The Tcpdump Group git mirrors - tcpdump/blob - tests/cve-2018-10105_smbutil_withoutasan.out

   1 IP (tos 0x0, ttl 128, id 376, offset 0, flags [DF], proto TCP (6), length 128)
   2     192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], cksum 0x3e2f (incorrect -> 0x3d49), seq 4267808374:4267808462, ack 628292694, win 63102, length 88
   3 SMB PACKET: SMBtrans2 (REPLY)
   4 SMB Command   =  0x32
   5 Error class   =  0x0
   6 Error code    =  0 (0x0)
   7 Flags1        =  0xFF
   8 Flags2        =  0x7
   9 Tree ID       =  2048 (0x800)
  10 Proc ID       =  2848 (0xb20)
  11 UID           =  4098 (0x1002)
  12 MID           =  1616 (0x650)
  13 Word Count    =  10 (0xa)
  14 TRANSACT2_OPEN param_length=2 data_length=24
  15 TotParam=2 (0x2)
  16 TotData=24 (0x18)
  17 Res1=0x0
  18 ParamCnt=2 (0x2)
  19 ParamOff=56 (0x38)
  20 ParamDisp0 (0x0)
  21 DataCnt=24 (0x18)
  22 DataOff=60 (0x3c)
  23 DataDisp=0 (0x0)
  24 SetupCnt=0 (0x0)
  25 smb_bcc=29
  26 Handle=0 (0x0)
  27 Attrib=Data=
  28 Data: (24 bytes)
  29 [000] 00 00 0B 00 00 00 00 00  00 00 00 00 00 00 00 00  \0x00\0x00\0x0b\0x00\0x00\0x00\0x00\0x00 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00
  30 [010] 01 00 00 00 00 00 00 00                           \0x01\0x00\0x00\0x00\0x00\0x00\0x00\0x00
  31
  32 IP 192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], seq 1:75, ack 88, win 254, length 74 SMB PACKET: SMBtrans2 (REQUEST)
  33
  34 IP (tos 0x0, ttl 128, id 632, offset 0, flags [DF], proto TCP (6), length 114)
  35     192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], cksum 0x2437 (correct), seq 1:75, ack 88, win 254, length 74
  36 SMB PACKET: SMBtrans2 (REQUEST)
  37 SMB Command   =  0x32
  38 Error class   =  0x0
  39 Error code    =  0 (0x0)
  40 Flags1        =  0x18
  41 Flags2        =  0x7
  42 Tree ID       =  2048 (0x800)
  43 Proc ID       =  2848 (0xb20)
  44 UID           =  4098 (0x1002)
  45 MID           =  1632 (0x660)
  46 Word Count    =  15 (0xf)
  47 TRANSACT2_QFSINFO param_length=2 data_length=0
  48 TotParam=2 (0x2)
  49 TotData=0 (0x0)
  50 MaxParam=0 (0x0)
  51 MaxData=560 (0x230)
  52 MaxSetup=0 (0x0)
  53 Flags=0x0
  54 TimeOut=0 (0x0)
  55 Res1=0x0
  56 ParamCnt=2 (0x2)
  57 ParamOff=68 (0x44)
  58 DataCnt=0 (0x0)
  59 DataOff=0 (0x0)
  60 SetupCnt=1 (0x1)
  61 smb_bcc=5
  62 InfoLevel=261 (0x105)
  63
  64
  65 IP (tos 0x0, ttl 128, id 377, offset 0, flags [DF], proto TCP (6), length 120)
  66     192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], cksum 0xf1fb (incorrect -> 0x1559), seq 88:168, ack 75, win 63028, length 80
  67 SMB PACKET: SMBtrans2 (REPLY)
  68 SMB Command   =  0x32
  69 Error class   =  0x0
  70 Error code    =  0 (0x0)
  71 Flags1        =  0x98
  72 Flags2        =  0x7
  73 Tree ID       =  0 (0x0)
  74 Proc ID       =  0 (0x0)
  75 UID           =  0 (0x0)
  76 MID           =  0 (0x0)
  77 Word Count    =  11 (0xb)
  78 TRANSACT2_QFSINFO param_length=0 data_length=20
  79 TotParam=0 (0x0)
  80 TotData=0 (0x0)
  81 Res1=0x0
  82 ParamCnt=0 (0x0)
  83 ParamOff=56 (0x38)
  84 ParamDisp0 (0x0)
  85 DataCnt=20 (0x14)
  86 DataOff=56 (0x38)
  87 DataDisp=0 (0x0)
  88 SetupCnt=0 (0x0)
  89 smb_bcc=65280
  90 Capabilities=0x700FF
  91 MaxFileLen=255 (0xff)
  92 VolNameLen=4278190088
  93 Volume=...
  94 data:
  95 [000] FF 00 07 00 FF 00 00 00  08 00 00 FF FF FF FF 00  \0xff\0x00\0x07\0x00\0xff\0x00\0x00\0x00 \0x08\0x00\0x00\0xff\0xff\0xff\0xff\0x00
  96 [010] 46 00 53 00                                       F\0x00S\0x00
  97
  98
  99 IP (tos 0x0, ttl 128, id 633, offset 0, flags [DF], proto TCP (6), length 116)
 100     192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], cksum 0x2253 (incorrect -> 0x229b), seq 75:151, ack 168, win 253, length 76 SMB-over-TCP packet:(raw data or continuation?)
 101