[Samba] Join fails with 'SPNEGO login failed: invalid parameter'
Remy Zandwijk
remy.zandwijk at falw.vu.nl
Sun Nov 2 20:14:09 GMT 2008
Hi,
I am running Samba 3.2.4 on a Solaris 10 SPARC machine. The config is pretty
simple (see below). Security is set to 'domain'. The PDC and BDC are running
3.0.30 without problems.
When joining the machine to the domain with 'net rpc join', it fails with:
Could not connect to server 130.37.79.2
Connection failed: NT_STATUS_INVALID_PARAMETER
when running the net command with -d10, messages appear like:
[2008/11/02 21:00:54, 1] libsmb/ntlmssp.c:(326)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2008/11/02 21:00:54, 3] libsmb/cliconnect.c:(1036)
SPNEGO login failed: Invalid parameter
[2008/11/02 21:00:54, 1] libsmb/cliconnect.c:(1737)
failed session setup with NT_STATUS_INVALID_PARAMETER
What's keeping Samba from joining the domain correctly?
Regards,
Remy Zandwijk
----------
smb.conf [global]-section:
global]
netbios name = MEGAPTERAFALW
workgroup = ALW
server string = ALW %L
log file = /var/log/samba/%m.log
log level = 3
max log size = 10000
security = domain
password server = 130.37.79.3 130.37.79.2
encrypt passwords = yes
wins server = 130.37.79.8
host msdfs = yes
disable spoolss = yes
load printers = no
printing = bsd
printcap name = /dev/null
winbind separator = +
winbind enum users = no
winbind enum groups = no
winbind nested groups = yes
winbind use default domain = yes
idmap domains = ALW
idmap config ALW:backend = nss
idmap config ALW:readonly = yes
net rcp join -d10 output:
[2008/11/02 21:08:07, 5] lib/debug.c:(407)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
registry: False/0
[2008/11/02 21:08:07, 3] param/loadparm.c:(8754)
lp_load_ex: refreshing parameters
[2008/11/02 21:08:07, 3] param/loadparm.c:(4597)
Initialising global parameters
[2008/11/02 21:08:07, 3] param/params.c:(569)
params.c:pm_process() - Processing configuration file "/etc/opt/samba/smb.conf"
[2008/11/02 21:08:07, 3] param/loadparm.c:(7417)
Processing section "[global]"
doing parameter netbios name = MEGAPTERAFALW
[2008/11/02 21:08:07, 4] param/loadparm.c:(6765)
handle_netbios_name: set global_myname to: MEGAPTERAFALW
doing parameter workgroup = ALW
doing parameter server string = ALW %L
doing parameter log file = /var/log/samba/%m.log
doing parameter log level = 3
doing parameter max log size = 10000
doing parameter security = domain
doing parameter password server = 130.37.79.3 130.37.79.2
doing parameter encrypt passwords = yes
doing parameter wins server = 130.37.79.8
doing parameter host msdfs = yes
doing parameter disable spoolss = yes
doing parameter load printers = no
doing parameter printing = bsd
doing parameter printcap name = /dev/null
doing parameter winbind separator = +
doing parameter winbind enum users = no
doing parameter winbind enum groups = no
doing parameter winbind nested groups = yes
doing parameter winbind use default domain = yes
doing parameter idmap domains = ALW
doing parameter idmap config ALW:backend = nss
doing parameter idmap config ALW:readonly = yes
[2008/11/02 21:08:07, 4] param/loadparm.c:(8798)
pm_process() returned Yes
[2008/11/02 21:08:07, 7] param/loadparm.c:(9003)
lp_servicenumber: couldn't find homes
[2008/11/02 21:08:07, 10] param/loadparm.c:(7976)
set_server_role: role = ROLE_DOMAIN_MEMBER
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset UCS-2LE
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset UCS-2LE
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset UTF-16LE
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset UTF-16LE
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset UCS-2BE
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset UCS-2BE
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset UTF-16BE
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset UTF-16BE
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset UTF8
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset UTF8
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset UTF-8
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset UTF-8
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset ASCII
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset ASCII
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset 646
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset 646
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset ISO-8859-1
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset ISO-8859-1
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset UCS2-HEX
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset UCS2-HEX
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/module.c:(111)
Probing module 'CP850'
[2008/11/02 21:08:07, 5] lib/module.c:(130)
Probing module 'CP850': Trying to load from /opt/samba/lib/charset/CP850.so
[2008/11/02 21:08:07, 2] lib/module.c:(64)
Module '/opt/samba/lib/charset/CP850.so' loaded
[2008/11/02 21:08:07, 5] lib/iconv.c:(104)
Attempting to register new charset CP850
[2008/11/02 21:08:07, 5] lib/iconv.c:(112)
Registered charset CP850
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/util.c:(271)
Netbios name list:-
my_netbios_names[0]="MEGAPTERAFALW"
[2008/11/02 21:08:07, 2] lib/interface.c:(337)
added interface bge179000 ip=130.37.79.17 bcast=130.37.79.255
netmask=255.255.255.0
[2008/11/02 21:08:07, 2] lib/interface.c:(337)
added interface bge0 ip=130.37.180.17 bcast=130.37.180.255
netmask=255.255.255.0
[2008/11/02 21:08:07, 3] libsmb/cliconnect.c:(1632)
Connecting to host=130.37.79.2
[2008/11/02 21:08:07, 3] lib/util_sock.c:(1331)
Connecting to 130.37.79.2 at port 445
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option SO_KEEPALIVE = 0
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option SO_REUSEADDR = 0
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option SO_BROADCAST = 0
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option TCP_NODELAY = 1
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option IPTOS_LOWDELAY = 0
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option IPTOS_THROUGHPUT = 0
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option SO_SNDBUF = 49152
[2008/11/02 21:08:07, 5] lib/util_sock.c:(781)
socket option SO_RCVBUF = 49640
[2008/11/02 21:08:07, 5] lib/util_sock.c:(778)
Could not test socket option SO_SNDLOWAT.
[2008/11/02 21:08:07, 5] lib/util_sock.c:(778)
Could not test socket option SO_RCVLOWAT.
[2008/11/02 21:08:07, 5] lib/util_sock.c:(778)
Could not test socket option SO_SNDTIMEO.
[2008/11/02 21:08:07, 5] lib/util_sock.c:(778)
Could not test socket option SO_RCVTIMEO.
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 5] lib/charcnv.c:(82)
Substituting charset '646' for LOCALE
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,194)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,194) wrote 194
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 127
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=127
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]= 8 (0x8)
smb_vwv[ 1]=12803 (0x3203)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]= 65 (0x41)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]=32000 (0x7D00)
smb_vwv[ 8]= 110 (0x6E)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=33011 (0x80F3)
smb_vwv[11]=32896 (0x8080)
smb_vwv[12]=44506 (0xADDA)
smb_vwv[13]= 9913 (0x26B9)
smb_vwv[14]=51517 (0xC93D)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]= 255 (0xFF)
smb_bcc=58
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 70 64 63 31 00 00 00 00 00 00 00 00 00 00 00 00 pdc1.... ........
