WARNING: The "printer admin" option is deprecated INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 doing parameter workgroup = LAB2000DOMAIN doing parameter netbios name = BD-S1 handle_netbios_name: set global_myname to: BD-S1 doing parameter wins server = 10.86.32.25 doing parameter password server = 10.86.32.25 doing parameter security = domain pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: role = ROLE_DOMAIN_MEMBER Attempting to register new charset UCS-2LE Registered charset UCS-2LE Attempting to register new charset UTF-16LE Registered charset UTF-16LE Attempting to register new charset UCS-2BE Registered charset UCS-2BE Attempting to register new charset UTF-16BE Registered charset UTF-16BE Attempting to register new charset UTF8 Registered charset UTF8 Attempting to register new charset UTF-8 Registered charset UTF-8 Attempting to register new charset ASCII Registered charset ASCII Attempting to register new charset 646 Registered charset 646 Attempting to register new charset ISO-8859-1 Registered charset ISO-8859-1 Attempting to register new charset UCS2-HEX Registered charset UCS2-HEX Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Substituting charset 'ANSI_X3.4-1968' for LOCALE Connecting to host=bd-s1 internal_resolve_name: looking up bd-s1#20 Opening cache file at /var/lib/samba/gencache.tdb Returning valid cache entry: key = NBT/BD-S1#20, value = 10.86.41.165:0, timeout = Tue Jan 31 11:37:39 2006 name bd-s1#20 found. Connecting to 10.86.41.165 at port 50139 socket option SO_KEEPALIVE = 0 socket option SO_REUSEADDR = 0 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 1 socket option TCP_KEEPCNT = 4 socket option TCP_KEEPIDLE = 90 socket option TCP_KEEPINTVL = 75 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 16384 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 write_socket(7,72) write_socket(7,72) wrote 72 Sent session request got smb length of 0 size=0 smb_com=0x0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=0 smb_tid=0 smb_pid=0 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=0 write_socket(7,183) write_socket(7,183) wrote 183 got smb length of 127 size=127 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4509 smb_uid=0 smb_mid=2 smt_wct=17 smb_vwv[ 0]= 7 (0x7) smb_vwv[ 1]=12803 (0x3203) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=40448 (0x9E00) smb_vwv[ 8]= 17 (0x11) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]=32995 (0x80E3) smb_vwv[11]= 128 (0x80) smb_vwv[12]=47363 (0xB903) smb_vwv[13]=33735 (0x83C7) smb_vwv[14]=50726 (0xC626) smb_vwv[15]=11265 (0x2C01) smb_vwv[16]=14849 (0x3A01) smb_bcc=58 [000] 62 64 2D 73 31 00 00 00 00 00 00 00 00 00 00 00 bd-s1... ........ [010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0... [020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7..... [030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE size=127 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4509 smb_uid=0 smb_mid=2 smt_wct=17 smb_vwv[ 0]= 7 (0x7) smb_vwv[ 1]=12803 (0x3203) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=40448 (0x9E00) smb_vwv[ 8]= 17 (0x11) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]=32995 (0x80E3) smb_vwv[11]= 128 (0x80) smb_vwv[12]=47363 (0xB903) smb_vwv[13]=33735 (0x83C7) smb_vwv[14]=50726 (0xC626) smb_vwv[15]=11265 (0x2C01) smb_vwv[16]=14849 (0x3A01) smb_bcc=58 [000] 62 64 2D 73 31 00 00 00 00 00 00 00 00 00 00 00 bd-s1... ........ [010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0... [020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7..... [030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE Serverzone is 18000 Doing spnego session setup (blob length=58) got OID=1 3 6 1 4 1 311 2 2 10 got principal=NONE write_socket(7,170) write_socket(7,170) wrote 170 got smb length of 348 size=348 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4509 smb_uid=100 smb_mid=3 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 241 (0xF1) smb_bcc=305 [000] A1 81 EE 30 81 EB A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+ [010] 06 01 04 01 82 37 02 02 0A A2 81 D5 04 81 D2 4E .....7.. .......N [020] 54 4C 4D 53 53 50 00 02 00 00 00 1A 00 1A 00 30 TLMSSP.. .......0 [030] 00 00 00 15 02 89 60 57 97 13 62 DC 63 63 8E 00 ......`W ..b.cc.. [040] 00 00 00 00 00 00 00 88 00 88 00 4A 00 00 00 4C ........ ...J...L [050] 00 41 00 42 00 32 00 30 00 30 00 30 00 44 00 4F .A.B.2.0 .0.0.D.O [060] 00 4D 00 41 00 49 00 4E 00 02 00 1A 00 4C 00 41 .M.A.I.N .....L.A [070] 00 42 00 32 00 30 00 30 00 30 00 44 00 4F 00 4D .B.2.0.0 .0.D.O.M [080] 00 41 00 49 00 4E 00 01 00 0A 00 42 00 44 00 2D .A.I.N.. ...B.D.- [090] 00 53 00 31 00 04 00 22 00 6C 00 61 00 62 00 32 .S.1..." .l.a.b.2 [0A0] 00 30 00 30 00 30 00 64 00 6F 00 6D 00 61 00 69 .0.0.0.d .o.m.a.i [0B0] 00 6E 00 2E 00 63 00 6F 00 6D 00 03 00 2E 00 62 .n...c.o .m.....b [0C0] 00 64 00 2D 00 73 00 31 00 2E 00 6C 00 61 00 62 .d.-.s.1 ...l.a.b [0D0] 00 32 00 30 00 30 00 30 00 64 00 6F 00 6D 00 61 .2.0.0.0 .d.o.m.a [0E0] 00 69 00 6E 00 2E 00 63 00 6F 00 6D 00 00 00 00 .i.n...c .o.m.... [0F0] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m [100] 00 62 00 61 00 20 00 33 00 2E 00 30 00 2E 00 32 .b.a. .3 ...0...2 [110] 00 30 00 00 00 4C 00 41 00 42 00 32 00 30 00 30 .0...L.A .B.2.0.0 [120] 00 30 00 44 00 4F 00 4D 00 41 00 49 00 4E 00 00 .0.D.O.M .A.I.N.. [130] 00 . size=348 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4509 smb_uid=100 smb_mid=3 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 241 (0xF1) smb_bcc=305 [000] A1 81 EE 30 81 EB A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+ [010] 06 01 04 01 82 37 02 02 0A A2 81 D5 04 81 D2 4E .....7.. .......N [020] 54 4C 4D 53 53 50 00 02 00 00 00 1A 00 1A 00 30 TLMSSP.. .......0 [030] 00 00 00 15 02 89 60 57 97 13 62 DC 63 63 8E 00 ......`W ..b.cc.. [040] 00 00 00 00 00 00 00 88 00 88 00 4A 00 00 00 4C ........ ...J...L [050] 00 41 00 42 00 32 00 30 00 30 00 30 00 44 00 4F .A.B.2.0 .0.0.D.O [060] 00 4D 00 41 00 49 00 4E 00 02 00 1A 00 4C 00 41 .M.A.I.N .....L.A [070] 00 42 00 32 00 30 00 30 00 30 00 44 00 4F 00 4D .B.2.0.0 .0.D.O.M [080] 00 41 00 49 00 4E 00 01 00 0A 00 42 00 44 00 2D .A.I.N.. ...B.D.- [090] 00 53 00 31 00 04 00 22 00 6C 00 61 00 62 00 32 .S.1..." .l.a.b.2 [0A0] 00 30 00 30 00 30 00 64 00 6F 00 6D 00 61 00 69 .0.0.0.d .o.m.a.i [0B0] 00 6E 00 2E 00 63 00 6F 00 6D 00 03 00 2E 00 62 .n...c.o .m.....b [0C0] 00 64 00 2D 00 73 00 31 00 2E 00 6C 00 61 00 62 .d.-.s.1 ...l.a.b [0D0] 00 32 00 30 00 30 00 30 00 64 00 6F 00 6D 00 61 .2.0.0.0 .d.o.m.a [0E0] 00 69 00 6E 00 2E 00 63 00 6F 00 6D 00 00 00 00 .i.n...c .o.m.... [0F0] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m [100] 00 62 00 61 00 20 00 33 00 2E 00 30 00 2E 00 32 .b.a. .3 ...0...2 [110] 00 30 00 00 00 4C 00 41 00 42 00 32 00 30 00 30 .0...L.A .B.2.0.0 [120] 00 30 00 44 00 4F 00 4D 00 41 00 49 00 4E 00 00 .0.D.O.M .A.I.N.. [130] 00 . Got challenge flags: Got NTLMSSP neg_flags=0x60890215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP challenge set by NTLM2 challenge is: [000] FD 4E FE 9E C2 66 89 09 .N...f.. NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x60080215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH write_socket(7,276) write_socket(7,276) wrote 276 got smb length of 116 size=116 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4509 smb_uid=101 smb_mid=4 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 9 (0x9) smb_bcc=73 [000] A1 07 30 05 A0 03 0A 01 00 55 00 6E 00 69 00 78 ..0..... .U.n.i.x [010] 00 00 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 ...S.a.m .b.a. .3 [020] 00 2E 00 30 00 2E 00 32 00 30 00 00 00 4C 00 41 ...0...2 .0...L.A [030] 00 42 00 32 00 30 00 30 00 30 00 44 00 4F 00 4D .B.2.0.0 .0.D.O.M [040] 00 41 00 49 00 4E 00 00 00 .A.I.N.. . size=116 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4509 smb_uid=101 smb_mid=4 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 9 (0x9) smb_bcc=73 [000] A1 07 30 05 A0 03 0A 01 00 55 00 6E 00 69 00 78 ..0..... .U.n.i.x [010] 00 00 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 ...S.a.m .b.a. .3 [020] 00 2E 00 30 00 2E 00 32 00 30 00 00 00 4C 00 41 ...0...2 .0...L.A [030] 00 42 00 32 00 30 00 30 00 30 00 44 00 4F 00 4D .B.2.0.0 .0.D.O.M [040] 00 41 00 49 00 4E 00 00 00 .A.I.N.. . write_socket(7,78) write_socket(7,78) wrote 78 got smb length of 48 size=48 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=5 smt_wct=3 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 1 (0x1) smb_bcc=7 [000] 49 50 43 00 00 00 00 IPC.... cli_init_creds: user test333 domain LAB2000DOMAIN write_socket(7,104) write_socket(7,104) wrote 104 got smb length of 103 size=103 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=6 smt_wct=34 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=16384 (0x4000) smb_vwv[ 3]= 369 (0x171) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 0 (0x0) smb_vwv[21]=32768 (0x8000) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_vwv[24]= 0 (0x0) smb_vwv[25]= 0 (0x0) smb_vwv[26]= 0 (0x0) smb_vwv[27]= 0 (0x0) smb_vwv[28]= 0 (0x0) smb_vwv[29]= 0 (0x0) smb_vwv[30]= 0 (0x0) smb_vwv[31]= 512 (0x200) smb_vwv[32]=65280 (0xFF00) smb_vwv[33]= 5 (0x5) smb_bcc=0 Bind RPC Pipe[7140]: \PIPE\lsarpc Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg.. [010] 00 00 00 00 .... Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [010] 02 00 00 00 .... 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000001 000010 smb_io_rpc_hdr_rb 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 00001f smb_io_rpc_iface 000020 smb_io_uuid uuid 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ab 0030 version: 00000000 000034 smb_io_rpc_iface 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 rpc_api_pipe: fnum:7140 size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=7 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 72 (0x48) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 72 (0x48) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=28992 (0x7140) smb_bcc=87 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 00 B8 .......H ........ [020] 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 00 78 ........ .......x [030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 00 W4.4.... ..#Eg... [040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+ [050] 10 48 60 02 00 00 00 .H`.... write_socket(7,158) write_socket(7,158) wrote 158 got smb length of 124 size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=7 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D...... [010] 00 B8 10 B8 10 F0 53 00 00 0C 00 5C 50 49 50 45 ......S. ...\PIPE [020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=7 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D...... [010] 00 B8 10 B8 10 F0 53 00 00 0C 00 5C 50 49 50 45 ......S. ...\PIPE [020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... rpc_check_hdr: rdata->data_size = 68 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 rpc_api_pipe: len left: 0 smbtrans read: 68 rpc_api_pipe: fragment first and last both set rpc_pipe_bind: rpc_api_pipe returned OK. 000010 smb_io_rpc_hdr_ba 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 000018 smb_io_rpc_addr_str 0018 len: 000c 001a str: \PIPE\lsass. 