[Samba] winbindd+ win24
administrator Jan Chorowski
jasiek at poczta.lo14.wroc.pl
Tue Nov 19 22:56:59 GMT 2002
Hi,
I've got some problems trying to get the list of users from a win24 server. Although I've joined the domain, wbinfo returns 0 and prints 0xc0000022. I' ve included the log from winbindd.
Jan Chorowski
-------------- next part --------------
winbindd version 2.2.6 started.
Copyright The Samba Team 2000-2001
Initialising global parameters
params.c:pm_process() - Processing configuration file "/etc/smb.conf"
Processing section "[global]"
doing parameter workgroup = nt14
doing parameter netbios name = linux
handle_netbios_name: set global_myname to: LINUX
doing parameter server string = Samba 2.2.6
doing parameter security = domain
doing parameter encrypt passwords = Yes
doing parameter update encrypted = Yes
doing parameter password server = *
doing parameter log file = /var/log/samba.log
doing parameter wins server = 10.0.0.123
wins_srv_load_list(): Building WINS server list:
10.0.0.123,
1 WINS server listed.
doing parameter winbind uid = 10000-20000
doing parameter winbind gid = 10000-20000
doing parameter template homedir = /home/win2k/%D/%U
doing parameter template shell = /bin/bash
doing parameter winbind separator = +
doing parameter winbind cache time = 10
doing parameter guest account = pcguest
Processing section "[homes]"
doing parameter comment = Home Directories
doing parameter read only = No
doing parameter create mask = 0750
doing parameter browseable = No
pm_process() returned Yes
adding IPC service IPC$
adding IPC service ADMIN$
set_server_role: ROLE_DOMAIN_MEMBER
added interface ip=10.0.0.9 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.200 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.100 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.91 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.90 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.99 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.98 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.97 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.96 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.95 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.94 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.93 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.92 bcast=10.0.0.255 nmask=255.255.255.0
codepage_initialise: client code page = 850
load_client_codepage: loading codepage 850.
Adding chars 0x85 0xb7 (l->u = True) (u->l = True)
Adding chars 0xa0 0xb5 (l->u = True) (u->l = True)
Adding chars 0x83 0xb6 (l->u = True) (u->l = True)
Adding chars 0xc6 0xc7 (l->u = True) (u->l = True)
Adding chars 0x84 0x8e (l->u = True) (u->l = True)
Adding chars 0x86 0x8f (l->u = True) (u->l = True)
Adding chars 0x91 0x92 (l->u = True) (u->l = True)
Adding chars 0x87 0x80 (l->u = True) (u->l = True)
Adding chars 0x8a 0xd4 (l->u = True) (u->l = True)
Adding chars 0x82 0x90 (l->u = True) (u->l = True)
Adding chars 0x88 0xd2 (l->u = True) (u->l = True)
Adding chars 0x89 0xd3 (l->u = True) (u->l = True)
Adding chars 0x8d 0xde (l->u = True) (u->l = True)
Adding chars 0xa1 0xd6 (l->u = True) (u->l = True)
Adding chars 0x8c 0xd7 (l->u = True) (u->l = True)
Adding chars 0x8b 0xd8 (l->u = True) (u->l = True)
Adding chars 0xd0 0xd1 (l->u = True) (u->l = True)
Adding chars 0xa4 0xa5 (l->u = True) (u->l = True)
Adding chars 0x95 0xe3 (l->u = True) (u->l = True)
Adding chars 0xa2 0xe0 (l->u = True) (u->l = True)
Adding chars 0x93 0xe2 (l->u = True) (u->l = True)
Adding chars 0xe4 0xe5 (l->u = True) (u->l = True)
Adding chars 0x94 0x99 (l->u = True) (u->l = True)
Adding chars 0x9b 0x9d (l->u = True) (u->l = True)
Adding chars 0x97 0xeb (l->u = True) (u->l = True)
Adding chars 0xa3 0xe9 (l->u = True) (u->l = True)
Adding chars 0x96 0xea (l->u = True) (u->l = True)
Adding chars 0x81 0x9a (l->u = True) (u->l = True)
Adding chars 0xec 0xed (l->u = True) (u->l = True)
Adding chars 0xe7 0xe8 (l->u = True) (u->l = True)
Adding chars 0x9c 0x0 (l->u = False) (u->l = False)
load_dos_unicode_map: 850
load_unicode_map: loading unicode map for codepage 850.
load_unix_unicode_map: ISO8859-1 (init_done=0, override=0)
load_unicode_map: loading unicode map for codepage ISO8859-1.
added interface ip=10.0.0.9 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.200 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.100 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.91 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.90 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.99 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.98 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.97 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.96 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.95 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.94 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.93 bcast=10.0.0.255 nmask=255.255.255.0
added interface ip=10.0.0.92 bcast=10.0.0.255 nmask=255.255.255.0
resolve_lmhosts: Attempting lmhosts lookup for name NT14<0x1b>
startlmhosts: Can't open lmhosts file /usr/lib/lmhosts. Error was No such file or directory
resolve_wins: Attempting wins lookup for name NT14<0x1b>
wins_srv_count: WINS status: 1 servers.