[010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0...
[020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7.....
[030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=127
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]= 8 (0x8)
smb_vwv[ 1]=12803 (0x3203)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]= 65 (0x41)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]=32000 (0x7D00)
smb_vwv[ 8]= 110 (0x6E)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=33011 (0x80F3)
smb_vwv[11]=32896 (0x8080)
smb_vwv[12]=44506 (0xADDA)
smb_vwv[13]= 9913 (0x26B9)
smb_vwv[14]=51517 (0xC93D)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]= 255 (0xFF)
smb_bcc=58
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 70 64 63 31 00 00 00 00 00 00 00 00 00 00 00 00 pdc1.... ........
[010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0...
[020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7.....
[030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,92)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,92) wrote 92
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 86
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=86
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=100
smb_mid=2
smt_wct=3
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]= 1 (0x1)
smb_bcc=45
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m
[010] 00 62 00 61 00 20 00 33 00 2E 00 30 00 2E 00 33 .b.a. .3 ...0...3
[020] 00 30 00 00 00 41 00 4C 00 57 00 00 00 .0...A.L .W...
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=86
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=100
smb_mid=2
smt_wct=3
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]= 1 (0x1)
smb_bcc=45
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m
[010] 00 62 00 61 00 20 00 33 00 2E 00 30 00 2E 00 33 .b.a. .3 ...0...3
[020] 00 30 00 00 00 41 00 4C 00 57 00 00 00 .0...A.L .W...
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,90)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,90) wrote 90
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 56
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=56
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=3
smt_wct=7
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]= 1 (0x1)
smb_vwv[ 3]= 511 (0x1FF)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 511 (0x1FF)
smb_vwv[ 6]= 0 (0x0)
smb_bcc=7
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 49 50 43 00 00 00 00 IPC....
[2008/11/02 21:08:07, 10] libsmb/clientgen.c:(429)
cli_init_creds: user domain
[2008/11/02 21:08:07, 5] lib/gencache.c:(61)
Opening cache file at /var/opt/samba/locks/gencache.tdb
[2008/11/02 21:08:07, 10] libsmb/namequery.c:(75)
saf_store: domain = [ALW], server = [130.37.79.2], expire = [1225657387]
[2008/11/02 21:08:07, 10] lib/gencache.c:(131)
Adding cache entry with key = SAF/DOMAIN/ALW; value = 130.37.79.2 and
timeout = Sun Nov 2 21:23:07 2008
(900 seconds ahead)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,104)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,104) wrote 104
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 103
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=103
smb_com=0xa2
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=4
smt_wct=34
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]=54272 (0xD400)
smb_vwv[ 3]= 374 (0x176)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 0 (0x0)
smb_vwv[11]= 0 (0x0)
smb_vwv[12]= 0 (0x0)
smb_vwv[13]= 0 (0x0)
smb_vwv[14]= 0 (0x0)
smb_vwv[15]= 0 (0x0)
smb_vwv[16]= 0 (0x0)
smb_vwv[17]= 0 (0x0)
smb_vwv[18]= 0 (0x0)
smb_vwv[19]= 0 (0x0)
smb_vwv[20]= 0 (0x0)
smb_vwv[21]=32768 (0x8000)
smb_vwv[22]= 0 (0x0)
smb_vwv[23]= 0 (0x0)
smb_vwv[24]= 0 (0x0)
smb_vwv[25]= 0 (0x0)
smb_vwv[26]= 0 (0x0)
smb_vwv[27]= 0 (0x0)
smb_vwv[28]= 0 (0x0)
smb_vwv[29]= 0 (0x0)
smb_vwv[30]= 0 (0x0)
smb_vwv[31]= 512 (0x200)
smb_vwv[32]=65280 (0xFF00)
smb_vwv[33]= 5 (0x5)
smb_bcc=0
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(2049)
Bind RPC Pipe[76d4]: \lsarpc auth_type 0, auth_level 0
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(1650)
Bind Abstract Syntax: [000] 12 34 57 78 12 34 AB CD EF 00 01 23 45 67 89
AB .4Wx.4.. ...#Eg..
[010] 00 00 00 00 ....
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(1653)
Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9 9F E8 08 00 2B 10 48
60 ..]..... ....+.H`
[010] 00 00 00 02 ....
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 0b
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0048
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000001
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_rb
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_bba
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0010 max_tsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0012 max_rsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0014 assoc_gid: 00000000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0018 num_contexts: 01
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
001c context_id : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
001e num_transfer_syntaxes: 01
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
00001f smb_io_rpc_iface
[2008/11/02 21:08:07, 7] rpc_parse/parse_prs.c:(88)
000020 smb_io_uuid uuid
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0020 data : 12345778
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0024 data : 1234
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0026 data : abcd
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
0028 data : ef 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
002a data : 01 23 45 67 89 ab
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0030 version: 00000000
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000034 smb_io_rpc_iface
[2008/11/02 21:08:07, 7] rpc_parse/parse_prs.c:(88)
000034 smb_io_uuid uuid
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0034 data : 8a885d04
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0038 data : 1ceb
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
003a data : 11c9
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
003c data : 9f e8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
003e data : 08 00 2b 10 48 60
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0044 version: 00000002
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=154
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=5
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 72 (0x48)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 72 (0x48)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30420 (0x76D4)
smb_bcc=87
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 00 B8 .......H ........
[020] 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 00 78 ........ .......x
[030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 00 W4.4.... ..#Eg...
[040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+
[050] 10 48 60 02 00 00 00 .H`....
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,158)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,158) wrote 158
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 124
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=5
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 68 (0x44)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 68 (0x44)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=69
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D......
[010] 00 B8 10 B8 10 F0 53 00 00 0C 00 5C 50 49 50 45 ......S. ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=5
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 68 (0x44)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 68 (0x44)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=69
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D......
[010] 00 B8 10 B8 10 F0 53 00 00 0C 00 5C 50 49 50 45 ......S. ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 0c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0044
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000001
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 68 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4 returned
68 bytes.
[2008/11/02 21:08:07, 3] rpc_client/cli_pipe.c:(2086)
rpc_pipe_bind: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4 bind
request returned ok.
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 0c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0044
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000001
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_ba
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_bba
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0010 max_tsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0012 max_rsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0014 assoc_gid: 000053f0
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000018 smb_io_rpc_addr_str
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0018 len: 000c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
001a str: \PIPE\lsass.
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000026 smb_io_rpc_results
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0028 num_results: 01
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
002c result : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
002e reason : 0000
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000030 smb_io_rpc_iface
[2008/11/02 21:08:07, 7] rpc_parse/parse_prs.c:(88)
000030 smb_io_uuid uuid
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0030 data : 8a885d04
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0034 data : 1ceb
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0036 data : 11c9
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
0038 data : 9f e8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
003a data : 08 00 2b 10 48 60
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0040 version: 00000002
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(1704)
check_bind_response: accepted!