000026 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 000030 smb_io_rpc_iface 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 bind_rpc_pipe: accepted! init_lsa_sec_qos init_open_pol: attr:0 da:33554432 init_lsa_obj_attr 000000 lsa_io_q_open_pol 0000 ptr : 00000001 0004 system_name: 005c 000008 lsa_io_obj_attr 0008 len : 00000018 000c ptr_root_dir: 00000000 0010 ptr_obj_name: 00000000 0014 attributes : 00000000 0018 ptr_sec_desc: 00000000 001c ptr_sec_qos : 00000001 000020 lsa_io_obj_qos sec_qos 0020 len : 0000000c 0024 sec_imp_level : 0002 0026 sec_ctxt_mode : 01 0027 effective_only: 00 lsa_io_sec_qos: length c does not match size 8 0028 des_access: 02000000 create_rpc_request: opnum: 0x6 data_len: 0x44 create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000002 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000034 0014 context_id: 0000 0016 opnum : 0006 rpc_api_pipe: fnum:7140 size=150 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=8 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 68 (0x44) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=28992 (0x7140) smb_bcc=83 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 44 00 00 00 02 00 00 00 34 .......D .......4 [020] 00 00 00 00 00 06 00 01 00 00 00 5C 00 00 00 18 ........ ...\.... [030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [040] 00 00 00 01 00 00 00 0C 00 00 00 02 00 01 00 00 ........ ........ [050] 00 00 02 ... write_socket(7,154) write_socket(7,154) wrote 154 got smb length of 104 size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=8 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ........ ........ [020] 00 00 00 00 00 DE 90 DF 43 9E 11 00 00 00 00 00 ........ C....... [030] 00 . size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=8 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ........ ........ [020] 00 00 00 00 00 DE 90 DF 43 9E 11 00 00 00 00 00 ........ C....... [030] 00 . rpc_check_hdr: rdata->data_size = 48 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000002 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 48 rpc_api_pipe: fragment first and last both set 000018 lsa_io_r_open_pol 000018 smb_io_pol_hnd 0018 data1: 00000000 001c data2: 00000001 0020 data3: 0000 0022 data4: 0000 0024 data5: de 90 df 43 9e 11 00 00 002c status: NT_STATUS_OK init_q_query 000000 lsa_io_q_query 000000 smb_io_pol_hnd 0000 data1: 00000000 0004 data2: 00000001 0008 data3: 0000 000a data4: 0000 000c data5: de 90 df 43 9e 11 00 00 0014 info_class: 0005 create_rpc_request: opnum: 0x7 data_len: 0x2e create_rpc_request: data_len: 2e auth_len: 0 alloc_hint: 1e 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 00000003 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000001e 0014 context_id: 0000 0016 opnum : 0007 rpc_api_pipe: fnum:7140 size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=9 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 46 (0x2E) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 46 (0x2E) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=28992 (0x7140) smb_bcc=61 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 2E 00 00 00 03 00 00 00 1E ........ ........ [020] 00 00 00 00 00 07 00 00 00 00 00 01 00 00 00 00 ........ ........ [030] 00 00 00 DE 90 DF 43 9E 11 00 00 05 00 ......C. ..... write_socket(7,132) write_socket(7,132) wrote 132 got smb length of 156 size=156 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=9 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 100 (0x64) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 100 (0x64) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=101 [000] 00 05 00 02 03 10 00 00 00 64 00 00 00 03 00 00 ........ .d...... [010] 00 4C 00 00 00 00 00 00 00 00 00 00 22 05 00 00 .L...... ...."... [020] 00 0A 00 0C 00 01 00 00 00 01 00 00 00 06 00 00 ........ ........ [030] 00 00 00 00 00 05 00 00 00 42 00 44 00 2D 00 53 ........ .B.D.-.S [040] 00 31 00 00 00 04 00 00 00 01 04 00 00 00 00 00 .1...... ........ [050] 05 15 00 00 00 B5 88 95 8F 79 63 7A 7F 42 99 66 ........ .ycz.B.f [060] 05 00 00 00 00 ..... size=156 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=9 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 100 (0x64) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 100 (0x64) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=101 [000] 00 05 00 02 03 10 00 00 00 64 00 00 00 03 00 00 ........ .d...... [010] 00 4C 00 00 00 00 00 00 00 00 00 00 22 05 00 00 .L...... ...."... [020] 00 0A 00 0C 00 01 00 00 00 01 00 00 00 06 00 00 ........ ........ [030] 00 00 00 00 00 05 00 00 00 42 00 44 00 2D 00 53 ........ .B.D.-.S [040] 00 31 00 00 00 04 00 00 00 01 04 00 00 00 00 00 .1...... ........ [050] 05 15 00 00 00 B5 88 95 8F 79 63 7A 7F 42 99 66 ........ .ycz.B.f [060] 05 00 00 00 00 ..... rpc_check_hdr: rdata->data_size = 100 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0064 000a auth_len : 0000 000c call_id : 00000003 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000004c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 100 rpc_api_pipe: fragment first and last both set 000018 lsa_io_r_query 0018 undoc_buffer: 22000000 001c info_class: 0005 000020 lsa_io_dom_query 0020 uni_dom_max_len: 000a 0022 uni_dom_str_len: 000c 0024 buffer_dom_name: 00000001 0028 buffer_dom_sid : 00000001 00002c smb_io_unistr2 unistr2 002c uni_max_len: 00000006 0030 offset : 00000000 0034 uni_str_len: 00000005 0038 buffer : B.D.-.S.1. 000044 smb_io_dom_sid2 0044 num_auths: 00000004 000048 smb_io_dom_sid sid 0048 sid_rev_num: 01 0049 num_auths : 04 004a id_auth[0] : 00 004b id_auth[1] : 00 004c id_auth[2] : 00 004d id_auth[3] : 00 004e id_auth[4] : 00 004f id_auth[5] : 05 0050 sub_auths : 00000015 8f9588b5 7f7a6379 05669942 0060 status: NT_STATUS_OK init_lsa_q_close 000000 lsa_io_q_close 000000 smb_io_pol_hnd 0000 data1: 00000000 0004 data2: 00000001 0008 data3: 0000 000a data4: 0000 000c data5: de 90 df 43 9e 11 00 00 create_rpc_request: opnum: 0x0 data_len: 0x2c create_rpc_request: data_len: 2c auth_len: 0 alloc_hint: 1c 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000004 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000001c 0014 context_id: 0000 0016 opnum : 0000 rpc_api_pipe: fnum:7140 size=126 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=10 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=28992 (0x7140) smb_bcc=59 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 2C 00 00 00 04 00 00 00 1C ......., ........ [020] 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 ........ ........ [030] 00 00 00 DE 90 DF 43 9E 11 00 00 ......C. ... write_socket(7,130) write_socket(7,130) wrote 130 got smb length of 104 size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=10 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [030] 00 . size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=10 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [030] 00 . rpc_check_hdr: rdata->data_size = 48 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000004 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 48 rpc_api_pipe: fragment first and last both set 000018 lsa_io_r_close 000018 smb_io_pol_hnd 0018 data1: 00000000 001c data2: 00000000 0020 data3: 0000 0022 data4: 0000 0024 data5: 00 00 00 00 00 00 00 00 002c status: NT_STATUS_OK write_socket(7,45) write_socket(7,45) wrote 45 got smb length of 35 size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=11 smt_wct=0 smb_bcc=0 write_socket(7,106) write_socket(7,106) wrote 106 got smb length of 103 size=103 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=12 smt_wct=34 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=16640 (0x4100) smb_vwv[ 3]= 369 (0x171) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 0 (0x0) smb_vwv[21]=32768 (0x8000) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_vwv[24]= 0 (0x0) smb_vwv[25]= 0 (0x0) smb_vwv[26]= 0 (0x0) smb_vwv[27]= 0 (0x0) smb_vwv[28]= 0 (0x0) smb_vwv[29]= 0 (0x0) smb_vwv[30]= 0 (0x0) smb_vwv[31]= 512 (0x200) smb_vwv[32]=65280 (0xFF00) smb_vwv[33]= 5 (0x5) smb_bcc=0 Bind RPC Pipe[7141]: \PIPE\spoolss Bind Abstract Syntax: [000] 78 56 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xV4.4... ...