Patch for smbclient command du, tar cn, PASSWD_FILE and PASSWD_FD

[Alexandre Oliva]

I wrote:

>> Sure.  I've investigated the problem: it will not occur on my x86
>> (RedHat Linux 5.1) builds, only on the sparc (Solaris 2.[56]) builds.
>> Furthermore, I'm only unable to connect to the server if it demands
>> encryption.  This seems to indicate some byte-ordering problem in the
>> encryption code.

Luke Kenneth Casson Leighton <lkcl at switchboard.net> writes:

> ... -n -s 1500 options are needed, here.  and a version of tcpdump that
> decodes netbios packets also needed.  raw data's hard to stare at unless
> you're on a roll and do it all the time...

How about this?  143.106.23.129 is the WNT4 server; 143.106.24.138 is
a Solaris 2.6 client, and 143.106.24.132 is a RedHat Linux 5.1 x86.


02:38:58.207451 143.106.24.138.32809 > 143.106.23.129.139: S 279378652:279378652(0) win 8760 <mss 1460> (DF)
02:38:58.217451 143.106.23.129.139 > 143.106.24.138.32809: S 1957631074:1957631074(0) ack 279378653 win 8760 <mss 1460> (DF)
02:38:58.217451 143.106.24.138.32809 > 143.106.23.129.139: . ack 1 win 8760 (DF)
02:38:58.467451 143.106.24.138.32809 > 143.106.23.129.139: P 1:77(76) ack 1 win 8760
>>> NBT Packet
NBT Session Request
Flags=0x81000048
Destination=SEC-SERVER      NameType=0x20 (Server)
Source=RABICO          NameType=0x00 (Workstation)
Data: (4 bytes)
[000] 00 00 00 00                                       .... 

 (DF)
02:38:58.477451 143.106.23.129.139 > 143.106.24.138.32809: P 1:5(4) ack 77 win 8684
>>> NBT Packet
NBT Session Granted
Flags=0x82000000

 (DF)
02:38:58.477451 143.106.24.138.32809 > 143.106.23.129.139: . ack 5 win 8760 (DF)
02:38:58.477451 143.106.24.138.32809 > 143.106.23.129.139: P 77:245(168) ack 5 win 8760
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=164

SMB PACKET: SMBnegprot (REQUEST)
SMB Command   =  0x72
Error class   =  0x0
Error code    =  0
Flags1        =  0x0
Flags2        =  0x0
Tree ID       =  0
Proc ID       =  399
UID           =  404
MID           =  499
Word Count    =  0
Dialect=PC NETWORK PROGRAM 1.0
Dialect=MICROSOFT NETWORKS 1.03
Dialect=MICROSOFT NETWORKS 3.0
Dialect=LANMAN1.0
Dialect=LM1.2X002
Dialect=Samba
Dialect=NT LM 0.12
Dialect=NT LANMAN 1.0


 (DF)
02:38:58.477451 143.106.23.129.139 > 143.106.24.138.32809: P 5:114(109) ack 245 win 8516
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=105

SMB PACKET: SMBnegprot (REPLY)
SMB Command   =  0x72
Error class   =  0x0
Error code    =  0
Flags1        =  0x80
Flags2        =  0x0
Tree ID       =  0
Proc ID       =  399
UID           =  404
MID           =  499
Word Count    =  17
NT1 Protocol
DialectIndex=6
SecMode=0x3
MaxMux=50
NumVcs=1
MaxBuffer=4356
RawSize=65536
SessionKey=0x0
Capabilities=0x43FD
ServerTime=Fri Sep 18 01:40:35 1998
TimeZone=180
CryptKey=Data: (1 bytes)
[000] 08                                                . 
[000] CA 17 1E 88 76 77 ED 44  53 00 45 00 43 00 52 00  ....vw.D S.E.C.R.
[010] 45 00 54 00 41 00 52 00  49 00 41 00 2D 00 49 00  E.T.A.R. I.A.-.I.
[020] 43 00 00 00                                       C... 