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(2282)
cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine 130.37.79.2 and
bound anonymously.
[2008/11/02 21:08:07, 5] rpc_client/init_lsa.c:(90)
init_lsa_obj_attr
lsa_OpenPolicy: struct lsa_OpenPolicy
in: struct lsa_OpenPolicy
system_name : *
system_name : 0x005c (92)
attr : *
attr: struct lsa_ObjectAttribute
len : 0x00000018 (24)
root_dir : NULL
object_name : NULL
attributes : 0x00000000 (0)
sec_desc : NULL
sec_qos : NULL
access_mask : 0x02000000 (33554432)
0: LSA_POLICY_VIEW_LOCAL_INFORMATION
0: LSA_POLICY_VIEW_AUDIT_INFORMATION
0: LSA_POLICY_GET_PRIVATE_INFORMATION
0: LSA_POLICY_TRUST_ADMIN
0: LSA_POLICY_CREATE_ACCOUNT
0: LSA_POLICY_CREATE_SECRET
0: LSA_POLICY_CREATE_PRIVILEGE
0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS
0: LSA_POLICY_SET_AUDIT_REQUIREMENTS
0: LSA_POLICY_AUDIT_LOG_ADMIN
0: LSA_POLICY_SERVER_ADMIN
0: LSA_POLICY_LOOKUP_NAMES
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 003c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000002
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_req hdr_req
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000024
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0016 opnum : 0006
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=142
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=6
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 60 (0x3C)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 60 (0x3C)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30420 (0x76D4)
smb_bcc=75
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 3C 00 00 00 02 00 00 00 24 .......< .......$
[020] 00 00 00 00 00 06 00 00 00 02 00 5C 00 00 00 18 ........ ...\....
[030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[040] 00 00 00 00 00 00 00 00 00 00 02 ........ ...
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,146)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,146) wrote 146
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 104
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=6
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 48 (0x30)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 48 (0x30)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=49
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 01 00 00 00 00 0E 49 A9 08 7D 6E 00 00 00 00 00 ......I. .}n.....
[030] 00 .
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=6
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 48 (0x30)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 48 (0x30)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=49
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 01 00 00 00 00 0E 49 A9 08 7D 6E 00 00 00 00 00 ......I. .}n.....
[030] 00 .
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 02
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0030
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000002
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000018
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0016 cancel_ct : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0017 reserved : 00
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(576)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 48 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4 returned
48 bytes.
lsa_OpenPolicy: struct lsa_OpenPolicy
out: struct lsa_OpenPolicy
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
01000000-0000-0000-0e49-a9087d6e0000
result : NT_STATUS_OK
lsa_QueryInfoPolicy: struct lsa_QueryInfoPolicy
in: struct lsa_QueryInfoPolicy
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
01000000-0000-0000-0e49-a9087d6e0000
level : LSA_POLICY_INFO_ACCOUNT_DOMAIN (5)
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 002e
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000003
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_req hdr_req
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000016
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0016 opnum : 0007
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=128
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=7
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 46 (0x2E)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 46 (0x2E)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30420 (0x76D4)
smb_bcc=61
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 2E 00 00 00 03 00 00 00 16 ........ ........
[020] 00 00 00 00 00 07 00 00 00 00 00 00 00 00 01 00 ........ ........
[030] 00 00 00 0E 49 A9 08 7D 6E 00 00 05 00 ....I..} n....
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,132)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,132) wrote 132
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 152
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=152
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=7
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 96 (0x60)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 96 (0x60)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=97
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 60 00 00 00 03 00 00 ........ .`......
[010] 00 48 00 00 00 00 00 00 00 00 00 00 22 05 00 00 .H...... ...."...
[020] 00 06 00 08 00 01 00 00 00 01 00 00 00 04 00 00 ........ ........
[030] 00 00 00 00 00 03 00 00 00 41 00 4C 00 57 00 00 ........ .A.L.W..
[040] 00 04 00 00 00 01 04 00 00 00 00 00 05 15 00 00 ........ ........
[050] 00 DD E6 B9 03 E4 8C 87 6A 36 40 16 5E 00 00 00 ........ j6 at .^...
[060] 00 .
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=152
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=7
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 96 (0x60)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 96 (0x60)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=97
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 60 00 00 00 03 00 00 ........ .`......
[010] 00 48 00 00 00 00 00 00 00 00 00 00 22 05 00 00 .H...... ...."...
[020] 00 06 00 08 00 01 00 00 00 01 00 00 00 04 00 00 ........ ........
[030] 00 00 00 00 00 03 00 00 00 41 00 4C 00 57 00 00 ........ .A.L.W..
[040] 00 04 00 00 00 01 04 00 00 00 00 00 05 15 00 00 ........ ........
[050] 00 DD E6 B9 03 E4 8C 87 6A 36 40 16 5E 00 00 00 ........ j6 at .^...
[060] 00 .
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 02
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0060
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000003
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000048
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0016 cancel_ct : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0017 reserved : 00
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(576)
cli_pipe_validate_current_pdu: got pdu len 96, data_len 72, ss_len 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 96 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4 returned
144 bytes.
lsa_QueryInfoPolicy: struct lsa_QueryInfoPolicy
out: struct lsa_QueryInfoPolicy
info : *
info : *
info : union
lsa_PolicyInformation(case 5)
account_domain: struct lsa_DomainInfo
name: struct lsa_StringLarge
length : 0x0006 (6)
size : 0x0008 (8)
string : *
string : 'ALW'
sid : *
sid :
S-1-5-21-62514909-1787268324-1578516534
result : NT_STATUS_OK
lsa_Close: struct lsa_Close
in: struct lsa_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
01000000-0000-0000-0e49-a9087d6e0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 002c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000004
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_req hdr_req
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000014
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0016 opnum : 0000
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=126
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=8
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 44 (0x2C)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 44 (0x2C)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30420 (0x76D4)
smb_bcc=59
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 2C 00 00 00 04 00 00 00 14 ......., ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 ........ ........
[030] 00 00 00 0E 49 A9 08 7D 6E 00 00 ....I..} n..
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,130)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,130) wrote 130
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 104
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=8
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 48 (0x30)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 48 (0x30)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=49
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[030] 00 .
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=8
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 48 (0x30)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 48 (0x30)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=49
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ........ .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[030] 00 .
