INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 added interface ip=10.0.0.15 bcast=10.0.0.255 nmask=255.255.255.0 Netbios name list:- my_netbios_names[0]="PRINTBOY" Connecting to host=Printboy share=IPC$ internal_resolve_name: looking up Printboy#20 Opening cache file at /var/cache/samba/gencache.tdb Returning valid cache entry: key = NBT/PRINTBOY#20, value = 10.0.0.15:0, timeout = Sat Aug 16 08:19:17 2003 name Printboy#20 found. Connecting to 10.0.0.15 at port 445 socket option SO_KEEPALIVE = 0 socket option SO_REUSEADDR = 0 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 1 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 16384 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 write_socket(4,183) write_socket(4,183) wrote 183 got smb length of 127 size=127 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=6491 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 7 (0x7) smb_vwv[ 1]=12803 (0x3203) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=23552 (0x5C00) smb_vwv[ 8]= 25 (0x19) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 227 (0xE3) smb_vwv[11]=32896 (0x8080) smb_vwv[12]=28477 (0x6F3D) smb_vwv[13]=35505 (0x8AB1) smb_vwv[14]=50019 (0xC363) smb_vwv[15]= 8193 (0x2001) smb_vwv[16]=15102 (0x3AFE) smb_bcc=58 [000] 70 72 69 6E 74 62 6F 79 00 00 00 00 00 00 00 00 printboy ........ [010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0... [020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7..... [030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE size=127 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=6491 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 7 (0x7) smb_vwv[ 1]=12803 (0x3203) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=23552 (0x5C00) smb_vwv[ 8]= 25 (0x19) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 227 (0xE3) smb_vwv[11]=32896 (0x8080) smb_vwv[12]=28477 (0x6F3D) smb_vwv[13]=35505 (0x8AB1) smb_vwv[14]=50019 (0xC363) smb_vwv[15]= 8193 (0x2001) smb_vwv[16]=15102 (0x3AFE) smb_bcc=58 [000] 70 72 69 6E 74 62 6F 79 00 00 00 00 00 00 00 00 printboy ........ [010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... ....0... [020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7..... [030] 30 08 A0 06 1B 04 4E 4F 4E 45 0.....NO NE Serverzone is -28800 Doing spnego session setup (blob length=58) got OID=1 3 6 1 4 1 311 2 2 10 got principal=NONE write_socket(4,168) write_socket(4,168) wrote 168 got smb length of 252 size=252 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=6491 smb_uid=0 smb_mid=1 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 145 (0x91) smb_bcc=209 [000] A1 81 8E 30 81 8B A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+ [010] 06 01 04 01 82 37 02 02 0A A2 76 04 74 4E 54 4C .....7.. ..v.tNTL [020] 4D 53 53 50 00 02 00 00 00 10 00 10 00 30 00 00 MSSP.... .....0.. [030] 00 05 02 83 20 04 4C 4E 3E 2E 4F 05 FF 00 00 00 .... .LN >.O..... [040] 00 00 00 00 00 34 00 34 00 40 00 00 00 50 00 52 .....4.4 .@...P.R [050] 00 49 00 4E 00 54 00 42 00 4F 00 59 00 02 00 10 .I.N.T.B .O.Y.... [060] 00 50 00 52 00 49 00 4E 00 54 00 42 00 4F 00 59 .P.R.I.N .T.B.O.Y [070] 00 01 00 10 00 50 00 52 00 49 00 4E 00 54 00 42 .....P.R .I.N.T.B [080] 00 4F 00 59 00 04 00 00 00 03 00 00 00 00 00 00 .O.Y.... ........ [090] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m [0A0] 00 62 00 61 00 20 00 33 00 2E 00 30 00 2E 00 30 .b.a. .3 ...0...0 [0B0] 00 62 00 65 00 74 00 61 00 33 00 00 00 57 00 4F .b.e.t.a .3...W.O [0C0] 00 52 00 4B 00 47 00 52 00 4F 00 55 00 50 00 00 .R.K.G.R .O.U.P.. [0D0] 00 . size=252 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=6491 smb_uid=0 smb_mid=1 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 145 (0x91) smb_bcc=209 [000] A1 81 8E 30 81 8B A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+ [010] 06 01 04 01 82 37 02 02 0A A2 76 04 74 4E 54 4C .....7.. ..v.tNTL [020] 4D 53 53 50 00 02 00 00 00 10 00 10 00 30 00 00 MSSP.... .....0.. [030] 00 05 02 83 20 04 4C 4E 3E 2E 4F 05 FF 00 00 00 .... .LN >.O..... [040] 00 00 00 00 00 34 00 34 00 40 00 00 00 50 00 52 .....4.4 .