 (DF)
02:38:58.517451 143.106.24.138.32809 > 143.106.23.129.139: . ack 114 win 8760 (DF)
02:39:01.927451 143.106.24.138.32809 > 143.106.23.129.139: P 245:386(141) ack 114 win 8760
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=137

SMB PACKET: SMBsesssetupX (REQUEST)
SMB Command   =  0x73
Error class   =  0x0
Error code    =  0
Flags1        =  0x8
Flags2        =  0x1
Tree ID       =  0
Proc ID       =  399
UID           =  404
MID           =  499
Word Count    =  13
Com2=0xFF
Res1=0x0
Off2=0
MaxBuffer=65535
MaxMpx=2
VcNumber=399
SessionKey=0x0
CaseInsensitivePasswordLength=24
CaseSensitivePasswordLength=24
Res=0x0
Capabilities=0x0
Pass1&Pass2&Account&Domain&OS&LanMan=
[000] 73 CA 3D 5E 28 4E B4 A9  13 B3 C3 DC 3F D4 AA C8  s.=^(N.. ....?...
[010] E5 2A B4 FE FA 0D 10 00  10 F6 2B CC CB 92 26 A6  .*...... ..+...&.
[020] 4E DB AF EA 78 A1 99 82  B0 0A 56 6A 3D 9B F0 7A  N...x... ..Vj=..z
[030] 62 61 63 6B 75 70 00 57  4F 52 4B 47 52 4F 55 50  backup.W ORKGROUP
[040] 00 55 6E 69 78 00 53 61  6D 62 61 00              .Unix.Sa mba.


 (DF)
02:39:02.097451 143.106.23.129.139 > 143.106.24.138.32809: . ack 386 win 8375 (DF)
02:39:04.977451 143.106.23.129.139 > 143.106.24.138.32809: P 114:153(39) ack 386 win 8375
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=35

SMB PACKET: SMBsesssetupX (REPLY)
SMB Command   =  0x73
Error class   =  0x1
Error code    =  5
Flags1        =  0x88
Flags2        =  0x1
Tree ID       =  0
Proc ID       =  399
UID           =  404
MID           =  499
Word Count    =  0
SMBError = ERRDOS - ERRnoaccess (Access denied.)


 (DF)
02:39:04.977451 143.106.24.138.32809 > 143.106.23.129.139: F 386:386(0) ack 153 win 8760 (DF)
02:39:04.977451 143.106.23.129.139 > 143.106.24.138.32809: F 153:153(0) ack 387 win 8375 (DF)
02:39:04.977451 143.106.24.138.32809 > 143.106.23.129.139: . ack 154 win 8760 (DF)
02:39:20.657451 143.106.24.132.2178 > 143.106.16.76.139: S 3635411348:3635411348(0) win 512 <mss 1460>
02:39:20.657451 143.106.16.76.139 > 143.106.24.132.2178: S 1957653516:1957653516(0) ack 3635411349 win 8760 <mss 1460> (DF)
02:39:20.657451 143.106.24.132.2178 > 143.106.16.76.139: . ack 1 win 32120 (DF)
02:39:20.917451 143.106.24.132.2178 > 143.106.16.76.139: P 1:77(76) ack 1 win 32120
>>> NBT Packet
NBT Session Request
Flags=0x81000048
Destination=SEC-SERVER      NameType=0x20 (Server)
Source=BARNABE         NameType=0x00 (Workstation)
Data: (4 bytes)
[000] 00 00 00 00                                       .... 

 (DF)
02:39:20.917451 143.106.16.76.139 > 143.106.24.132.2178: P 1:5(4) ack 77 win 8684
>>> NBT Packet
NBT Session Granted
Flags=0x82000000

 (DF)
02:39:20.917451 143.106.24.132.2178 > 143.106.16.76.139: P 77:245(168) ack 5 win 32120
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=164

SMB PACKET: SMBnegprot (REQUEST)
SMB Command   =  0x72
Error class   =  0x0
Error code    =  0
Flags1        =  0x0
Flags2        =  0x0
Tree ID       =  0
Proc ID       =  23115
UID           =  404
MID           =  23215
Word Count    =  0
Dialect=PC NETWORK PROGRAM 1.0
Dialect=MICROSOFT NETWORKS 1.03
Dialect=MICROSOFT NETWORKS 3.0
Dialect=LANMAN1.0
Dialect=LM1.2X002
Dialect=Samba
Dialect=NT LM 0.12
Dialect=NT LANMAN 1.0


 (DF)
02:39:20.927451 143.106.16.76.139 > 143.106.24.132.2178: P 5:114(109) ack 245 win 8516
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=105