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 02
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0030
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000004
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000018
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0016 cancel_ct : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0017 reserved : 00
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(576)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 48 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \lsarpc fnum 0x76d4 returned
48 bytes.
lsa_Close: struct lsa_Close
out: struct lsa_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
00000000-0000-0000-0000-000000000000
result : NT_STATUS_OK
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,45)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,45) wrote 45
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 35
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=9
smt_wct=0
smb_bcc=0
[2008/11/02 21:08:07, 10] libsmb/clientgen.c:(567)
cli_rpc_pipe_close: closed pipe \lsarpc to machine 130.37.79.2
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,108)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,108) wrote 108
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 103
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=103
smb_com=0xa2
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=10
smt_wct=34
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]=54528 (0xD500)
smb_vwv[ 3]= 374 (0x176)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 0 (0x0)
smb_vwv[11]= 0 (0x0)
smb_vwv[12]= 0 (0x0)
smb_vwv[13]= 0 (0x0)
smb_vwv[14]= 0 (0x0)
smb_vwv[15]= 0 (0x0)
smb_vwv[16]= 0 (0x0)
smb_vwv[17]= 0 (0x0)
smb_vwv[18]= 0 (0x0)
smb_vwv[19]= 0 (0x0)
smb_vwv[20]= 0 (0x0)
smb_vwv[21]=32768 (0x8000)
smb_vwv[22]= 0 (0x0)
smb_vwv[23]= 0 (0x0)
smb_vwv[24]= 0 (0x0)
smb_vwv[25]= 0 (0x0)
smb_vwv[26]= 0 (0x0)
smb_vwv[27]= 0 (0x0)
smb_vwv[28]= 0 (0x0)
smb_vwv[29]= 0 (0x0)
smb_vwv[30]= 0 (0x0)
smb_vwv[31]= 512 (0x200)
smb_vwv[32]=65280 (0xFF00)
smb_vwv[33]= 5 (0x5)
smb_bcc=0
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(2049)
Bind RPC Pipe[76d5]: \NETLOGON auth_type 0, auth_level 0
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(1650)
Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD EF 00 01 23 45 67 CF
FB .4Vx.4.. ...#Eg..
[010] 00 00 00 01 ....
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(1653)
Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9 9F E8 08 00 2B 10 48
60 ..]..... ....+.H`
[010] 00 00 00 02 ....
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 0b
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0048
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000005
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_rb
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_bba
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0010 max_tsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0012 max_rsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0014 assoc_gid: 00000000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0018 num_contexts: 01
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
001c context_id : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
001e num_transfer_syntaxes: 01
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
00001f smb_io_rpc_iface
[2008/11/02 21:08:07, 7] rpc_parse/parse_prs.c:(88)
000020 smb_io_uuid uuid
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0020 data : 12345678
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0024 data : 1234
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0026 data : abcd
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
0028 data : ef 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
002a data : 01 23 45 67 cf fb
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0030 version: 00000001
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000034 smb_io_rpc_iface
[2008/11/02 21:08:07, 7] rpc_parse/parse_prs.c:(88)
000034 smb_io_uuid uuid
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0034 data : 8a885d04
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0038 data : 1ceb
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
003a data : 11c9
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
003c data : 9f e8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
003e data : 08 00 2b 10 48 60
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0044 version: 00000002
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=154
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=11
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 72 (0x48)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 72 (0x48)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30421 (0x76D5)
smb_bcc=87
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 0B 03 10 00 00 00 48 00 00 00 05 00 00 00 B8 .......H ........
[020] 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 00 78 ........ .......x
[030] 56 34 12 34 12 CD AB EF 00 01 23 45 67 CF FB 01 V4.4.... ..#Eg...
[040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+
[050] 10 48 60 02 00 00 00 .H`....
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,158)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,158) wrote 158
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 124
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=11
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 68 (0x44)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 68 (0x44)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=69
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D......
[010] 00 B8 10 B8 10 F0 53 00 00 0C 00 5C 50 49 50 45 ......S. ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=11
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 68 (0x44)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 68 (0x44)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=69
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D......
[010] 00 B8 10 B8 10 F0 53 00 00 0C 00 5C 50 49 50 45 ......S. ...\PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 0c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0044
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000005
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 68 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
returned 68 bytes.
[2008/11/02 21:08:07, 3] rpc_client/cli_pipe.c:(2086)
rpc_pipe_bind: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5 bind
request returned ok.
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 0c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0044
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000005
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_ba
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_bba
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0010 max_tsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0012 max_rsize: 10b8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0014 assoc_gid: 000053f0
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000018 smb_io_rpc_addr_str
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0018 len: 000c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
001a str: \PIPE\lsass.
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000026 smb_io_rpc_results
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0028 num_results: 01
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
002c result : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
002e reason : 0000
[2008/11/02 21:08:07, 6] rpc_parse/parse_prs.c:(88)
000030 smb_io_rpc_iface
[2008/11/02 21:08:07, 7] rpc_parse/parse_prs.c:(88)
000030 smb_io_uuid uuid
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0030 data : 8a885d04
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0034 data : 1ceb
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0036 data : 11c9
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
0038 data : 9f e8
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(865)
003a data : 08 00 2b 10 48 60
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0040 version: 00000002
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(1704)
check_bind_response: accepted!
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(2282)
cli_rpc_pipe_open_noauth: opened pipe \NETLOGON to machine 130.37.79.2 and
bound anonymously.
netr_ServerReqChallenge: struct netr_ServerReqChallenge
in: struct netr_ServerReqChallenge
server_name : *
server_name : '\\130.37.79.2'
computer_name : 'MEGAPTERAFALW'
credentials : *
credentials: struct netr_Credential
data : 7e75d6a3be83c222
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0074
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000006
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_req hdr_req
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 0000005c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0016 opnum : 0004
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=198
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=12
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 116 (0x74)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 116 (0x74)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30421 (0x76D5)
smb_bcc=131
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 74 00 00 00 06 00 00 00 5C .......t .......\
[020] 00 00 00 00 00 04 00 00 00 02 00 0E 00 00 00 00 ........ ........
[030] 00 00 00 0E 00 00 00 5C 00 5C 00 31 00 33 00 30 .......\ .\.1.3.0
[040] 00 2E 00 33 00 37 00 2E 00 37 00 39 00 2E 00 32 ...3.7.. .7.9...2
[050] 00 00 00 0E 00 00 00 00 00 00 00 0E 00 00 00 4D ........ .......M
[060] 00 45 00 47 00 41 00 50 00 54 00 45 00 52 00 41 .E.G.A.P .T.E.R.A
[070] 00 46 00 41 00 4C 00 57 00 00 00 7E 75 D6 A3 BE .F.A.L.W ...~u...
[080] 83 C2 22 .."
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,202)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,202) wrote 202
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 92
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=92
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=12
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 36 (0x24)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 36 (0x24)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=37
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 24 00 00 00 06 00 00 ........ .$......
[010] 00 0C 00 00 00 00 00 00 00 89 9D 2A 78 EC 07 90 ........ ...*x...
[020] 53 00 00 00 00 S....
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=92
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=12
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 36 (0x24)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 36 (0x24)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=37
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 24 00 00 00 06 00 00 ........ .$......
[010] 00 0C 00 00 00 00 00 00 00 89 9D 2A 78 EC 07 90 ........ ...*x...
[020] 53 00 00 00 00 S....