10.0.0.123 <10.0.0.123>: alive
resolve_wins: WINS server == <10.0.0.123>
bind succeeded on port 0
Sending a packet of len 50 to (10.0.0.123) on port 137
read_udp_socket: lastip 10.0.0.123 lastport 137 read: 62
parse_nmb: packet id = 19346
Received a packet of len 62 from (10.0.0.123) port 137
nmb packet from 10.0.0.123(137) header: id=19346 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=No rec_des=Yes trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT14<1b> rr_type=32 rr_class=1 ttl=300000
answers 0 char .....{ hex 00000A00007B
Got a positive name query response from 10.0.0.123 ( 10.0.0.123 )
internal_resolve_name: returning 1 addresses: 10.0.0.123
bind succeeded on port 0
Sending a packet of len 50 to (10.0.0.123) on port 137
read_udp_socket: lastip 10.0.0.123 lastport 137 read: 337
parse_nmb: packet id = 4063
Received a packet of len 337 from (10.0.0.123) port 137
nmb packet from 10.0.0.123(137) header: id=4063 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT14<1c> rr_type=33 rr_class=1 ttl=0
answers 0 char .SERWER2000 hex 0C534552574552323030302020202020
answers 10 char ...SERWER2000 hex 00040053455257455232303030202020
answers 20 char ..NT14 hex 20202004004E54313420202020202020
answers 30 char ...NT14 hex 202020200084004E5431342020202020
answers 40 char ...NT14 hex 2020202020201C84004E543134202020
answers 50 char ...NT14 hex 20202020202020201B04004E54313420
answers 60 char ...SER hex 202020202020202020201E8400534552
answers 70 char WER2000 ...N hex 5745523230303020202020200304004E
answers 80 char T14 .. hex 54313420202020202020202020201D04
answers 90 char .INet~Services hex 00494E65747E53657276696365732020
answers a0 char .....__MSBROWSE_ hex 1C840001025F5F4D5342524F5753455F
answers b0 char _....IS~SERWER20 hex 5F0201840049537E5345525745523230
answers c0 char 00.....JASIEK hex 303000000004004A415349454B202020
answers d0 char .... ..97. hex 2020202020200304000020ED1C393700
answers e0 char ................ hex 00000000000000000000000000000000
answers f0 char ................ hex 00000000000000000000000000000000
answers 100 char ....... hex 00000000000000
cm_get_dc_name: Returning DC SERWER2000 (10.0.0.123) for domain NT14
IPC$ connections done anonymously
connecting to SERWER2000 from LINUX with username []\[]
Connecting to host=SERWER2000 share=IPC$
Connecting to 10.0.0.123 at port 445
socket option SO_KEEPALIVE = 0
socket option SO_REUSEADDR = 0
socket option SO_BROADCAST = 0
socket option TCP_NODELAY = 1
socket option IPTOS_LOWDELAY = 0
socket option IPTOS_THROUGHPUT = 0
socket option SO_SNDBUF = 16384
socket option SO_RCVBUF = 87380
socket option SO_SNDLOWAT = 1
socket option SO_RCVLOWAT = 1
socket option SO_SNDTIMEO = 0
socket option SO_RCVTIMEO = 0
write_socket(5,168)
write_socket(5,168) wrote 168
got smb length of 109
size=109
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=29260
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=65 (0x41)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=243 (0xF3)
smb_vwv[11]=31232 (0x7A00)
smb_vwv[12]=34789 (0x87E5)
smb_vwv[13]=28185 (0x6E19)
smb_vwv[14]=49798 (0xC286)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]=2303 (0x8FF)
smb_bcc=40
[000] 6C 87 0A 0D F8 9F B4 F4 4E 00 54 00 31 00 34 00 l....... N.T.1.4.
[010] 00 00 53 00 45 00 52 00 57 00 45 00 52 00 32 00 ..S.E.R. W.E.R.2.
[020] 30 00 30 00 30 00 00 00 0.0.0...
size=109
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=29260
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=65 (0x41)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=243 (0xF3)
smb_vwv[11]=31232 (0x7A00)
smb_vwv[12]=34789 (0x87E5)
smb_vwv[13]=28185 (0x6E19)
smb_vwv[14]=49798 (0xC286)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]=2303 (0x8FF)
smb_bcc=40
[000] 6C 87 0A 0D F8 9F B4 F4 4E 00 54 00 31 00 34 00 l....... N.T.1.4.
[010] 00 00 53 00 45 00 52 00 57 00 45 00 52 00 32 00 ..S.E.R. W.E.R.2.
[020] 30 00 30 00 30 00 00 00 0.0.0...
write_socket(5,92)
write_socket(5,92) wrote 92
got smb length of 125
size=125
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=125 (0x7D)
smb_vwv[2]=0 (0x0)
smb_bcc=84
[000] 7C 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 |W.i.n.d .o.w.s.
[010] 00 35 00 2E 00 30 00 00 00 57 00 69 00 6E 00 64 .5...0.. .W.i.n.d
[020] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 30 .o.w.s. .2.0.0.0
[030] 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 00 6E . .L.A.N . .M.a.n
[040] 00 61 00 67 00 65 00 72 00 00 00 4E 00 54 00 31 .a.g.e.r ...N.T.1
[050] 00 34 00 00 .4..
size=125
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=125 (0x7D)
smb_vwv[2]=0 (0x0)
smb_bcc=84
[000] 7C 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 |W.i.n.d .o.w.s.
[010] 00 35 00 2E 00 30 00 00 00 57 00 69 00 6E 00 64 .5...0.. .W.i.n.d
[020] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 30 .o.w.s. .2.0.0.0
[030] 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 00 6E . .L.A.N . .M.a.n
[040] 00 61 00 67 00 65 00 72 00 00 00 4E 00 54 00 31 .a.g.e.r ...N.T.1
[050] 00 34 00 00 .4..
write_socket(5,62)
write_socket(5,62) wrote 62
got smb length of 48
size=48
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=1 (0x1)
smb_bcc=7
[000] 49 50 43 00 00 00 00 IPC....
cli_init_creds: user domain flgs: 0
ntlmssp_cli_flgs:0
write_socket(5,104)
write_socket(5,104) wrote 104
got smb length of 103
size=103
smb_com=0xa2
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=34
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=103 (0x67)
smb_vwv[2]=3840 (0xF00)
smb_vwv[3]=320 (0x140)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_vwv[14]=0 (0x0)
smb_vwv[15]=0 (0x0)
smb_vwv[16]=0 (0x0)
smb_vwv[17]=0 (0x0)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=0 (0x0)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=32768 (0x8000)
smb_vwv[22]=0 (0x0)
smb_vwv[23]=0 (0x0)
smb_vwv[24]=16 (0x10)
smb_vwv[25]=0 (0x0)
smb_vwv[26]=0 (0x0)
smb_vwv[27]=0 (0x0)
smb_vwv[28]=0 (0x0)
smb_vwv[29]=0 (0x0)
smb_vwv[30]=0 (0x0)
smb_vwv[31]=512 (0x200)
smb_vwv[32]=65280 (0xFF00)
smb_vwv[33]=5 (0x5)
smb_bcc=0
Bind RPC Pipe[400f]: \PIPE\lsarpc
Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg..
[010] 00 00 00 00 ....
Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
[010] 02 00 00 00 ....
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0b
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0048
000a auth_len : 0000
000c call_id : 00000001
000010 smb_io_rpc_hdr_rb
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 1630
0012 max_rsize: 1630
0014 assoc_gid: 00000000
0018 num_elements: 00000001
001c context_id : 0000
001e num_syntaxes: 01
00001f smb_io_rpc_iface
0020 data : 12345778
0024 data : 1234
0026 data : abcd
0028 data : ef 00 01 23 45 67 89 ab
0030 version: 00000000
000034 smb_io_rpc_iface
0034 data : 8a885d04
0038 data : 1ceb
003a data : 11c9
003c data : 9f e8 08 00 2b 10 48 60
0044 version: 00000002
rpc_api_pipe: cmd:26 fnum:400f
size=154
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=72 (0x48)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=72 (0x48)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=72 (0x48)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=16399 (0x400F)
smb_bcc=87
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 00 30 .......H .......0
[020] 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 78 .0...... .......x
[030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 00 W4.4.... ..#Eg...
