2C |+6.óoúß/ .fUIÑ.,|
00020: 66 BF 37 15 85 07 4F 18 |f¿7...O. |
update: 1 4:220
00000: FF 53 4D 42 73 00 00 00 00 18 07 C0 00 00 02 00 |ÿSMBs......À....|
00010: 00 00 00 00 00 00 00 00 00 00 53 AD 00 00 0A 00 |..........SÂ....|
00020: 0D 75 00 9C 00 04 41 0A 00 01 00 00 00 00 00 18 |.u....A.........|
00030: 00 18 00 00 00 00 00 54 10 00 00 5F 00 09 CD 5B |.......T..._..Ã[|
00040: FD CE 69 28 E0 BE CB F6 AC 3E C6 0B 4A E2 89 9F |ýÎi(à ¾Ëö¬>Æ.Jâ..|
00050: 24 53 FA 25 AC 31 BF 0E 0B 72 79 25 F4 25 37 BB |$Sú%¬1¿..ry%ô%7»|
00060: 82 C1 0E 16 76 9E 35 27 1B 49 B3 F9 AF 00 6D 00 |.Ã..v.5'.I³ù¯.m.|
00070: 61 00 72 00 69 00 6F 00 00 00 48 00 44 00 46 00 |a.r.i.o...H.D.F.|
00080: 46 00 00 00 4C 00 69 00 6E 00 75 00 78 00 00 00 |F...L.i.n.u.x...|
00090: 6A 00 43 00 49 00 46 00 53 00 00 00 04 FF 00 DE |j.C.I.F.S....ÿ.Þ|
000A0: DE 00 00 01 00 35 00 00 5C 00 5C 00 66 00 66 00 |Þ....5..\.\.f.f.|
000B0: 61 00 75 00 74 00 30 00 32 00 2E 00 68 00 64 00 |a.u.t.0.2...h.d.|
000C0: 66 00 66 00 2E 00 70 00 74 00 5C 00 49 00 50 00 |f.f...p.t.\.I.P.|
000D0: 43 00 24 00 00 00 3F 3F 3F 3F 3F 00 |C.$...?????. |
digest:
00000: 68 F4 F4 45 7C 7B 00 C5 83 1F F3 5B 5C 26 9E 54 |hôôE|{.Ã
..ó[\&.T|
SmbComSessionSetupAndX[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC007,signSeq=2,tid=0,pid=44371,uid=0,mid=10,wordCount=13,byteCount=95,andxCommand=0x75,andxOffset=156,snd_buf_size=16644,maxMpxCount=10,VC_NUMBER=1,sessionKey=0,passwordLength=24,unicodePasswordLength=24,capabilities=4180,accountName=mario,primaryDomain=HDFF,NATIVE_OS=Linux,NATIVE_LANMAN=jCIFS]
SmbComTreeConnectAndX[command=SMB_COM_TREE_CONNECT_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0x0000,signSeq=0,tid=0,pid=44371,uid=0,mid=0,wordCount=4,byteCount=53,andxCommand=0xFF,andxOffset=0,disconnectTid=false,passwordLength=1,password=,path=\\ffaut02.hdff.pt\IPC$,service=?????]