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 02
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0024
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000006
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 0000000c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0016 cancel_ct : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0017 reserved : 00
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(576)
cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 36 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
returned 24 bytes.
netr_ServerReqChallenge: struct netr_ServerReqChallenge
out: struct netr_ServerReqChallenge
return_credentials : *
return_credentials: struct netr_Credential
data : 899d2a78ec079053
result : NT_STATUS_OK
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(294)
creds_client_init: neg_flags : 600fffff
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(295)
creds_client_init: client chal : 7E75D6A3BE83C222
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(296)
creds_client_init: server chal : 899D2A78EC079053
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(70)
creds_init_128
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(71)
clnt_chal_in: 7E75D6A3BE83C222
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(72)
srv_chal_in : 899D2A78EC079053
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(314)
creds_client_init: clnt : 50E10FF8E110589F
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(315)
creds_client_init: server : 07BC7AC30EEFBC11
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(316)
creds_client_init: seed : 50E10FF8E110589F
netr_ServerAuthenticate2: struct netr_ServerAuthenticate2
in: struct netr_ServerAuthenticate2
server_name : *
server_name : '\\130.37.79.2'
account_name : 'MEGAPTERAFALW$'
secure_channel_type : SEC_CHAN_WKSTA (2)
computer_name : 'MEGAPTERAFALW'
credentials : *
credentials: struct netr_Credential
data : 50e10ff8e110589f
negotiate_flags : *
negotiate_flags : 0x600fffff (1611661311)
1: NETLOGON_NEG_ACCOUNT_LOCKOUT
1: NETLOGON_NEG_PERSISTENT_SAMREPL
1: NETLOGON_NEG_ARCFOUR
1: NETLOGON_NEG_PROMOTION_COUNT
1: NETLOGON_NEG_CHANGELOG_BDC
1: NETLOGON_NEG_FULL_SYNC_REPL
1: NETLOGON_NEG_MULTIPLE_SIDS
1: NETLOGON_NEG_REDO
1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL
1: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC
1: NETLOGON_NEG_GENERIC_PASSTHROUGH
1: NETLOGON_NEG_CONCURRENT_RPC
1: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL
1: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL
1: NETLOGON_NEG_128BIT
1: NETLOGON_NEG_TRANSITIVE_TRUSTS
1: NETLOGON_NEG_DNS_DOMAIN_TRUSTS
1: NETLOGON_NEG_PASSWORD_SET2
1: NETLOGON_NEG_GETDOMAININFO
1: NETLOGON_NEG_CROSS_FOREST_TRUSTS
0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION
0: NETLOGON_NEG_RODC_PASSTHROUGH
1: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS
1: NETLOGON_NEG_SCHANNEL
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 00a4
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000007
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_req hdr_req
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 0000008c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0016 opnum : 000f
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=246
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=13
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 164 (0xA4)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 164 (0xA4)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30421 (0x76D5)
smb_bcc=179
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 A4 00 00 00 07 00 00 00 8C ........ ........
[020] 00 00 00 00 00 0F 00 00 00 02 00 0E 00 00 00 00 ........ ........
[030] 00 00 00 0E 00 00 00 5C 00 5C 00 31 00 33 00 30 .......\ .\.1.3.0
[040] 00 2E 00 33 00 37 00 2E 00 37 00 39 00 2E 00 32 ...3.7.. .7.9...2
[050] 00 00 00 0F 00 00 00 00 00 00 00 0F 00 00 00 4D ........ .......M
[060] 00 45 00 47 00 41 00 50 00 54 00 45 00 52 00 41 .E.G.A.P .T.E.R.A
[070] 00 46 00 41 00 4C 00 57 00 24 00 00 00 02 00 0E .F.A.L.W .$......
[080] 00 00 00 00 00 00 00 0E 00 00 00 4D 00 45 00 47 ........ ...M.E.G
[090] 00 41 00 50 00 54 00 45 00 52 00 41 00 46 00 41 .A.P.T.E .R.A.F.A
[0A0] 00 4C 00 57 00 00 00 50 E1 0F F8 E1 10 58 9F FF .L.W...P .....X..
[0B0] FF 0F 60 ..`
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,250)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,250) wrote 250
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 96
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=13
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 40 (0x28)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 40 (0x28)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=41
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 07 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 22 00 00 C0 .....".. .
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=13
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 40 (0x28)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 40 (0x28)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=41
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 07 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 22 00 00 C0 .....".. .
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 02
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0028
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000007
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000010
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0016 cancel_ct : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0017 reserved : 00
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(576)
cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 40 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
returned 32 bytes.
netr_ServerAuthenticate2: struct netr_ServerAuthenticate2
out: struct netr_ServerAuthenticate2
return_credentials : *
return_credentials: struct netr_Credential
data : 0000000000000000
negotiate_flags : *
negotiate_flags : 0x00000000 (0)
0: NETLOGON_NEG_ACCOUNT_LOCKOUT
0: NETLOGON_NEG_PERSISTENT_SAMREPL
0: NETLOGON_NEG_ARCFOUR
0: NETLOGON_NEG_PROMOTION_COUNT
0: NETLOGON_NEG_CHANGELOG_BDC
0: NETLOGON_NEG_FULL_SYNC_REPL
0: NETLOGON_NEG_MULTIPLE_SIDS
0: NETLOGON_NEG_REDO
0: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL
0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC
0: NETLOGON_NEG_GENERIC_PASSTHROUGH
0: NETLOGON_NEG_CONCURRENT_RPC
0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL
0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL
0: NETLOGON_NEG_128BIT
0: NETLOGON_NEG_TRANSITIVE_TRUSTS
0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS
0: NETLOGON_NEG_PASSWORD_SET2
0: NETLOGON_NEG_GETDOMAININFO
0: NETLOGON_NEG_CROSS_FOREST_TRUSTS
0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION
0: NETLOGON_NEG_RODC_PASSTHROUGH
0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS
0: NETLOGON_NEG_SCHANNEL
result : NT_STATUS_ACCESS_DENIED
netr_ServerReqChallenge: struct netr_ServerReqChallenge
in: struct netr_ServerReqChallenge
server_name : *
server_name : '\\130.37.79.2'
computer_name : 'MEGAPTERAFALW'
credentials : *
credentials: struct netr_Credential
data : 8d3a77494c3e3a0d
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0074
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000008
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_req hdr_req
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 0000005c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0016 opnum : 0004
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=198
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=14
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 116 (0x74)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 116 (0x74)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30421 (0x76D5)
smb_bcc=131
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 74 00 00 00 08 00 00 00 5C .......t .......\
[020] 00 00 00 00 00 04 00 00 00 02 00 0E 00 00 00 00 ........ ........