[040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+
[050] 10 48 60 02 00 00 00 .H`....
write_socket(5,158)
write_socket(5,158) wrote 158
got smb length of 124
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D......
[010] 00 B8 10 B8 10 A9 8B 00 00 0C 00 5C 50 49 50 45 ........ ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D......
[010] 00 B8 10 B8 10 A9 8B 00 00 0C 00 5C 50 49 50 45 ........ ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
rpc_check_hdr: rdata->data_size = 68
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000001
rpc_api_pipe: len left: 0 smbtrans read: 68
rpc_api_pipe: fragment first and last both set
rpc_pipe_bind: rpc_api_pipe returned OK.
000010 smb_io_rpc_hdr_ba
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 10b8
0012 max_rsize: 10b8
0014 assoc_gid: 00008ba9
000018 smb_io_rpc_addr_str
0018 len: 000c
001a str: \PIPE\lsass.
000026 smb_io_rpc_results
0028 num_results: 01
002c result : 0000
002e reason : 0000
000030 smb_io_rpc_iface
0030 data : 8a885d04
0034 data : 1ceb
0036 data : 11c9
0038 data : 9f e8 08 00 2b 10 48 60
0040 version: 00000002
bind_rpc_pipe: server pipe_name found: \PIPE\lsass
bind_rpc_pipe: accepted!
init_open_pol: attr:0 da:33554432
init_lsa_obj_attr
000000 lsa_io_q_open_pol
0000 ptr : 00000001
0004 system_name: 005c
000008 lsa_io_obj_attr
0008 len : 00000018
000c ptr_root_dir: 00000000
0010 ptr_obj_name: 00000000
0014 attributes : 00000000
0018 ptr_sec_desc: 00000000
001c ptr_sec_qos : 00000000
0020 des_access: 02000000
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x6 data_len: 0x3c
create_rpc_request: data_len: 3c auth_len: 0 alloc_hint: 2c
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 003c
000a auth_len : 0000
000c call_id : 00000002
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000002c
0014 context_id: 0000
0016 opnum : 0006
data_len: 3c data_calc_len: 3c
rpc_api_pipe: cmd:26 fnum:400f
size=142
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=60 (0x3C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=60 (0x3C)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=60 (0x3C)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=16399 (0x400F)
smb_bcc=75
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 3C 00 00 00 02 00 00 00 2C .......< .......,
[020] 00 00 00 00 00 06 00 01 00 00 00 5C 00 00 00 18 ........ ...\....
[030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[040] 00 00 00 00 00 00 00 00 00 00 02 ........ ...
write_socket(5,146)
write_socket(5,146) wrote 146
got smb length of 104
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 FA 0E 32 ........ .......2
[020] 57 61 F2 D6 11 91 3D 00 20 ED 1C 39 37 00 00 00 Wa....=. ..97...
[030] 00 .
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 FA 0E 32 ........ .......2
[020] 57 61 F2 D6 11 91 3D 00 20 ED 1C 39 37 00 00 00 Wa....=. ..97...
[030] 00 .
rpc_check_hdr: rdata->data_size = 48
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000002
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 48
rpc_api_pipe: fragment first and last both set
000018 lsa_io_r_open_pol
000018 smb_io_pol_hnd
0018 data1: 00000000
001c data2: 57320efa
0020 data3: f261
0022 data4: 11d6
0024 data5: 91 3d 00 20 ed 1c 39 37
002c status: NT_STATUS_OK
init_q_query
000000 lsa_io_q_query
000000 smb_io_pol_hnd
0000 data1: 00000000
0004 data2: 57320efa
0008 data3: f261
000a data4: 11d6
000c data5: 91 3d 00 20 ed 1c 39 37
0014 info_class: 0005
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x7 data_len: 0x2e
create_rpc_request: data_len: 2e auth_len: 0 alloc_hint: 1e
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002e
000a auth_len : 0000
000c call_id : 00000003
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000001e
0014 context_id: 0000
0016 opnum : 0007
data_len: 2e data_calc_len: 2e
rpc_api_pipe: cmd:26 fnum:400f
size=128
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=46 (0x2E)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=46 (0x2E)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=46 (0x2E)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=16399 (0x400F)
smb_bcc=61
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 2E 00 00 00 03 00 00 00 1E ........ ........
[020] 00 00 00 00 00 07 00 00 00 00 00 FA 0E 32 57 61 ........ .....2Wa
[030] F2 D6 11 91 3D 00 20 ED 1C 39 37 05 00 ....=. . .97..
write_socket(5,132)
write_socket(5,132) wrote 132
got smb length of 102
size=102
smb_com=0x25
smb_rcls=5
smb_reh=0
smb_err=32768
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=46 (0x2E)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=46 (0x2E)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=47
[000] 00 05 00 02 03 10 00 00 00 60 00 00 00 03 00 00 ........ .`......
[010] 00 48 00 00 00 00 00 00 00 A8 59 15 00 05 00 32 .H...... ..Y....2
[020] 57 08 00 0A 00 78 B8 14 00 80 DE 10 00 05 00 W....x.. .......
size=102
smb_com=0x25
smb_rcls=5
smb_reh=0
smb_err=32768
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=46 (0x2E)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=46 (0x2E)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=47
[000] 00 05 00 02 03 10 00 00 00 60 00 00 00 03 00 00 ........ .`......
[010] 00 48 00 00 00 00 00 00 00 A8 59 15 00 05 00 32 .H...... ..Y....2
[020] 57 08 00 0A 00 78 B8 14 00 80 DE 10 00 05 00 W....x.. .......
rpc_check_hdr: rdata->data_size = 46
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0060
000a auth_len : 0000
000c call_id : 00000003
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000048
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 50 smbtrans read: 46
rpc_read: data_to_read: 50 rdata offset: 46 extra_data_size: 50
rpc_read: grew buffer by 50 bytes to 96
write_socket(5,59)
write_socket(5,59) wrote 59
got smb length of 110
size=110
smb_com=0x2e
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=12
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=50 (0x32)
smb_vwv[6]=60 (0x3C)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_bcc=51
[000] 03 00 00 00 00 00 00 04 00 00 00 4E 00 54 00 31 ........ ...N.T.1
[010] 00 34 00 04 00 00 00 01 04 00 00 00 00 00 05 15 .4...... ........
[020] 00 00 00 2F 98 D8 AE B2 0A D2 3D 63 AF 41 29 00 .../.... ..=c.A).
