more fun with RPCs (rpcecho cli/srv testing)
Ronan Waide
waider at waider.ie
Tue Apr 22 16:25:10 GMT 2003
Using tpot's new rpcecho client and server; NT4SP6a and Samba HEAD:
[root at gonzo source]# rpcclient qaznt -U Administrator%password -c "echodata 5639"
[root at gonzo source]# rpcclient qaznt -U Administrator%password -c "echodata 5640"
result was NT_STATUS_UNSUCCESSFUL
Increasing the data size further gets you NT_PIPE_BUSY and finally
Call timed out errors.
Using the patches I posted last week, I get a bit more data down the pipe:
[root at gonzo source]# rpcclient qaznt -U Administrator%password -c "echodata 15558"
[root at gonzo source]# rpcclient qaznt -U Administrator%password -c "echodata 15559"
cli_pipe: return critical error. Error was Call timed out: server did not respond after 10000 milliseconds
result was NT_STATUS_UNSUCCESSFUL
The numbers aren't random; I fudged about with various sizes until I
found the size at which the thing breaks.
I'm pretty certain the breakpoint for my patches is due to the fact
that I messed with the final SMBTrans packet it sends; certainly in
the ethereal trace that's the only packet that doesn't get
acknowledged. I think this gives a good indication that the patches I
have are on the right track, though.
Cheers,
Waider.
--
waider at waider.ie / Yes, it /is/ very personal of me.
I'd already put in my 40 hours for this week by 10pm Tuesday.
More information about the samba-technical
mailing list