[030] 00 00 00 0E 00 00 00 5C 00 5C 00 31 00 33 00 30 .......\ .\.1.3.0
[040] 00 2E 00 33 00 37 00 2E 00 37 00 39 00 2E 00 32 ...3.7.. .7.9...2
[050] 00 00 00 0E 00 00 00 00 00 00 00 0E 00 00 00 4D ........ .......M
[060] 00 45 00 47 00 41 00 50 00 54 00 45 00 52 00 41 .E.G.A.P .T.E.R.A
[070] 00 46 00 41 00 4C 00 57 00 00 00 8D 3A 77 49 4C .F.A.L.W ....:wIL
[080] 3E 3A 0D >:.
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,202)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,202) wrote 202
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 92
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=92
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=14
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 36 (0x24)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 36 (0x24)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=37
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 24 00 00 00 08 00 00 ........ .$......
[010] 00 0C 00 00 00 00 00 00 00 0F 37 73 ED 28 89 7D ........ ..7s.(.}
[020] F8 00 00 00 00 .....
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=92
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=14
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 36 (0x24)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 36 (0x24)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=37
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 24 00 00 00 08 00 00 ........ .$......
[010] 00 0C 00 00 00 00 00 00 00 0F 37 73 ED 28 89 7D ........ ..7s.(.}
[020] F8 00 00 00 00 .....
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 02
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0024
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000008
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 0000000c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0016 cancel_ct : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0017 reserved : 00
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(576)
cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 36 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
returned 24 bytes.
netr_ServerReqChallenge: struct netr_ServerReqChallenge
out: struct netr_ServerReqChallenge
return_credentials : *
return_credentials: struct netr_Credential
data : 0f3773ed28897df8
result : NT_STATUS_OK
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(294)
creds_client_init: neg_flags : 0
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(295)
creds_client_init: client chal : 8D3A77494C3E3A0D
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(296)
creds_client_init: server chal : 0F3773ED28897DF8
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(120)
creds_init_64
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(121)
clnt_chal_in: 8D3A77494C3E3A0D
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(122)
srv_chal_in : 0F3773ED28897DF8
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(123)
clnt+srv : 9C71EA3674C7B705
[2008/11/02 21:08:07, 5] libsmb/credentials.c:(124)
sess_key_out : A8CD5DB8935BB8F4
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(314)
creds_client_init: clnt : A3C7F33910594013
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(315)
creds_client_init: server : 44D7F5B4279FD0F2
[2008/11/02 21:08:07, 10] libsmb/credentials.c:(316)
creds_client_init: seed : A3C7F33910594013
netr_ServerAuthenticate2: struct netr_ServerAuthenticate2
in: struct netr_ServerAuthenticate2
server_name : *
server_name : '\\130.37.79.2'
account_name : 'MEGAPTERAFALW$'
secure_channel_type : SEC_CHAN_WKSTA (2)
computer_name : 'MEGAPTERAFALW'
credentials : *
credentials: struct netr_Credential
data : a3c7f33910594013
negotiate_flags : *
negotiate_flags : 0x00000000 (0)
0: NETLOGON_NEG_ACCOUNT_LOCKOUT
0: NETLOGON_NEG_PERSISTENT_SAMREPL
0: NETLOGON_NEG_ARCFOUR
0: NETLOGON_NEG_PROMOTION_COUNT
0: NETLOGON_NEG_CHANGELOG_BDC
0: NETLOGON_NEG_FULL_SYNC_REPL
0: NETLOGON_NEG_MULTIPLE_SIDS
0: NETLOGON_NEG_REDO
0: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL
0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC
0: NETLOGON_NEG_GENERIC_PASSTHROUGH
0: NETLOGON_NEG_CONCURRENT_RPC
0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL
0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL
0: NETLOGON_NEG_128BIT
0: NETLOGON_NEG_TRANSITIVE_TRUSTS
0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS
0: NETLOGON_NEG_PASSWORD_SET2
0: NETLOGON_NEG_GETDOMAININFO
0: NETLOGON_NEG_CROSS_FOREST_TRUSTS
0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION
0: NETLOGON_NEG_RODC_PASSTHROUGH
0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS
0: NETLOGON_NEG_SCHANNEL
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 00a4
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000009
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_req hdr_req
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 0000008c
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0016 opnum : 000f
[2008/11/02 21:08:07, 5] rpc_client/cli_pipe.c:(769)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=246
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=15
smt_wct=16
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 164 (0xA4)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 4280 (0x10B8)
smb_vwv[ 4]= 0 (0x0)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 0 (0x0)
smb_vwv[ 7]= 0 (0x0)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_vwv[10]= 82 (0x52)
smb_vwv[11]= 164 (0xA4)
smb_vwv[12]= 82 (0x52)
smb_vwv[13]= 2 (0x2)
smb_vwv[14]= 38 (0x26)
smb_vwv[15]=30421 (0x76D5)
smb_bcc=179
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\....
[010] 00 00 03 10 00 00 00 A4 00 00 00 09 00 00 00 8C ........ ........
[020] 00 00 00 00 00 0F 00 00 00 02 00 0E 00 00 00 00 ........ ........
[030] 00 00 00 0E 00 00 00 5C 00 5C 00 31 00 33 00 30 .......\ .\.1.3.0
[040] 00 2E 00 33 00 37 00 2E 00 37 00 39 00 2E 00 32 ...3.7.. .7.9...2
[050] 00 00 00 0F 00 00 00 00 00 00 00 0F 00 00 00 4D ........ .......M
[060] 00 45 00 47 00 41 00 50 00 54 00 45 00 52 00 41 .E.G.A.P .T.E.R.A
[070] 00 46 00 41 00 4C 00 57 00 24 00 00 00 02 00 0E .F.A.L.W .$......
[080] 00 00 00 00 00 00 00 0E 00 00 00 4D 00 45 00 47 ........ ...M.E.G
[090] 00 41 00 50 00 54 00 45 00 52 00 41 00 46 00 41 .A.P.T.E .R.A.F.A
[0A0] 00 4C 00 57 00 00 00 A3 C7 F3 39 10 59 40 13 00 .L.W.... ..9.Y at ..
[0B0] 00 00 00 ...
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,250)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,250) wrote 250
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 96
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=15
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 40 (0x28)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 40 (0x28)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=41
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 09 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 22 00 00 C0 .....".. .
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=96
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=15
smt_wct=10
smb_vwv[ 0]= 0 (0x0)
smb_vwv[ 1]= 40 (0x28)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 0 (0x0)
smb_vwv[ 4]= 56 (0x38)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 40 (0x28)
smb_vwv[ 7]= 56 (0x38)
smb_vwv[ 8]= 0 (0x0)
smb_vwv[ 9]= 0 (0x0)
smb_bcc=41
[2008/11/02 21:08:07, 10] lib/util.c:(2223)
[000] 00 05 00 02 03 10 00 00 00 28 00 00 00 09 00 00 ........ .(......
[010] 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 22 00 00 C0 .....".. .