[030] 00 00 00 ...
rpc_read: num_read = 50, read offset: 0, to read: 50
rpc_api_pipe: fragment first and last both set
000018 lsa_io_r_query
0018 undoc_buffer: 001559a8
001c info_class: 0005
000020 lsa_io_dom_query
0020 uni_dom_max_len: 0008
0022 uni_dom_str_len: 000a
0024 buffer_dom_name: 0014b878
0028 buffer_dom_sid : 0010de80
00002c smb_io_unistr2 unistr2
002c uni_max_len: 00000005
0030 undoc : 00000000
0034 uni_str_len: 00000004
0038 buffer : N.T.1.4.
000040 smb_io_dom_sid2
0040 num_auths: 00000004
000044 smb_io_dom_sid sid
0044 sid_rev_num: 01
0045 num_auths : 04
0046 id_auth[0] : 00
0047 id_auth[1] : 00
0048 id_auth[2] : 00
0049 id_auth[3] : 00
004a id_auth[4] : 00
004b id_auth[5] : 05
004c sub_auths : 00000015 aed8982f 3dd20ab2 2941af63
005c status: NT_STATUS_OK
Added domain NT14 (S-1-5-21-2933430319-1037175474-692170595)
getting trusted domain list
init_q_enum_trust_dom
000000 lsa_io_q_enum_trust_dom
000000 smb_io_pol_hnd
0000 data1: 00000000
0004 data2: 57320efa
0008 data3: f261
000a data4: 11d6
000c data5: 91 3d 00 20 ed 1c 39 37
0014 enum_context : 00000000
0018 preferred_len: ffffffff
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0xd data_len: 0x34
create_rpc_request: data_len: 34 auth_len: 0 alloc_hint: 24
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0034
000a auth_len : 0000
000c call_id : 00000004
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000024
0014 context_id: 0000
0016 opnum : 000d
data_len: 34 data_calc_len: 34
rpc_api_pipe: cmd:26 fnum:400f
size=134
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=52 (0x34)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=52 (0x34)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=52 (0x34)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=16399 (0x400F)
smb_bcc=67
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 34 00 00 00 04 00 00 00 24 .......4 .......$
[020] 00 00 00 00 00 0D 00 00 00 00 00 FA 0E 32 57 61 ........ .....2Wa
[030] F2 D6 11 91 3D 00 20 ED 1C 39 37 00 00 00 00 FF ....=. . .97.....
[040] FF FF FF ...
write_socket(5,138)
write_socket(5,138) wrote 138
got smb length of 96
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=40 (0x28)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=40 (0x28)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=41
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 04 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 FF FF FF FF 00 00 00 ........ ........
[020] 00 00 00 00 00 1A 00 00 80 ........ .
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=40 (0x28)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=40 (0x28)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=41
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 04 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 FF FF FF FF 00 00 00 ........ ........
[020] 00 00 00 00 00 1A 00 00 80 ........ .
rpc_check_hdr: rdata->data_size = 40
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0028
000a auth_len : 0000
000c call_id : 00000004
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000010
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 40
rpc_api_pipe: fragment first and last both set
000018 lsa_io_r_enum_trust_dom
0018 enum_context : ffffffff
001c num_domains : 00000000
0020 ptr_enum_domains: 00000000
0024 status: NT_STATUS_NO_MORE_ENTRIES
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn LIST_USERS
[29261]: list users
resolve_lmhosts: Attempting lmhosts lookup for name NT14<0x1b>
startlmhosts: Can't open lmhosts file /usr/lib/lmhosts. Error was No such file or directory
resolve_wins: Attempting wins lookup for name NT14<0x1b>
wins_srv_count: WINS status: 1 servers.
10.0.0.123 <10.0.0.123>: alive
resolve_wins: WINS server == <10.0.0.123>
bind succeeded on port 0
Sending a packet of len 50 to (10.0.0.123) on port 137
read_udp_socket: lastip 10.0.0.123 lastport 137 read: 62
parse_nmb: packet id = 25613
Received a packet of len 62 from (10.0.0.123) port 137
nmb packet from 10.0.0.123(137) header: id=25613 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=No rec_des=Yes trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT14<1b> rr_type=32 rr_class=1 ttl=300000
answers 0 char .....{ hex 00000A00007B
Got a positive name query response from 10.0.0.123 ( 10.0.0.123 )
internal_resolve_name: returning 1 addresses: 10.0.0.123
bind succeeded on port 0
Sending a packet of len 50 to (10.0.0.123) on port 137
read_udp_socket: lastip 10.0.0.123 lastport 137 read: 337
parse_nmb: packet id = 7137
Received a packet of len 337 from (10.0.0.123) port 137
nmb packet from 10.0.0.123(137) header: id=7137 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT14<1c> rr_type=33 rr_class=1 ttl=0
answers 0 char .SERWER2000 hex 0C534552574552323030302020202020
answers 10 char ...SERWER2000 hex 00040053455257455232303030202020
answers 20 char ..NT14 hex 20202004004E54313420202020202020
answers 30 char ...NT14 hex 202020200084004E5431342020202020
answers 40 char ...NT14 hex 2020202020201C84004E543134202020
answers 50 char ...NT14 hex 20202020202020201B04004E54313420
answers 60 char ...SER hex 202020202020202020201E8400534552
answers 70 char WER2000 ...N hex 5745523230303020202020200304004E
answers 80 char T14 .. hex 54313420202020202020202020201D04
answers 90 char .INet~Services hex 00494E65747E53657276696365732020
answers a0 char .....__MSBROWSE_ hex 1C840001025F5F4D5342524F5753455F
answers b0 char _....IS~SERWER20 hex 5F0201840049537E5345525745523230
answers c0 char 00.....JASIEK hex 303000000004004A415349454B202020
answers d0 char .... ..97. hex 2020202020200304000020ED1C393700
answers e0 char ................ hex 00000000000000000000000000000000
answers f0 char ................ hex 00000000000000000000000000000000
answers 100 char ....... hex 00000000000000
cm_get_dc_name: Returning DC SERWER2000 (10.0.0.123) for domain NT14
IPC$ connections done anonymously
connecting to SERWER2000 from LINUX with username []\[]
Connecting to host=SERWER2000 share=IPC$
Connecting to 10.0.0.123 at port 445
socket option SO_KEEPALIVE = 0
socket option SO_REUSEADDR = 0
socket option SO_BROADCAST = 0
socket option TCP_NODELAY = 1
socket option IPTOS_LOWDELAY = 0
socket option IPTOS_THROUGHPUT = 0
socket option SO_SNDBUF = 16384
socket option SO_RCVBUF = 87380
socket option SO_SNDLOWAT = 1
socket option SO_RCVLOWAT = 1
socket option SO_SNDTIMEO = 0
socket option SO_RCVTIMEO = 0
write_socket(12,168)
write_socket(12,168) wrote 168
got smb length of 109
size=109
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=29260
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=65 (0x41)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=243 (0xF3)
smb_vwv[11]=20480 (0x5000)
smb_vwv[12]=1527 (0x5F7)
smb_vwv[13]=28189 (0x6E1D)
smb_vwv[14]=49798 (0xC286)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]=2303 (0x8FF)
smb_bcc=40
[000] 83 63 B3 F0 73 68 D6 09 4E 00 54 00 31 00 34 00 .c..sh.. N.T.1.4.