@...P.R [050] 00 49 00 4E 00 54 00 42 00 4F 00 59 00 02 00 10 .I.N.T.B .O.Y.... [060] 00 50 00 52 00 49 00 4E 00 54 00 42 00 4F 00 59 .P.R.I.N .T.B.O.Y [070] 00 01 00 10 00 50 00 52 00 49 00 4E 00 54 00 42 .....P.R .I.N.T.B [080] 00 4F 00 59 00 04 00 00 00 03 00 00 00 00 00 00 .O.Y.... ........ [090] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m [0A0] 00 62 00 61 00 20 00 33 00 2E 00 30 00 2E 00 30 .b.a. .3 ...0...0 [0B0] 00 62 00 65 00 74 00 61 00 33 00 00 00 57 00 4F .b.e.t.a .3...W.O [0C0] 00 52 00 4B 00 47 00 52 00 4F 00 55 00 50 00 00 .R.K.G.R .O.U.P.. [0D0] 00 . Got challenge flags: Got NTLMSSP neg_flags=0x20830205 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x20000205 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_128 write_socket(4,252) write_socket(4,252) wrote 252 got smb length of 116 size=116 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 9 (0x9) smb_bcc=73 [000] A1 07 30 05 A0 03 0A 01 00 55 00 6E 00 69 00 78 ..0..... .U.n.i.x [010] 00 00 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 ...S.a.m .b.a. .3 [020] 00 2E 00 30 00 2E 00 30 00 62 00 65 00 74 00 61 ...0...0 .b.e.t.a [030] 00 33 00 00 00 57 00 4F 00 52 00 4B 00 47 00 52 .3...W.O .R.K.G.R [040] 00 4F 00 55 00 50 00 00 00 .O.U.P.. . size=116 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 9 (0x9) smb_bcc=73 [000] A1 07 30 05 A0 03 0A 01 00 55 00 6E 00 69 00 78 ..0..... .U.n.i.x [010] 00 00 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 ...S.a.m .b.a. .3 [020] 00 2E 00 30 00 2E 00 30 00 62 00 65 00 74 00 61 ...0...0 .b.e.t.a [030] 00 33 00 00 00 57 00 4F 00 52 00 4B 00 47 00 52 .3...W.O .R.K.G.R [040] 00 4F 00 55 00 50 00 00 00 .O.U.P.. . write_socket(4,84) write_socket(4,84) wrote 84 got smb length of 48 size=48 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=3 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 1 (0x1) smb_bcc=7 [000] 49 50 43 00 00 00 00 IPC.... cli_init_creds: user root domain WORKGROUP write_socket(4,104) write_socket(4,104) wrote 104 got smb length of 103 size=103 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=34 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 6912 (0x1B00) smb_vwv[ 3]= 375 (0x177) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 0 (0x0) smb_vwv[21]=32768 (0x8000) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_vwv[24]= 0 (0x0) smb_vwv[25]= 0 (0x0) smb_vwv[26]= 0 (0x0) smb_vwv[27]= 0 (0x0) smb_vwv[28]= 0 (0x0) smb_vwv[29]= 0 (0x0) smb_vwv[30]= 0 (0x0) smb_vwv[31]= 512 (0x200) smb_vwv[32]=65280 (0xFF00) smb_vwv[33]= 5 (0x5) smb_bcc=0 Bind RPC Pipe[771b]: \PIPE\lsarpc Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg.. [010] 00 00 00 00 .... Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [010] 02 00 00 00 .... 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000001 000010 smb_io_rpc_hdr_rb 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 1630 0012 max_rsize: 1630 0014 assoc_gid: 00000000 0018 num_elements: 00000001 001c context_id : 0000 001e num_syntaxes: 01 00001f smb_io_rpc_iface 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 01 23 45 67 89 ab 0030 version: 00000000 000034 smb_io_rpc_iface 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 08 00 2b 10 48 60 0044 version: 00000002 rpc_api_pipe: fnum:771b size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 72 (0x48) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 72 (0x48) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30491 (0x771B) smb_bcc=87 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 00 30 .......H .......0 [020] 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 78 .0...... .......x [030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 00 W4.4.... ..#Eg... [040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+ [050] 10 48 60 02 00 00 00 .H`.... write_socket(4,158) write_socket(4,158) wrote 158 got smb length of 124 size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D...... [010] 00 30 16 30 16 F0 53 00 00 0C 00 5C 50 49 50 45 .0.0..S. ...