SMB PACKET: SMBnegprot (REPLY)
SMB Command   =  0x72
Error class   =  0x0
Error code    =  0
Flags1        =  0x80
Flags2        =  0x0
Tree ID       =  0
Proc ID       =  23115
UID           =  404
MID           =  23215
Word Count    =  17
NT1 Protocol
DialectIndex=6
SecMode=0x3
MaxMux=50
NumVcs=1
MaxBuffer=4356
RawSize=65536
SessionKey=0x0
Capabilities=0x43FD
ServerTime=Fri Sep 18 01:40:57 1998
TimeZone=180
CryptKey=Data: (1 bytes)
[000] 08                                                . 
[000] AB 16 56 23 ED E0 2C 32  53 00 45 00 43 00 52 00  ..V#..,2 S.E.C.R.
[010] 45 00 54 00 41 00 52 00  49 00 41 00 2D 00 49 00  E.T.A.R. I.A.-.I.
[020] 43 00 00 00                                       C... 


 (DF)
02:39:20.937451 143.106.24.132.2178 > 143.106.16.76.139: . ack 114 win 32120 (DF)
02:39:24.387451 143.106.24.132.2178 > 143.106.16.76.139: P 245:386(141) ack 114 win 32120
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=137

SMB PACKET: SMBsesssetupX (REQUEST)
SMB Command   =  0x73
Error class   =  0x0
Error code    =  0
Flags1        =  0x8
Flags2        =  0x1
Tree ID       =  0
Proc ID       =  23115
UID           =  404
MID           =  23215
Word Count    =  13
Com2=0xFF
Res1=0x0
Off2=0
MaxBuffer=65535
MaxMpx=2
VcNumber=23115
SessionKey=0x0
CaseInsensitivePasswordLength=24
CaseSensitivePasswordLength=24
Res=0x0
Capabilities=0x0
Pass1&Pass2&Account&Domain&OS&LanMan=
[000] 1F 2C F0 C0 AB B4 75 3A  A6 FD 73 E1 EE CE C2 81  .,....u: ..s.....
[010] 17 27 EF 04 AD 7B F6 31  19 D6 DE FC 75 87 0E B4  .'...{.1 ....u...
[020] CC FF 7E 84 E1 B1 3A 9D  A5 E7 3F F5 D6 76 E2 C0  ..~...:. ..?..v..
[030] 62 61 63 6B 75 70 00 57  4F 52 4B 47 52 4F 55 50  backup.W ORKGROUP
[040] 00 55 6E 69 78 00 53 61  6D 62 61 00              .Unix.Sa mba.


 (DF)
02:39:26.547451 143.106.24.132.2178 > 143.106.16.76.139: P 468:507(39) ack 260 win 32120
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=35

SMB PACKET: SMBtdis (REQUEST)
SMB Command   =  0x71
Error class   =  0x0
Error code    =  0
Flags1        =  0x8
Flags2        =  0x1
Tree ID       =  30726
Proc ID       =  23115
UID           =  45056
MID           =  23215
Word Count    =  0
smb_bcc=0


 (DF)
02:39:26.547451 143.106.16.76.139 > 143.106.24.132.2178: P 260:299(39) ack 507 win 8254
>>> NBT Packet
NBT Session Packet
Flags=0x0
Length=35

SMB PACKET: SMBtdis (REPLY)
SMB Command   =  0x71
Error class   =  0x0
Error code    =  0
Flags1        =  0x88
Flags2        =  0x1
Tree ID       =  30726
Proc ID       =  23115
UID           =  45056
MID           =  23215
Word Count    =  0
smb_bcc=0


 (DF)
02:39:26.547451 143.106.24.132.2178 > 143.106.16.76.139: F 507:507(0) ack 299 win 32120
02:39:26.557451 143.106.16.76.139 > 143.106.24.132.2178: F 299:299(0) ack 508 win 8254 (DF)
02:39:26.557451 143.106.24.132.2178 > 143.106.16.76.139: . ack 300 win 32120 (DF)

29 packets received by filter
0 packets dropped by kernel


-- 
Alexandre Oliva
mailto:oliva at dcc.unicamp.br mailto:aoliva at acm.org
http://www.dcc.unicamp.br/~oliva
Universidade Estadual de Campinas, SP, Brasil