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000000 smb_io_rpc_hdr rpc_hdr
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0000 major : 05
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0001 minor : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0002 pkt_type : 02
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0003 flags : 03
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0004 pack_type0: 10
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0005 pack_type1: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0006 pack_type2: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0007 pack_type3: 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0008 frag_len : 0028
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
000a auth_len : 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
000c call_id : 00000009
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(88)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(718)
0010 alloc_hint: 00000010
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(689)
0014 context_id: 0000
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0016 cancel_ct : 00
[2008/11/02 21:08:07, 5] rpc_parse/parse_prs.c:(624)
0017 reserved : 00
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(576)
cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(842)
rpc_api_pipe: got PDU len of 40 at offset 0
[2008/11/02 21:08:07, 10] rpc_client/cli_pipe.c:(893)
rpc_api_pipe: Remote machine 130.37.79.2 pipe \NETLOGON fnum 0x76d5
returned 32 bytes.
netr_ServerAuthenticate2: struct netr_ServerAuthenticate2
out: struct netr_ServerAuthenticate2
return_credentials : *
return_credentials: struct netr_Credential
data : 0000000000000000
negotiate_flags : *
negotiate_flags : 0x00000000 (0)
0: NETLOGON_NEG_ACCOUNT_LOCKOUT
0: NETLOGON_NEG_PERSISTENT_SAMREPL
0: NETLOGON_NEG_ARCFOUR
0: NETLOGON_NEG_PROMOTION_COUNT
0: NETLOGON_NEG_CHANGELOG_BDC
0: NETLOGON_NEG_FULL_SYNC_REPL
0: NETLOGON_NEG_MULTIPLE_SIDS
0: NETLOGON_NEG_REDO
0: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL
0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC
0: NETLOGON_NEG_GENERIC_PASSTHROUGH
0: NETLOGON_NEG_CONCURRENT_RPC
0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL
0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL
0: NETLOGON_NEG_128BIT
0: NETLOGON_NEG_TRANSITIVE_TRUSTS
0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS
0: NETLOGON_NEG_PASSWORD_SET2
0: NETLOGON_NEG_GETDOMAININFO
0: NETLOGON_NEG_CROSS_FOREST_TRUSTS
0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION
0: NETLOGON_NEG_RODC_PASSTHROUGH
0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS
0: NETLOGON_NEG_SCHANNEL
result : NT_STATUS_ACCESS_DENIED
[2008/11/02 21:08:07, 3] libsmb/trusts_util.c:(52)
just_change_the_password: unable to setup creds (NT_STATUS_ACCESS_DENIED)!
[2008/11/02 21:08:07, 10] lib/dbwrap_tdb.c:(100)
Locking key 534543524554532F5349
[2008/11/02 21:08:07, 10] lib/dbwrap_tdb.c:(129)
Allocated locked data 0x10066aaf0
[2008/11/02 21:08:07, 10] lib/dbwrap_tdb.c:(42)
Unlocking key 534543524554532F5349
[2008/11/02 21:08:07, 1] utils/net_rpc.c:(181)
rpc command function failed! (NT_STATUS_ACCESS_DENIED)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,45)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,45) wrote 45
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 35
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=16
smt_wct=0
smb_bcc=0
[2008/11/02 21:08:07, 10] libsmb/clientgen.c:(567)
cli_rpc_pipe_close: closed pipe \NETLOGON to machine 130.37.79.2
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(236)
write_socket(3,39)
[2008/11/02 21:08:07, 6] libsmb/clientgen.c:(239)
write_socket(3,39) wrote 39
[2008/11/02 21:08:07, 10] lib/util_sock.c:(1118)
got smb length of 35
[2008/11/02 21:08:07, 5] lib/util.c:(642)
[2008/11/02 21:08:07, 5] lib/util.c:(652)
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=1
smb_pid=892
smb_uid=100
smb_mid=17
smt_wct=0
smb_bcc=0
Enter helpdesk's password:
[2008/11/02 21:08:13, 3] libsmb/cliconnect.c:(1632)
Connecting to host=130.37.79.2
[2008/11/02 21:08:13, 3] lib/util_sock.c:(1331)
Connecting to 130.37.79.2 at port 445
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option SO_KEEPALIVE = 0
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option SO_REUSEADDR = 0
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option SO_BROADCAST = 0
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option TCP_NODELAY = 1
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option IPTOS_LOWDELAY = 0
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option IPTOS_THROUGHPUT = 0
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option SO_SNDBUF = 49152
[2008/11/02 21:08:13, 5] lib/util_sock.c:(781)
socket option SO_RCVBUF = 49640
[2008/11/02 21:08:13, 5] lib/util_sock.c:(778)
Could not test socket option SO_SNDLOWAT.
[2008/11/02 21:08:13, 5] lib/util_sock.c:(778)
Could not test socket option SO_RCVLOWAT.
[2008/11/02 21:08:13, 5] lib/util_sock.c:(778)
Could not test socket option SO_SNDTIMEO.
[2008/11/02 21:08:13, 5] lib/util_sock.c:(778)
Could not test socket option SO_RCVTIMEO.
[2008/11/02 21:08:13, 6] libsmb/clientgen.c:(236)
write_socket(3,194)
[2008/11/02 21:08:13, 6] libsmb/clientgen.c:(239)
write_socket(3,194) wrote 194
[2008/11/02 21:08:13, 10] lib/util_sock.c:(1118)
got smb length of 127
[2008/11/02 21:08:13, 5] lib/util.c:(642)
[2008/11/02 21:08:13, 5] lib/util.c:(652)
size=127
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]= 8 (0x8)
smb_vwv[ 1]=12803 (0x3203)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]= 65 (0x41)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]=32256 (0x7E00)
smb_vwv[ 8]= 110 (0x6E)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=33011 (0x80F3)
smb_vwv[11]=32896 (0x8080)
smb_vwv[12]=16737 (0x4161)
smb_vwv[13]= 9917 (0x26BD)
smb_vwv[14]=51517 (0xC93D)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]= 255 (0xFF)
smb_bcc=58
[2008/11/02 21:08:13, 10] lib/util.c:(2223)
[000] 70 64 63 31 00 00 00 00 00 00 00 00 00 00 00 00 pdc1.... ........
[010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0...
[020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7.....
[030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE
[2008/11/02 21:08:13, 5] lib/util.c:(642)
[2008/11/02 21:08:13, 5] lib/util.c:(652)
size=127
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[ 0]= 8 (0x8)
smb_vwv[ 1]=12803 (0x3203)
smb_vwv[ 2]= 256 (0x100)
smb_vwv[ 3]= 1024 (0x400)
smb_vwv[ 4]= 65 (0x41)
smb_vwv[ 5]= 0 (0x0)
smb_vwv[ 6]= 256 (0x100)
smb_vwv[ 7]=32256 (0x7E00)
smb_vwv[ 8]= 110 (0x6E)
smb_vwv[ 9]=64768 (0xFD00)
smb_vwv[10]=33011 (0x80F3)
smb_vwv[11]=32896 (0x8080)
smb_vwv[12]=16737 (0x4161)
smb_vwv[13]= 9917 (0x26BD)
smb_vwv[14]=51517 (0xC93D)
smb_vwv[15]=50177 (0xC401)
smb_vwv[16]= 255 (0xFF)
smb_bcc=58
[2008/11/02 21:08:13, 10] lib/util.c:(2223)
[000] 70 64 63 31 00 00 00 00 00 00 00 00 00 00 00 00 pdc1.... ........