\PIPE [020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 ........ .D...... [010] 00 30 16 30 16 F0 53 00 00 0C 00 5C 50 49 50 45 .0.0..S. ...\PIPE [020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... rpc_check_hdr: rdata->data_size = 68 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 rpc_api_pipe: len left: 0 smbtrans read: 68 rpc_api_pipe: fragment first and last both set rpc_pipe_bind: rpc_api_pipe returned OK. 000010 smb_io_rpc_hdr_ba 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 1630 0012 max_rsize: 1630 0014 assoc_gid: 000053f0 000018 smb_io_rpc_addr_str 0018 len: 000c 001a str: \PIPE\lsass. 000026 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 000030 smb_io_rpc_iface 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 08 00 2b 10 48 60 0040 version: 00000002 bind_rpc_pipe: server pipe_name found: \PIPE\lsass bind_rpc_pipe: accepted! init_lsa_sec_qos init_open_pol: attr:0 da:33554432 init_lsa_obj_attr 000000 lsa_io_q_open_pol 0000 ptr : 00000001 0004 system_name: 005c 000008 lsa_io_obj_attr 0008 len : 00000018 000c ptr_root_dir: 00000000 0010 ptr_obj_name: 00000000 0014 attributes : 00000000 0018 ptr_sec_desc: 00000000 001c ptr_sec_qos : 00000001 000020 lsa_io_obj_qos sec_qos 0020 len : 0000000c 0024 sec_imp_level : 0002 0026 sec_ctxt_mode : 01 0027 effective_only: 00 lsa_io_sec_qos: length c does not match size 8 0028 des_access: 02000000 create_rpc_request: opnum: 0x6 data_len: 0x44 create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000002 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000034 0014 context_id: 0000 0016 opnum : 0006 rpc_api_pipe: fnum:771b size=150 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 68 (0x44) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30491 (0x771B) smb_bcc=83 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 44 00 00 00 02 00 00 00 34 .......D .......4 [020] 00 00 00 00 00 06 00 01 00 00 00 5C 00 00 00 18 ........ ...\.... [030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [040] 00 00 00 01 00 00 00 0C 00 00 00 02 00 01 00 00 ........ ........ [050] 00 00 02 ... write_socket(4,154) write_socket(4,154) wrote 154 got smb length of 104 size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ........ ........ [020] 00 00 00 00 00 47 76 3D 3F 5C 19 00 00 00 00 00 .....Gv= ?\...... [030] 00 . size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 01 00 00 ........ ........ [020] 00 00 00 00 00 47 76 3D 3F 5C 19 00 00 00 00 00 .....Gv= ?\...... [030] 00 . rpc_check_hdr: rdata->data_size = 48 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000002 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 48 rpc_api_pipe: fragment first and last both set 000018 lsa_io_r_open_pol 000018 smb_io_pol_hnd 0018 data1: 00000000 001c data2: 00000001 0020 data3: 0000 0022 data4: 0000 0024 data5: 47 76 3d 3f 5c 19 00 00 002c status: NT_STATUS_OK init_q_query 000000 lsa_io_q_query 000000 smb_io_pol_hnd 0000 data1: 00000000 0004 data2: 00000001 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 0014 info_class: 0005 create_rpc_request: opnum: 0x7 data_len: 0x2e create_rpc_request: data_len: 2e auth_len: 0 alloc_hint: 1e 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 00000003 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000001e 0014 context_id: 0000 0016 opnum : 0007 rpc_api_pipe: fnum:771b size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 46 (0x2E) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 46 (0x2E) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30491 (0x771B) smb_bcc=61 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 2E 00 00 00 03 00 00 00 1E ........ ........ [020] 00 00 00 00 00 07 00 00 00 00 00 01 00 00 00 00 ........ ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 05 00 ...Gv=?