[010] 00 00 53 00 45 00 52 00 57 00 45 00 52 00 32 00 ..S.E.R. W.E.R.2.
[020] 30 00 30 00 30 00 00 00 0.0.0...
size=109
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=29260
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=65 (0x41)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=243 (0xF3)
smb_vwv[11]=20480 (0x5000)
smb_vwv[12]=1527 (0x5F7)
smb_vwv[13]=28189 (0x6E1D)
smb_vwv[14]=49798 (0xC286)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]=2303 (0x8FF)
smb_bcc=40
[000] 83 63 B3 F0 73 68 D6 09 4E 00 54 00 31 00 34 00 .c..sh.. N.T.1.4.
[010] 00 00 53 00 45 00 52 00 57 00 45 00 52 00 32 00 ..S.E.R. W.E.R.2.
[020] 30 00 30 00 30 00 00 00 0.0.0...
write_socket(12,92)
write_socket(12,92) wrote 92
got smb length of 125
size=125
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=125 (0x7D)
smb_vwv[2]=0 (0x0)
smb_bcc=84
[000] 7C 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 |W.i.n.d .o.w.s.
[010] 00 35 00 2E 00 30 00 00 00 57 00 69 00 6E 00 64 .5...0.. .W.i.n.d
[020] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 30 .o.w.s. .2.0.0.0
[030] 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 00 6E . .L.A.N . .M.a.n
[040] 00 61 00 67 00 65 00 72 00 00 00 4E 00 54 00 31 .a.g.e.r ...N.T.1
[050] 00 34 00 00 .4..
size=125
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=125 (0x7D)
smb_vwv[2]=0 (0x0)
smb_bcc=84
[000] 7C 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 |W.i.n.d .o.w.s.
[010] 00 35 00 2E 00 30 00 00 00 57 00 69 00 6E 00 64 .5...0.. .W.i.n.d
[020] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 30 .o.w.s. .2.0.0.0
[030] 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 00 6E . .L.A.N . .M.a.n
[040] 00 61 00 67 00 65 00 72 00 00 00 4E 00 54 00 31 .a.g.e.r ...N.T.1
[050] 00 34 00 00 .4..
write_socket(12,62)
write_socket(12,62) wrote 62
got smb length of 48
size=48
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=1 (0x1)
smb_bcc=7
[000] 49 50 43 00 00 00 00 IPC....
cli_init_creds: user domain flgs: 0
ntlmssp_cli_flgs:0
write_socket(12,100)
write_socket(12,100) wrote 100
got smb length of 103
size=103
smb_com=0xa2
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=34
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=103 (0x67)
smb_vwv[2]=2816 (0xB00)
smb_vwv[3]=448 (0x1C0)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_vwv[14]=0 (0x0)
smb_vwv[15]=0 (0x0)
smb_vwv[16]=0 (0x0)
smb_vwv[17]=0 (0x0)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=0 (0x0)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=32768 (0x8000)
smb_vwv[22]=0 (0x0)
smb_vwv[23]=0 (0x0)
smb_vwv[24]=16 (0x10)
smb_vwv[25]=0 (0x0)
smb_vwv[26]=0 (0x0)
smb_vwv[27]=0 (0x0)
smb_vwv[28]=0 (0x0)
smb_vwv[29]=0 (0x0)
smb_vwv[30]=0 (0x0)
smb_vwv[31]=512 (0x200)
smb_vwv[32]=65280 (0xFF00)
smb_vwv[33]=5 (0x5)
smb_bcc=0
Bind RPC Pipe[c00b]: \PIPE\samr
Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AC xW4.4... ...#Eg..
[010] 01 00 00 00 ....
Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
[010] 02 00 00 00 ....
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0b
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0048
000a auth_len : 0000
000c call_id : 00000005
000010 smb_io_rpc_hdr_rb
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 1630
0012 max_rsize: 1630
0014 assoc_gid: 00000000
0018 num_elements: 00000001
001c context_id : 0000
001e num_syntaxes: 01
00001f smb_io_rpc_iface
0020 data : 12345778
0024 data : 1234
0026 data : abcd
0028 data : ef 00 01 23 45 67 89 ac
0030 version: 00000001
000034 smb_io_rpc_iface
0034 data : 8a885d04
0038 data : 1ceb
003a data : 11c9
003c data : 9f e8 08 00 2b 10 48 60
0044 version: 00000002
rpc_api_pipe: cmd:26 fnum:c00b
size=154
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=72 (0x48)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=72 (0x48)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=72 (0x48)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=49163 (0xC00B)
smb_bcc=87
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 0B 03 10 00 00 00 48 00 00 00 05 00 00 00 30 .......H .......0
[020] 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 78 .0...... .......x
[030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AC 01 W4.4.... ..#Eg...
[040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+
[050] 10 48 60 02 00 00 00 .H`....
write_socket(12,158)
write_socket(12,158) wrote 158
got smb length of 124
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D......
[010] 00 B8 10 B8 10 AA 8B 00 00 0C 00 5C 50 49 50 45 ........ ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 80 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D......
[010] 00 B8 10 B8 10 AA 8B 00 00 0C 00 5C 50 49 50 45 ........ ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 80 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
rpc_check_hdr: rdata->data_size = 68
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000005
rpc_api_pipe: len left: 0 smbtrans read: 68
rpc_api_pipe: fragment first and last both set
rpc_pipe_bind: rpc_api_pipe returned OK.
000010 smb_io_rpc_hdr_ba
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 10b8
0012 max_rsize: 10b8
0014 assoc_gid: 00008baa
000018 smb_io_rpc_addr_str
0018 len: 000c
001a str: \PIPE\lsass.
000026 smb_io_rpc_results
0028 num_results: 01
002c result : 0000
002e reason : 0000
000030 smb_io_rpc_iface
0030 data : 8a885d04
0034 data : 1ceb
0036 data : 11c9
0038 data : 9f e8 08 00 2b 10 48 60
0040 version: 00000002
bind_rpc_pipe: server pipe_name found: \PIPE\lsass
bind_rpc_pipe: accepted!
init_samr_q_connect
000000 samr_io_q_connect
0000 ptr_srv_name: 00000001
000004 smb_io_unistr2
0004 uni_max_len: 0000000b
0008 undoc : 00000000
000c uni_str_len: 0000000b
0010 buffer : S.E.R.W.E.R.2.0.0.0...