New data read: Transport2[ffaut02.hdff.pt/192.168.1.2:0]
00000: FF 53 4D 42 73 22 00 00 C0 98 07 C0 00 00 8E AA |ÿSMBs"..À..À...ª|
00010: 5B 6D A8 8F DC EA 00 00 00 00 53 AD 00 00 0A 00 |[m¨.Üê....SÂ....|
SmbComSessionSetupAndXResponse[command=SMB_COM_SESSION_SETUP_ANDX,received=false,errorCode=Access is denied.,flags=0x0098,flags2=0xC007,signSeq=3,tid=0,pid=44371,uid=0,mid=10,wordCount=0,byteCount=0,andxCommand=0xFF,andxOffset=0,isLoggedInAsGuest=false,nativeOs=,nativeLanMan=,primaryDomain=]
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: A5 A6 D3 CA F5 04 14 C4 92 DC 9D 00 B8 A5 2D 58 |¥¦ÓÊõ..Ä.Ü..¸¥-X|
00020: 2B 75 6A FD 40 D1 ED F0 |+ujý@ÑÃð |
update: 1 4:35
00000: FF 53 4D 42 71 00 00 00 00 18 07 C0 00 00 04 00 |ÿSMBq......À....|
00010: 00 00 00 00 00 00 00 00 07 F0 53 AD 01 08 00 00 |.........ðSÂ....|
00020: 00 00 00 |... |
digest:
00000: 5D 6D 72 58 C8 05 B8 B0 02 1A 16 5A 25 79 3F 64 |]mrXÈ.¸°...Z%y?d|
SmbComTreeDisconnect[command=SMB_COM_TREE_DISCONNECT,received=false,errorCode=0,flags=0x0018,flags2=0xC007,signSeq=4,tid=61447,pid=44371,uid=2049,mid=0,wordCount=0,byteCount=0]
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: A5 A6 D3 CA F5 04 14 C4 92 DC 9D 00 B8 A5 2D 58 |¥¦ÓÊõ..Ä.Ü..¸¥-X|
00020: 2B 75 6A FD 40 D1 ED F0 |+ujý@ÑÃð |
update: 1 4:39
00000: FF 53 4D 42 74 00 00 00 00 18 07 C0 00 00 06 00 |ÿSMBt......À....|
00010: 00 00 00 00 00 00 00 00 00 00 53 AD 01 08 00 00 |..........SÂ....|
00020: 02 FF 00 DE DE 00 00 |.ÿ.ÞÞ.. |
digest:
00000: 3A 2E 0C AA 74 FF DA FB 51 01 94 7E 71 A4 F8 F1 |:..ªtÿÚûQ..~q¤øñ|
SmbComLogoffAndX[command=SMB_COM_LOGOFF_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC007,signSeq=6,tid=0,pid=44371,uid=2049,mid=0,wordCount=2,byteCount=0,andxCommand=0xFF,andxOffset=0]
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 2B 36 0C F3 6F FA DF 2F A0 82 66 55 49 D1 01 2C |+6.óoúß/ .fUIÑ.,|
00020: 66 BF 37 15 85 07 4F 18 |f¿7...O. |
update: 1 4:35
00000: FF 53 4D 42 71 00 00 00 00 18 07 C0 00 00 04 00 |ÿSMBq......À....|
00010: 00 00 00 00 00 00 00 00 01 90 53 AD 02 28 00 00 |..........SÂ.(..|
00020: 00 00 00 |... |
digest:
00000: C6 33 59 95 5D 9E A4 BE 57 62 83 CA C5 8C D1 EB |Æ3Y.].¤¾Wb.ÊÃ
.Ñë|
SmbComTreeDisconnect[command=SMB_COM_TREE_DISCONNECT,received=false,errorCode=0,flags=0x0018,flags2=0xC007,signSeq=4,tid=36865,pid=44371,uid=10242,mid=0,wordCount=0,byteCount=0]
update: 0 0:40
00000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00010: 2B 36 0C F3 6F FA DF 2F A0 82 66 55 49 D1 01 2C |+6.óoúß/ .fUIÑ.,|
00020: 66 BF 37 15 85 07 4F 18 |f¿7...O. |
update: 1 4:39
00000: FF 53 4D 42 74 00 00 00 00 18 07 C0 00 00 06 00 |ÿSMBt......À....|
00010: 00 00 00 00 00 00 00 00 00 00 53 AD 02 28 00 00 |..........SÂ.(..|
00020: 02 FF 00 DE DE 00 00 |.ÿ.ÞÞ.. |
digest:
00000: 43 96 84 3D 4D 0E 38 83 30 82 17 0A 96 E1 3F 51 |C..=M.8.0....á?Q|
SmbComLogoffAndX[command=SMB_COM_LOGOFF_ANDX,received=false,errorCode=0,flags=0x0018,flags2=0xC007,signSeq=6,tid=0,pid=44371,uid=10242,mid=0,wordCount=2,byteCount=0,andxCommand=0xFF,andxOffset=0]
More information about the jcifs
mailing list