\ ..... write_socket(4,132) write_socket(4,132) wrote 132 got smb length of 160 size=160 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 104 (0x68) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 104 (0x68) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=105 [000] 00 05 00 02 03 10 00 00 00 68 00 00 00 03 00 00 ........ .h...... [010] 00 50 00 00 00 00 00 00 00 00 00 00 22 05 00 00 .P...... ...."... [020] 00 10 00 12 00 01 00 00 00 01 00 00 00 09 00 00 ........ ........ [030] 00 00 00 00 00 08 00 00 00 50 00 52 00 49 00 4E ........ .P.R.I.N [040] 00 54 00 42 00 4F 00 59 00 04 00 00 00 01 04 00 .T.B.O.Y ........ [050] 00 00 00 00 05 15 00 00 00 AB 3F B4 F5 28 63 A9 ........ ..?..(c. [060] 4E 15 10 CB 06 00 00 00 00 N....... . size=160 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 104 (0x68) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 104 (0x68) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=105 [000] 00 05 00 02 03 10 00 00 00 68 00 00 00 03 00 00 ........ .h...... [010] 00 50 00 00 00 00 00 00 00 00 00 00 22 05 00 00 .P...... ...."... [020] 00 10 00 12 00 01 00 00 00 01 00 00 00 09 00 00 ........ ........ [030] 00 00 00 00 00 08 00 00 00 50 00 52 00 49 00 4E ........ .P.R.I.N [040] 00 54 00 42 00 4F 00 59 00 04 00 00 00 01 04 00 .T.B.O.Y ........ [050] 00 00 00 00 05 15 00 00 00 AB 3F B4 F5 28 63 A9 ........ ..?..(c. [060] 4E 15 10 CB 06 00 00 00 00 N....... . rpc_check_hdr: rdata->data_size = 104 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0068 000a auth_len : 0000 000c call_id : 00000003 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000050 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 104 rpc_api_pipe: fragment first and last both set 000018 lsa_io_r_query 0018 undoc_buffer: 22000000 001c info_class: 0005 000020 lsa_io_dom_query 0020 uni_dom_max_len: 0010 0022 uni_dom_str_len: 0012 0024 buffer_dom_name: 00000001 0028 buffer_dom_sid : 00000001 00002c smb_io_unistr2 unistr2 002c uni_max_len: 00000009 0030 undoc : 00000000 0034 uni_str_len: 00000008 0038 buffer : P.R.I.N.T.B.O.Y. 000048 smb_io_dom_sid2 0048 num_auths: 00000004 00004c smb_io_dom_sid sid 004c sid_rev_num: 01 004d num_auths : 04 004e id_auth[0] : 00 004f id_auth[1] : 00 0050 id_auth[2] : 00 0051 id_auth[3] : 00 0052 id_auth[4] : 00 0053 id_auth[5] : 05 0054 sub_auths : 00000015 f5b43fab 4ea96328 06cb1015 0064 status: NT_STATUS_OK init_lsa_q_close 000000 lsa_io_q_close 000000 smb_io_pol_hnd 0000 data1: 00000000 0004 data2: 00000001 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 create_rpc_request: opnum: 0x0 data_len: 0x2c create_rpc_request: data_len: 2c auth_len: 0 alloc_hint: 1c 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000004 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000001c 0014 context_id: 0000 0016 opnum : 0000 rpc_api_pipe: fnum:771b size=126 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30491 (0x771B) smb_bcc=59 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 2C 00 00 00 04 00 00 00 1C ......., ........ [020] 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 ........ ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 ...Gv=?\ ... write_socket(4,130) write_socket(4,130) wrote 130 got smb length of 104 size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [030] 00 . size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [030] 00 . rpc_check_hdr: rdata->data_size = 48 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000004 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 48 rpc_api_pipe: fragment first and last both set 000018 lsa_io_r_close 000018 smb_io_pol_hnd 0018 data1: 00000000 001c data2: 00000000 0020 data3: 0000 0022 data4: 0000 0024 data5: 00 00 00 00 00 00 00 00 002c status: NT_STATUS_OK write_socket(4,45) write_socket(4,45) wrote 45 got smb length of 35 size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=0 smb_bcc=0 write_socket(4,106) write_socket(4,106) wrote 106 got smb length of 103 size=103 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=34 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 7168 (0x1C00) smb_vwv[ 3]= 375 (0x177) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 0 (0x0) smb_vwv[21]=32768 (0x8000) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_vwv[24]= 0 (0x0) smb_vwv[25]= 0 (0x0) smb_vwv[26]= 0 (0x0) smb_vwv[27]= 0 (0x0) smb_vwv[28]= 0 (0x0) smb_vwv[29]= 0 (0x0) smb_vwv[30]= 0 (0x0) smb_vwv[31]= 512 (0x200) smb_vwv[32]=65280 (0xFF00) smb_vwv[33]= 5 (0x5) smb_bcc=0 Bind RPC Pipe[771c]: \PIPE\spoolss Bind Abstract Syntax: [000] 78 56 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xV4.4... ...