0028 access_mask: 02000000
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x39 data_len: 0x44
create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000006
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000034
0014 context_id: 0000
0016 opnum : 0039
data_len: 44 data_calc_len: 44
rpc_api_pipe: cmd:26 fnum:c00b
size=150
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=68 (0x44)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=68 (0x44)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=49163 (0xC00B)
smb_bcc=83
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 44 00 00 00 06 00 00 00 34 .......D .......4
[020] 00 00 00 00 00 39 00 01 00 00 00 0B 00 00 00 00 .....9.. ........
[030] 00 00 00 0B 00 00 00 53 00 45 00 52 00 57 00 45 .......S .E.R.W.E
[040] 00 52 00 32 00 30 00 30 00 30 00 00 00 00 00 00 .R.2.0.0 .0......
[050] 00 00 02 ...
write_socket(12,154)
write_socket(12,154) wrote 154
got smb length of 104
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 06 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 22 00 00 ........ ....."..
[030] C0 .
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=8198
smb_pid=29260
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 06 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 22 00 00 ........ ....."..
[030] C0 .
rpc_check_hdr: rdata->data_size = 48
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000006
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 48
rpc_api_pipe: fragment first and last both set
000018 samr_io_r_connect
000018 smb_io_pol_hnd connect_pol
0018 data1: 00000000
001c data2: 00000000
0020 data3: 0000
0022 data4: 0000
0024 data5: 00 00 00 00 00 00 00 00
002c status: NT_STATUS_ACCESS_DENIED
refresh_sequence_number: backend returned 0xc0000022
refresh_sequence_number: seq number is now -1
returning extended error 0xc0000022
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29261: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn LIST_GROUPS
[29262]: list groups
returning extended error 0xc0000022
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29262: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn CHECK_MACHACC
[29263]: check machine account
resolve_lmhosts: Attempting lmhosts lookup for name NT14<0x1b>
startlmhosts: Can't open lmhosts file /usr/lib/lmhosts. Error was No such file or directory
resolve_wins: Attempting wins lookup for name NT14<0x1b>
wins_srv_count: WINS status: 1 servers.
10.0.0.123 <10.0.0.123>: alive
resolve_wins: WINS server == <10.0.0.123>
bind succeeded on port 0
Sending a packet of len 50 to (10.0.0.123) on port 137
read_udp_socket: lastip 10.0.0.123 lastport 137 read: 62
parse_nmb: packet id = 12769
Received a packet of len 62 from (10.0.0.123) port 137
nmb packet from 10.0.0.123(137) header: id=12769 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=No rec_des=Yes trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT14<1b> rr_type=32 rr_class=1 ttl=300000
answers 0 char .....{ hex 00000A00007B
Got a positive name query response from 10.0.0.123 ( 10.0.0.123 )
internal_resolve_name: returning 1 addresses: 10.0.0.123
bind succeeded on port 0
Sending a packet of len 50 to (10.0.0.123) on port 137
read_udp_socket: lastip 10.0.0.123 lastport 137 read: 337
parse_nmb: packet id = 14589
Received a packet of len 337 from (10.0.0.123) port 137
nmb packet from 10.0.0.123(137) header: id=14589 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NT14<1c> rr_type=33 rr_class=1 ttl=0
answers 0 char .SERWER2000 hex 0C534552574552323030302020202020
answers 10 char ...SERWER2000 hex 00040053455257455232303030202020
answers 20 char ..NT14 hex 20202004004E54313420202020202020
answers 30 char ...NT14 hex 202020200084004E5431342020202020
answers 40 char ...NT14 hex 2020202020201C84004E543134202020
answers 50 char ...NT14 hex 20202020202020201B04004E54313420
answers 60 char ...SER hex 202020202020202020201E8400534552
answers 70 char WER2000 ...N hex 5745523230303020202020200304004E
answers 80 char T14 .. hex 54313420202020202020202020201D04
answers 90 char .INet~Services hex 00494E65747E53657276696365732020
answers a0 char .....__MSBROWSE_ hex 1C840001025F5F4D5342524F5753455F
answers b0 char _....IS~SERWER20 hex 5F0201840049537E5345525745523230
answers c0 char 00.....JASIEK hex 303000000004004A415349454B202020
answers d0 char .... ..97. hex 2020202020200304000020ED1C393700
answers e0 char ................ hex 00000000000000000000000000000000
answers f0 char ................ hex 00000000000000000000000000000000
answers 100 char ....... hex 00000000000000
cm_get_dc_name: Returning DC SERWER2000 (10.0.0.123) for domain NT14
IPC$ connections done anonymously
connecting to SERWER2000 from LINUX with username []\[]
Connecting to host=SERWER2000 share=IPC$
Connecting to 10.0.0.123 at port 445
socket option SO_KEEPALIVE = 0
socket option SO_REUSEADDR = 0
socket option SO_BROADCAST = 0
socket option TCP_NODELAY = 1
socket option IPTOS_LOWDELAY = 0
socket option IPTOS_THROUGHPUT = 0
socket option SO_SNDBUF = 16384
socket option SO_RCVBUF = 87380
socket option SO_SNDLOWAT = 1
socket option SO_RCVLOWAT = 1
socket option SO_SNDTIMEO = 0
socket option SO_RCVTIMEO = 0
write_socket(12,168)
write_socket(12,168) wrote 168
got smb length of 109
size=109
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=29260
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=65 (0x41)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=243 (0xF3)
smb_vwv[11]=20992 (0x5200)
smb_vwv[12]=34108 (0x853C)
smb_vwv[13]=28196 (0x6E24)
smb_vwv[14]=49798 (0xC286)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]=2303 (0x8FF)
smb_bcc=40
[000] B5 B9 CD 7C 74 E4 1A 7E 4E 00 54 00 31 00 34 00 ...|t..~ N.T.1.4.
[010] 00 00 53 00 45 00 52 00 57 00 45 00 52 00 32 00 ..S.E.R. W.E.R.2.
[020] 30 00 30 00 30 00 00 00 0.0.0...
size=109
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=29260
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=65 (0x41)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=243 (0xF3)
smb_vwv[11]=20992 (0x5200)
smb_vwv[12]=34108 (0x853C)
smb_vwv[13]=28196 (0x6E24)
smb_vwv[14]=49798 (0xC286)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]=2303 (0x8FF)
smb_bcc=40
[000] B5 B9 CD 7C 74 E4 1A 7E 4E 00 54 00 31 00 34 00 ...|t..~ N.T.1.4.
[010] 00 00 53 00 45 00 52 00 57 00 45 00 52 00 32 00 ..S.E.R. W.E.R.2.