[010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0...
[020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7.....
[030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE
[2008/11/02 21:08:13, 3] libsmb/cliconnect.c:(804)
Doing spnego session setup (blob length=58)
[2008/11/02 21:08:13, 3] libsmb/cliconnect.c:(831)
got OID=1 3 6 1 4 1 311 2 2 10
[2008/11/02 21:08:13, 3] libsmb/cliconnect.c:(839)
got principal=NONE
[2008/11/02 21:08:13, 6] libsmb/clientgen.c:(236)
write_socket(3,168)
[2008/11/02 21:08:13, 6] libsmb/clientgen.c:(239)
write_socket(3,168) wrote 168
[2008/11/02 21:08:13, 10] lib/util_sock.c:(1118)
got smb length of 254
[2008/11/02 21:08:13, 5] lib/util.c:(642)
[2008/11/02 21:08:13, 5] lib/util.c:(652)
size=254
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=100
smb_mid=2
smt_wct=4
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 167 (0xA7)
smb_bcc=211
[2008/11/02 21:08:13, 10] lib/util.c:(2223)
[000] A1 81 A4 30 81 A1 A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+
[010] 06 01 04 01 82 37 02 02 0A A2 81 8B 04 81 88 4E .....7.. .......N
[020] 54 4C 4D 53 53 50 00 02 00 00 00 06 00 06 00 30 TLMSSP.. .......0
[030] 00 00 00 15 82 89 60 1C 5E 71 91 3E E9 92 E3 00 ......`. ^q.>....
[040] 00 00 00 00 00 00 00 52 00 52 00 36 00 00 00 41 .......R .R.6...A
[050] 00 4C 00 57 00 02 00 06 00 41 00 4C 00 57 00 01 .L.W.... .A.L.W..
[060] 00 08 00 50 00 44 00 43 00 31 00 04 00 14 00 66 ...P.D.C .1.....f
[070] 00 61 00 6C 00 77 00 2E 00 76 00 75 00 2E 00 6E .a.l.w.. .v.u...n
[080] 00 6C 00 03 00 1C 00 6E 00 73 00 31 00 2E 00 66 .l.....n .s.1...f
[090] 00 61 00 6C 00 77 00 2E 00 76 00 75 00 2E 00 6E .a.l.w.. .v.u...n
[0A0] 00 6C 00 00 00 00 00 55 00 6E 00 69 00 78 00 00 .l.....U .n.i.x..
[0B0] 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 00 2E .S.a.m.b .a. .3..
[0C0] 00 30 00 2E 00 33 00 30 00 00 00 41 00 4C 00 57 .0...3.0 ...A.L.W
[0D0] 00 00 00 ...
[2008/11/02 21:08:13, 5] lib/util.c:(642)
[2008/11/02 21:08:13, 5] lib/util.c:(652)
size=254
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51201
smb_tid=0
smb_pid=892
smb_uid=100
smb_mid=2
smt_wct=4
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 0 (0x0)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 167 (0xA7)
smb_bcc=211
[2008/11/02 21:08:13, 10] lib/util.c:(2223)
[000] A1 81 A4 30 81 A1 A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+
[010] 06 01 04 01 82 37 02 02 0A A2 81 8B 04 81 88 4E .....7.. .......N
[020] 54 4C 4D 53 53 50 00 02 00 00 00 06 00 06 00 30 TLMSSP.. .......0
[030] 00 00 00 15 82 89 60 1C 5E 71 91 3E E9 92 E3 00 ......`. ^q.>....
[040] 00 00 00 00 00 00 00 52 00 52 00 36 00 00 00 41 .......R .R.6...A
[050] 00 4C 00 57 00 02 00 06 00 41 00 4C 00 57 00 01 .L.W.... .A.L.W..
[060] 00 08 00 50 00 44 00 43 00 31 00 04 00 14 00 66 ...P.D.C .1.....f
[070] 00 61 00 6C 00 77 00 2E 00 76 00 75 00 2E 00 6E .a.l.w.. .v.u...n
[080] 00 6C 00 03 00 1C 00 6E 00 73 00 31 00 2E 00 66 .l.....n .s.1...f
[090] 00 61 00 6C 00 77 00 2E 00 76 00 75 00 2E 00 6E .a.l.w.. .v.u...n
[0A0] 00 6C 00 00 00 00 00 55 00 6E 00 69 00 78 00 00 .l.....U .n.i.x..
[0B0] 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 00 2E .S.a.m.b .a. .3..
[0C0] 00 30 00 2E 00 33 00 30 00 00 00 41 00 4C 00 57 .0...3.0 ...A.L.W
[0D0] 00 00 00 ...
[2008/11/02 21:08:13, 1] libsmb/ntlmssp.c:(326)
Failed to parse NTLMSSP packet, could not extract NTLMSSP command
[2008/11/02 21:08:13, 2] lib/util.c:(2223)
[000] 4E 54 4C 4D 53 53 50 00 02 00 00 00 06 00 06 00 NTLMSSP. ........
[010] 30 00 00 00 15 82 89 60 1C 5E 71 91 3E E9 92 E3 0......` .^q.>...
[020] 00 00 00 00 00 00 00 00 52 00 52 00 36 00 00 00 ........ R.R.6...
[030] 41 00 4C 00 57 00 02 00 06 00 41 00 4C 00 57 00 A.L.W... ..A.L.W.
[040] 01 00 08 00 50 00 44 00 43 00 31 00 04 00 14 00 ....P.D. C.1.....
[050] 66 00 61 00 6C 00 77 00 2E 00 76 00 75 00 2E 00 f.a.l.w. ..v.u...
[060] 6E 00 6C 00 03 00 1C 00 6E 00 73 00 31 00 2E 00 n.l..... n.s.1...
[070] 66 00 61 00 6C 00 77 00 2E 00 76 00 75 00 2E 00 f.a.l.w. ..v.u...
[080] 6E 00 6C 00 00 00 00 00 n.l.....
[2008/11/02 21:08:13, 3] libsmb/cliconnect.c:(1036)
SPNEGO login failed: Invalid parameter
[2008/11/02 21:08:13, 1] libsmb/cliconnect.c:(1737)
failed session setup with NT_STATUS_INVALID_PARAMETER
Could not connect to server 130.37.79.2
Connection failed: NT_STATUS_INVALID_PARAMETER
[2008/11/02 21:08:13, 2] utils/net.c:(1172)
return code = 1
More information about the samba
mailing list