[jcifs] Creating DCE/RPC Requests
christofer.dutz at c-ware.de
christofer.dutz at c-ware.de
Mon Jan 9 06:44:45 MST 2012
Hi Mike,
I compared the Wireshark dumps and actually found a difference.
In the PsExec call to bind to the svcctl pipe two Ctx Items are sent and in the JCIFS version only one is sent.
PsExec:
- Item 1:
- Interface: 367abb81-9844-35f1-ad32-98f038001003
- Interface Ver: 2
- Interface Ver minor: 0
- Transfer Syntax: 8a885d04-1ceb-11c9-9fe8-08002b104860 Version 2
- Item 2:
- Interface: 367abb81-9844-35f1-ad32-98f038001003
- Interface Ver: 2
- Interface Ver minor: 0
- Transfer Syntax: 6cb71c2c-9812-4540-0300-000000000000 Version 1
In the JCIFS version only item one is sent, but that one is identical. So I guess that the remote host is expecting to receive this two-item binding request.
Unfortunately I can't figure out how to make JCIFS send such a binding request.
Help is greatly appreciated here.
Chris
[ C h r i s t o f e r D u t z ]
C-Ware IT-Service
Inhaber
Dipl. Inf. Christofer Dutz
Karlstraße. 104, 64285 Darmstadt
fon: 0 61 51 / 27315 - 61
fax: 0 61 51 / 27315 - 64
mobil: 0171 / 7 444 2 33
email: christofer.dutz at c-ware.de
http://www.c-ware.de
UStId-Nr. DE195700962
-----Ursprüngliche Nachricht-----
Von: Michael B Allen [mailto:ioplex at gmail.com]
Gesendet: Donnerstag, 5. Januar 2012 09:17
An: christofer.dutz at c-ware.de
Cc: jcifs at lists.samba.org
Betreff: Re: [jcifs] Creating DCE/RPC Requests
On Wed, Jan 4, 2012 at 2:04 AM, christofer.dutz at c-ware.de <christofer.dutz at c-ware.de> wrote:
> Hi,
>
>
>
> I am currently digging into using the DCE/RPC parts of JCIFS.
> Unfortunately I am running into problems.
>
> Iused midlc (Version 0.6.1) To generate a JCIFS compatible stub for
> the svcctl Service and am now trying to call it. Unfortunately I am
> getting
> "jcifs.dcerpc.DcerpcException: DCERPC_FAULT_PROTO_ERROR"
>
>
>
> Here comes my code:
>
>
>
> rpc.policy_handle scHandle = new rpc.policy_handle();
>
> SvcCtl.OpenSCManager openSCManagerRpc = new
> SvcCtl.OpenSCManager(host, null, 0x0001 | 0x0002, scHandle);
>
>
>
> // Connection-oriented DCE/RPC over SMB named pipes.
>
> DcerpcHandle handle = DcerpcHandle.getHandle("ncacn_np:" +
> host
> + "[\\PIPE\\svcctl]",
>
>
> ConcurrentNtlmAuthenticator.getInstance().getNtlmPasswordAuthenticatio
> n());
>
> try {
>
> handle.sendrecv(openSCManagerRpc); ßThe
> Exception is thrown when executing this line.
>
> if (openSCManagerRpc.retval != 0) {
>
> throw new SmbException(openSCManagerRpc.retval,
> true);
>
> }
>
> } catch(Exception e) {
>
> e.printStackTrace();
>
> } finally {
>
> try {
>
> handle.close();
>
> } catch(IOException ioe) {
>
> ioe.printStackTrace();
>
> }
>
> }
>
>
>
> So what am I doing wrong? I would be really glad if you could help me
> get started, as Googling doesn't seem to get me very far (There seems
> to be almost no information on this available)
Hi Chris,
The IDL is probably wrong. Look at Samba IDL. There is a lot of IDL available in Microsoft documentation now too. Note that midlc only understands a small critical subset of MIDL. In practice you really need to get two captures and compare them side-by-side to verify that the NDR segments are encoded in an identical way. This is true even if you get it to actually work.
Mike
--
Michael B Allen
Java Active Directory Integration
http://www.ioplex.com/
More information about the jCIFS
mailing list