[020] 30 00 30 00 30 00 00 00 0.0.0...
write_socket(12,92)
write_socket(12,92) wrote 92
got smb length of 125
size=125
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=125 (0x7D)
smb_vwv[2]=0 (0x0)
smb_bcc=84
[000] 7C 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 |W.i.n.d .o.w.s.
[010] 00 35 00 2E 00 30 00 00 00 57 00 69 00 6E 00 64 .5...0.. .W.i.n.d
[020] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 30 .o.w.s. .2.0.0.0
[030] 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 00 6E . .L.A.N . .M.a.n
[040] 00 61 00 67 00 65 00 72 00 00 00 4E 00 54 00 31 .a.g.e.r ...N.T.1
[050] 00 34 00 00 .4..
size=125
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=125 (0x7D)
smb_vwv[2]=0 (0x0)
smb_bcc=84
[000] 7C 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 |W.i.n.d .o.w.s.
[010] 00 35 00 2E 00 30 00 00 00 57 00 69 00 6E 00 64 .5...0.. .W.i.n.d
[020] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 30 .o.w.s. .2.0.0.0
[030] 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 00 6E . .L.A.N . .M.a.n
[040] 00 61 00 67 00 65 00 72 00 00 00 4E 00 54 00 31 .a.g.e.r ...N.T.1
[050] 00 34 00 00 .4..
write_socket(12,62)
write_socket(12,62) wrote 62
got smb length of 48
size=48
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=1 (0x1)
smb_bcc=7
[000] 49 50 43 00 00 00 00 IPC....
cli_init_creds: user domain flgs: 0
ntlmssp_cli_flgs:0
write_socket(12,108)
write_socket(12,108) wrote 108
got smb length of 103
size=103
smb_com=0xa2
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=34
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=103 (0x67)
smb_vwv[2]=1792 (0x700)
smb_vwv[3]=320 (0x140)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_vwv[14]=0 (0x0)
smb_vwv[15]=0 (0x0)
smb_vwv[16]=0 (0x0)
smb_vwv[17]=0 (0x0)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=0 (0x0)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=32768 (0x8000)
smb_vwv[22]=0 (0x0)
smb_vwv[23]=0 (0x0)
smb_vwv[24]=16 (0x10)
smb_vwv[25]=0 (0x0)
smb_vwv[26]=0 (0x0)
smb_vwv[27]=0 (0x0)
smb_vwv[28]=0 (0x0)
smb_vwv[29]=0 (0x0)
smb_vwv[30]=0 (0x0)
smb_vwv[31]=512 (0x200)
smb_vwv[32]=65280 (0xFF00)
smb_vwv[33]=5 (0x5)
smb_bcc=0
Bind RPC Pipe[4007]: \PIPE\NETLOGON
Bind Abstract Syntax: [000] 78 56 34 12 34 12 CD AB EF 00 01 23 45 67 CF FB xV4.4... ...#Eg..
[010] 01 00 00 00 ....
Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
[010] 02 00 00 00 ....
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0b
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0048
000a auth_len : 0000
000c call_id : 00000007
000010 smb_io_rpc_hdr_rb
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 1630
0012 max_rsize: 1630
0014 assoc_gid: 00000000
0018 num_elements: 00000001
001c context_id : 0000
001e num_syntaxes: 01
00001f smb_io_rpc_iface
0020 data : 12345678
0024 data : 1234
0026 data : abcd
0028 data : ef 00 01 23 45 67 cf fb
0030 version: 00000001
000034 smb_io_rpc_iface
0034 data : 8a885d04
0038 data : 1ceb
003a data : 11c9
003c data : 9f e8 08 00 2b 10 48 60
0044 version: 00000002
rpc_api_pipe: cmd:26 fnum:4007
size=154
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=72 (0x48)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=72 (0x48)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=72 (0x48)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=16391 (0x4007)
smb_bcc=87
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 0B 03 10 00 00 00 48 00 00 00 07 00 00 00 30 .......H .......0
[020] 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 78 .0...... .......x
[030] 56 34 12 34 12 CD AB EF 00 01 23 45 67 CF FB 01 V4.4.... ..#Eg...
[040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+
[050] 10 48 60 02 00 00 00 .H`....
write_socket(12,158)
write_socket(12,158) wrote 158
got smb length of 124
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 07 00 00 ........ .D......
[010] 00 B8 10 B8 10 B8 8B 00 00 0C 00 5C 50 49 50 45 ........ ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 07 00 00 ........ .D......
[010] 00 B8 10 B8 10 B8 8B 00 00 0C 00 5C 50 49 50 45 ........ ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
rpc_check_hdr: rdata->data_size = 68
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000007
rpc_api_pipe: len left: 0 smbtrans read: 68
rpc_api_pipe: fragment first and last both set
rpc_pipe_bind: rpc_api_pipe returned OK.
000010 smb_io_rpc_hdr_ba
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 10b8
0012 max_rsize: 10b8
0014 assoc_gid: 00008bb8
000018 smb_io_rpc_addr_str
0018 len: 000c
001a str: \PIPE\lsass.
000026 smb_io_rpc_results
0028 num_results: 01
002c result : 0000
002e reason : 0000
000030 smb_io_rpc_iface
0030 data : 8a885d04
0034 data : 1ceb
0036 data : 11c9
0038 data : 9f e8 08 00 2b 10 48 60
0040 version: 00000002
bind_rpc_pipe: server pipe_name found: \PIPE\lsass
bind_rpc_pipe: accepted!
new_cli_net_req_chal: LSA Request Challenge from SERWER2000 to LINUX: 45D642D99ABB764E
init_q_req_chal: 535
init_q_req_chal: 544
000000 net_io_q_req_chal
0000 undoc_buffer: 00000001
000004 smb_io_unistr2
0004 uni_max_len: 0000000d
0008 undoc : 00000000
000c uni_str_len: 0000000d
0010 buffer : \.\.S.E.R.W.E.R.2.0.0.0...
00002a smb_io_unistr2
002c uni_max_len: 00000006
0030 undoc : 00000000
0034 uni_str_len: 00000006
0038 buffer : L.I.N.U.X...
000044 smb_io_chal
0044 data: 45 d6 42 d9 9a bb 76 4e
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x4 data_len: 0x64
create_rpc_request: data_len: 64 auth_len: 0 alloc_hint: 54
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0064
000a auth_len : 0000
000c call_id : 00000008
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000054
0014 context_id: 0000
0016 opnum : 0004
data_len: 64 data_calc_len: 64
rpc_api_pipe: cmd:26 fnum:4007
size=182
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=100 (0x64)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=100 (0x64)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=100 (0x64)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=16391 (0x4007)
smb_bcc=115
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 64 00 00 00 08 00 00 00 54 .......d .......T
[020] 00 00 00 00 00 04 00 01 00 00 00 0D 00 00 00 00 ........ ........