#Eg.. [010] 01 00 00 00 .... Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [010] 02 00 00 00 .... 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000005 000010 smb_io_rpc_hdr_rb 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 00001f smb_io_rpc_iface 000020 smb_io_uuid uuid 0020 data : 12345678 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ab 0030 version: 00000001 000034 smb_io_rpc_iface 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 rpc_api_pipe: fnum:7141 size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=13 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 72 (0x48) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 72 (0x48) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=28993 (0x7141) smb_bcc=87 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 0B 03 10 00 00 00 48 00 00 00 05 00 00 00 B8 .......H ........ [020] 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 00 78 ........ .......x [030] 56 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 01 V4.4.... ..#Eg... [040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+ [050] 10 48 60 02 00 00 00 .H`.... write_socket(7,158) write_socket(7,158) wrote 158 got smb length of 124 size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=13 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D...... [010] 00 B8 10 B8 10 F0 53 00 00 0E 00 5C 50 49 50 45 ......S. ...\PIPE [020] 5C 73 70 6F 6F 6C 73 73 00 01 00 00 00 00 00 00 \spoolss ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=13 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D...... [010] 00 B8 10 B8 10 F0 53 00 00 0E 00 5C 50 49 50 45 ......S. ...\PIPE [020] 5C 73 70 6F 6F 6C 73 73 00 01 00 00 00 00 00 00 \spoolss ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... rpc_check_hdr: rdata->data_size = 68 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000005 rpc_api_pipe: len left: 0 smbtrans read: 68 rpc_api_pipe: fragment first and last both set rpc_pipe_bind: rpc_api_pipe returned OK. 000010 smb_io_rpc_hdr_ba 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 000018 smb_io_rpc_addr_str 0018 len: 000e 001a str: \PIPE\spoolss. 000028 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 000030 smb_io_rpc_iface 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 bind_rpc_pipe: accepted! 000000 spoolss_io_q_enumprinters 0000 flags: 00000002 0004 servername_ptr: 00000001 000008 smb_io_unistr2 0008 uni_max_len: 00000008 000c offset : 00000000 0010 uni_str_len: 00000008 0014 buffer : \.\.B.D.-.S.1... 0024 level: 00000001 0028 ptr: bffff510 00002c prs_rpcbuffer 002c size: 00000000 0030 offered: 00000000 create_rpc_request: opnum: 0x0 data_len: 0x4c create_rpc_request: data_len: 4c auth_len: 0 alloc_hint: 3c 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 004c 000a auth_len : 0000 000c call_id : 00000006 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000003c 0014 context_id: 0000 0016 opnum : 0000 rpc_api_pipe: fnum:7141 size=158 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=14 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 76 (0x4C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 76 (0x4C) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=28993 (0x7141) smb_bcc=91 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 4C 00 00 00 06 00 00 00 3C .......L .......