[030] 00 00 00 0D 00 00 00 5C 00 5C 00 53 00 45 00 52 .......\ .\.S.E.R
[040] 00 57 00 45 00 52 00 32 00 30 00 30 00 30 00 00 .W.E.R.2 .0.0.0..
[050] 00 00 00 06 00 00 00 00 00 00 00 06 00 00 00 4C ........ .......L
[060] 00 49 00 4E 00 55 00 58 00 00 00 45 D6 42 D9 9A .I.N.U.X ...E.B..
[070] BB 76 4E .vN
write_socket(12,186)
write_socket(12,186) wrote 186
got smb length of 92
size=92
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=36 (0x24)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=36 (0x24)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=37
[000] 00 05 00 02 03 10 00 00 00 24 00 00 00 08 00 00 ........ .$......
[010] 00 0C 00 00 00 00 00 00 00 EE 57 6B 7D 34 BA 10 ........ ..Wk}4..
[020] B2 00 00 00 00 .....
size=92
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=36 (0x24)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=36 (0x24)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=37
[000] 00 05 00 02 03 10 00 00 00 24 00 00 00 08 00 00 ........ .$......
[010] 00 0C 00 00 00 00 00 00 00 EE 57 6B 7D 34 BA 10 ........ ..Wk}4..
[020] B2 00 00 00 00 .....
rpc_check_hdr: rdata->data_size = 36
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0024
000a auth_len : 0000
000c call_id : 00000008
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 0000000c
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 36
rpc_api_pipe: fragment first and last both set
000018 net_io_r_req_chal
000018 smb_io_chal
0018 data: ee 57 6b 7d 34 ba 10 b2
0020 status: NT_STATUS_OK
cred_session_key
clnt_chal: 45D642D99ABB764E
srv_chal : EE576B7D34BA10B2
clnt+srv : 332EAE56CE758700
sess_key : 685338630C5B4BAF
cred_create
sess_key : 685338630C5B4BAF
stor_cred: 45D642D99ABB764E
timestamp: 0
timecred : 45D642D99ABB764E
calc_cred: 34A890C8F04711FE
new_cli_net_auth2: srv:\\SERWER2000 acct:LINUX$ sc:2 mc: LINUX chal 34A890C8F04711FE neg: 1ff
init_q_auth_2: 673
make_log_info 1162
init_q_auth_2: 679
000000 net_io_q_auth_2
000000 smb_io_log_info
0000 undoc_buffer: 00000001
000004 smb_io_unistr2 unistr2
0004 uni_max_len: 0000000d
0008 undoc : 00000000
000c uni_str_len: 0000000d
0010 buffer : \.\.S.E.R.W.E.R.2.0.0.0...
00002a smb_io_unistr2 unistr2
002c uni_max_len: 00000007
0030 undoc : 00000000
0034 uni_str_len: 00000007
0038 buffer : L.I.N.U.X.$...
0046 sec_chan: 0002
000048 smb_io_unistr2 unistr2
0048 uni_max_len: 00000006
004c undoc : 00000000
0050 uni_str_len: 00000006
0054 buffer : L.I.N.U.X...
000060 smb_io_chal
0060 data: 34 a8 90 c8 f0 47 11 fe
000068 net_io_neg_flags
0068 neg_flags: 000001ff
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0xf data_len: 0x84
create_rpc_request: data_len: 84 auth_len: 0 alloc_hint: 74
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0084
000a auth_len : 0000
000c call_id : 00000009
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000074
0014 context_id: 0000
0016 opnum : 000f
data_len: 84 data_calc_len: 84
rpc_api_pipe: cmd:26 fnum:4007
size=214
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=132 (0x84)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=132 (0x84)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=132 (0x84)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=16391 (0x4007)
smb_bcc=147
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 84 00 00 00 09 00 00 00 74 ........ .......t
[020] 00 00 00 00 00 0F 00 01 00 00 00 0D 00 00 00 00 ........ ........
[030] 00 00 00 0D 00 00 00 5C 00 5C 00 53 00 45 00 52 .......\ .\.S.E.R
[040] 00 57 00 45 00 52 00 32 00 30 00 30 00 30 00 00 .W.E.R.2 .0.0.0..
[050] 00 00 00 07 00 00 00 00 00 00 00 07 00 00 00 4C ........ .......L
[060] 00 49 00 4E 00 55 00 58 00 24 00 00 00 02 00 06 .I.N.U.X .$......
[070] 00 00 00 00 00 00 00 06 00 00 00 4C 00 49 00 4E ........ ...L.I.N
[080] 00 55 00 58 00 00 00 34 A8 90 C8 F0 47 11 FE FF .U.X...4 ....G...
[090] 01 00 00 ...
write_socket(12,218)
write_socket(12,218) wrote 218
got smb length of 96
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=40 (0x28)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=40 (0x28)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=41
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 09 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 F4 94 73 26 F9 66 29 ........ ...s&.f)
[020] A0 FF 01 00 00 00 00 00 00 ........ .
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=6151
smb_pid=29260
smb_uid=10241
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=40 (0x28)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=40 (0x28)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=41
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 09 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 F4 94 73 26 F9 66 29 ........ ...s&.f)
[020] A0 FF 01 00 00 00 00 00 00 ........ .
rpc_check_hdr: rdata->data_size = 40
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0028
000a auth_len : 0000
000c call_id : 00000009
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000010
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 40
rpc_api_pipe: fragment first and last both set
000018 net_io_r_auth_2
000018 smb_io_chal
0018 data: f4 94 73 26 f9 66 29 a0
000020 net_io_neg_flags
0020 neg_flags: 000001ff
0024 status: NT_STATUS_OK
cred_create
sess_key : 685338630C5B4BAF
stor_cred: EE576B7D34BA10B2
timestamp: 0
timecred : EE576B7D34BA10B2
calc_cred: F4947326F96629A0
cred_assert
challenge : F4947326F96629A0
calculated: F4947326F96629A0
credentials check ok
secret is good
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29263: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn ENDPWENT
[29264]: endpwent
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29264: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn GETPWNAM
[29272]: getpwnam ser
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29272: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn GETPWNAM
[29274]: getpwnam ser
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29274: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn GETPWNAM
[29278]: getpwnam ser
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29278: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn GETPWNAM
[29280]: getpwnam ser
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29280: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn ENDPWENT
[29281]: endpwent
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29281: EOF
accepted socket 11
client_read: read 1304 bytes. Need 0 more for a full request.
process_request: request fn ENDPWENT
[29282]: endpwent
client_write: wrote 1304 bytes.
read failed on sock 11, pid 29282: EOF
More information about the samba
mailing list