< [020] 00 00 00 00 00 00 00 02 00 00 00 01 00 00 00 08 ........ ........ [030] 00 00 00 00 00 00 00 08 00 00 00 5C 00 5C 00 42 ........ ...\.\.B [040] 00 44 00 2D 00 53 00 31 00 00 00 01 00 00 00 10 .D.-.S.1 ........ [050] F5 FF BF 00 00 00 00 00 00 00 00 ........ ... write_socket(7,162) write_socket(7,162) wrote 162 got smb length of 100 size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=14 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 06 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 80 BD 3E 08 00 00 00 ........ ...>.... [020] 00 EC 00 00 00 00 00 00 00 7A 00 00 00 ........ .z... size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=14 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 06 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 80 BD 3E 08 00 00 00 ........ ...>.... [020] 00 EC 00 00 00 00 00 00 00 7A 00 00 00 ........ .z... rpc_check_hdr: rdata->data_size = 44 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000006 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000014 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 44 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_enumprinters 0018 ptr: 083ebd80 00001c prs_rpcbuffer 001c size: 00000000 0020 needed: 000000ec 0024 returned: 00000000 0028 status: WERR_INSUFFICIENT_BUFFER 000000 spoolss_io_q_enumprinters 0000 flags: 00000002 0004 servername_ptr: 00000001 000008 smb_io_unistr2 0008 uni_max_len: 00000008 000c offset : 00000000 0010 uni_str_len: 00000008 0014 buffer : \.\.B.D.-.S.1... 0024 level: 00000001 0028 ptr: bffff510 00002c prs_rpcbuffer 002c size: 000000ec 011c offered: 000000ec create_rpc_request: opnum: 0x0 data_len: 0x138 create_rpc_request: data_len: 138 auth_len: 0 alloc_hint: 128 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0138 000a auth_len : 0000 000c call_id : 00000007 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000128 0014 context_id: 0000 0016 opnum : 0000 rpc_api_pipe: fnum:7141 size=394 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=15 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 312 (0x138) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 312 (0x138) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=28993 (0x7141) smb_bcc=327 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 38 01 00 00 07 00 00 00 28 .......8 .......( [020] 01 00 00 00 00 00 00 02 00 00 00 01 00 00 00 08 ........ ........ [030] 00 00 00 00 00 00 00 08 00 00 00 5C 00 5C 00 42 ........ ...\.\.B [040] 00 44 00 2D 00 53 00 31 00 00 00 01 00 00 00 10 .D.-.S.1 ........ [050] F5 FF BF EC 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [140] 00 00 00 EC 00 00 00 ....... write_socket(7,398) write_socket(7,398) wrote 398 got smb length of 336 size=336 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=15 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 280 (0x118) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 280 (0x118) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=281 [000] 00 05 00 02 03 10 00 00 00 18 01 00 00 07 00 00 ........ ........ [010] 00 00 01 00 00 00 00 00 00 00 4C 37 08 EC 00 00 ........ ..L7.... [020] 00 00 00 80 00 C6 00 00 00 A4 00 00 00 A2 00 00 ........ ........ [030] 00 00 00 80 00 34 00 00 00 12 00 00 00 10 00 00 .....4.. ........ [040] 00 00 00 5C 00 5C 00 62 00 64 00 2D 00 73 00 31 ...\.\.b .d.-.s.1 [050] 00 5C 00 70 00 72 00 69 00 6E 00 74 00 65 00 72 .\.p.r.i .n.t.e.r [060] 00 31 00 00 00 5C 00 5C 00 62 00 64 00 2D 00 73 .1...\.\ .b.d.-.s [070] 00 31 00 5C 00 70 00 72 00 69 00 6E 00 74 00 65 .1.\.p.r .i.n.t.e [080] 00 72 00 31 00 2C 00 48 00 50 00 20 00 43 00 6F .r.1.,.H .P. .C.o [090] 00 6C 00 6F 00 72 00 20 00 4C 00 61 00 73 00 65 .l.o.r. .L.a.s.e [0A0] 00 72 00 4A 00 65 00 74 00 20 00 34 00 37 00 30 .r.J.e.t . .4.7.0 [0B0] 00 30 00 20 00 50 00 43 00 4C 00 20 00 36 00 2C .0. .P.C .L. .6., [0C0] 00 00 00 00 00 5C 00 5C 00 62 00 64 00 2D 00 73 .....\.\ .b.d.-.s [0D0] 00 31 00 5C 00 43 00 6C 00 75 00 73 00 74 00 65 .1.\.C.l .u.s.t.e [0E0] 00 72 00 31 00 00 00 5C 00 5C 00 62 00 64 00 2D .r.1...\ .\.b.d.- [0F0] 00 73 00 31 00 5C 00 43 00 6C 00 75 00 73 00 74 .s.1.\.C .l.u.s.t [100] 00 65 00 72 00 31 00 2C 00 2C 00 00 00 EC 00 00 .e.r.1., .,...... [110] 00 02 00 00 00 00 00 00 00 ........ . size=336 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=15 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 280 (0x118) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 280 (0x118) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=281 [000] 00 05 00 02 03 10 00 00 00 18 01 00 00 07 00 00 ........ ........ [010] 00 00 01 00 00 00 00 00 00 00 4C 37 08 EC 00 00 ........ ..L7.... [020] 00 00 00 80 00 C6 00 00 00 A4 00 00 00 A2 00 00 ........ ........ [030] 00 00 00 80 00 34 00 00 00 12 00 00 00 10 00 00 .....4.. ........ [040] 00 00 00 5C 00 5C 00 62 00 64 00 2D 00 73 00 31 ...\.\.b .d.-.s.1 [050] 00 5C 00 70 00 72 00 69 00 6E 00 74 00 65 00 72 .\.p.r.i .n.t.e.r [060] 00 31 00 00 00 5C 00 5C 00 62 00 64 00 2D 00 73 .1...\.\ .b.d.-.s [070] 00 31 00 5C 00 70 00 72 00 69 00 6E 00 74 00 65 .1.\.p.r .i.n.t.e [080] 00 72 00 31 00 2C 00 48 00 50 00 20 00 43 00 6F .r.1.,.H .P. .C.o [090] 00 6C 00 6F 00 72 00 20 00 4C 00 61 00 73 00 65 .l.o.r. .L.a.s.e [0A0] 00 72 00 4A 00 65 00 74 00 20 00 34 00 37 00 30 .r.J.e.t . .4.7.0 [0B0] 00 30 00 20 00 50 00 43 00 4C 00 20 00 36 00 2C .0. .P.C .L. .6., [0C0] 00 00 00 00 00 5C 00 5C 00 62 00 64 00 2D 00 73 .....\.\ .b.d.-.s [0D0] 00 31 00 5C 00 43 00 6C 00 75 00 73 00 74 00 65 .1.\.C.l .u.s.t.e [0E0] 00 72 00 31 00 00 00 5C 00 5C 00 62 00 64 00 2D .r.1...\ .\.b.d.- [0F0] 00 73 00 31 00 5C 00 43 00 6C 00 75 00 73 00 74 .s.1.\.C .l.u.s.t [100] 00 65 00 72 00 31 00 2C 00 2C 00 00 00 EC 00 00 .e.r.1., .,...... [110] 00 02 00 00 00 00 00 00 00 ........ . rpc_check_hdr: rdata->data_size = 280 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0118 000a auth_len : 0000 000c call_id : 00000007 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000100 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 280 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_enumprinters 0018 ptr: 08374c00 00001c prs_rpcbuffer 001c size: 000000ec 010c needed: 000000ec 0110 returned: 00000002 0114 status: WERR_OK 000000 smb_io_printer_info_1 0000 flags: 00800000 0004 offset: 000000c6 0000c6 smb_io_unistr description 00c6 unistr: \.\.b.d.-.s.1.\.C.l.u.s.t.e.r.1.,.,... 0008 offset: 000000a4 0000a4 smb_io_unistr name 00a4 unistr: \.\.b.d.-.s.1.\.C.l.u.s.t.e.r.1... 000c offset: 000000a2 0000a2 smb_io_unistr comment 00a2 unistr: .. 000010 smb_io_printer_info_1 0010 flags: 00800000 0014 offset: 00000034 000044 smb_io_unistr description 0044 unistr: \.\.b.d.-.s.1.\.p.r.i.n.t.e.r.1.,.H.P. .C.o.l.o.r. .L.a.s.e.r.J.e.t. .4.7.0.0. .P.C.L. .6.,... 0018 offset: 00000012 000022 smb_io_unistr name 0022 unistr: \.\.b.d.-.s.1.\.p.r.i.n.t.e.r.1... 001c offset: 00000010 000020 smb_io_unistr comment 0020 unistr: .. flags:[0x800000] name:[\\bd-s1\Cluster1] description:[\\bd-s1\Cluster1,,] comment:[] flags:[0x800000] name:[\\bd-s1\printer1] description:[\\bd-s1\printer1,HP Color LaserJet 4700 PCL 6,] comment:[] write_socket(7,45) write_socket(7,45) wrote 45 got smb length of 35 size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=16 smt_wct=0 smb_bcc=0 write_socket(7,39) write_socket(7,39) wrote 39 got smb length of 35 size=35 smb_com=0x71 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=4509 smb_uid=101 smb_mid=17 smt_wct=0 smb_bcc=0