#Eg.. [010] 01 00 00 00 .... Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [010] 02 00 00 00 .... 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000005 000010 smb_io_rpc_hdr_rb 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 1630 0012 max_rsize: 1630 0014 assoc_gid: 00000000 0018 num_elements: 00000001 001c context_id : 0000 001e num_syntaxes: 01 00001f smb_io_rpc_iface 0020 data : 12345678 0024 data : 1234 0026 data : abcd 0028 data : ef 00 01 23 45 67 89 ab 0030 version: 00000001 000034 smb_io_rpc_iface 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 08 00 2b 10 48 60 0044 version: 00000002 rpc_api_pipe: fnum:771c size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 72 (0x48) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 72 (0x48) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=87 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 0B 03 10 00 00 00 48 00 00 00 05 00 00 00 30 .......H .......0 [020] 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 78 .0...... .......x [030] 56 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 01 V4.4.... ..#Eg... [040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+ [050] 10 48 60 02 00 00 00 .H`.... write_socket(4,158) write_socket(4,158) wrote 158 got smb length of 124 size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D...... [010] 00 30 16 30 16 F0 53 00 00 0E 00 5C 50 49 50 45 .0.0..S. ...\PIPE [020] 5C 73 70 6F 6F 6C 73 73 00 01 00 00 00 00 00 00 \spoolss ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [000] 00 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 ........ .D...... [010] 00 30 16 30 16 F0 53 00 00 0E 00 5C 50 49 50 45 .0.0..S. ...\PIPE [020] 5C 73 70 6F 6F 6C 73 73 00 01 00 00 00 00 00 00 \spoolss ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... rpc_check_hdr: rdata->data_size = 68 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000005 rpc_api_pipe: len left: 0 smbtrans read: 68 rpc_api_pipe: fragment first and last both set rpc_pipe_bind: rpc_api_pipe returned OK. 000010 smb_io_rpc_hdr_ba 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 1630 0012 max_rsize: 1630 0014 assoc_gid: 000053f0 000018 smb_io_rpc_addr_str 0018 len: 000e 001a str: \PIPE\spoolss. 000028 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 000030 smb_io_rpc_iface 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 08 00 2b 10 48 60 0040 version: 00000002 bind_rpc_pipe: server pipe_name found: \PIPE\lsass bind_rpc_pipe: accepted! make_spoolss_q_open_printer_ex 000000 spoolss_io_q_open_printer_ex 0000 printername_ptr: 00000001 000004 smb_io_unistr2 0004 uni_max_len: 00000006 0008 undoc : 00000000 000c uni_str_len: 00000006 0010 buffer : C.a.n.o.n... 00001c spoolss_io_printer_default 001c datatype_ptr: 00000000 000020 smb_io_unistr2 - NULL datatype 000020 spoolss_io_devmode_cont 0020 size: 00000000 0024 devmode_ptr: 00000000 0028 access_required: 00000008 002c user_switch: 00000001 000030 spool_io_user_level 0030 level: 00000001 0034 ptr: 00000001 000038 0038 size: 00000018 003c client_name_ptr: 00000001 0040 user_name_ptr: 00000001 0044 build: 00000565 0048 major: 00000002 004c minor: 00000000 0050 processor: 00000000 000054 smb_io_unistr2 0054 uni_max_len: 0000000b 0058 undoc : 00000000 005c uni_str_len: 0000000b 0060 buffer : \.\.P.R.I.N.T.B.O.Y... 000078 smb_io_unistr2 0078 uni_max_len: 00000005 007c undoc : 00000000 0080 uni_str_len: 00000005 0084 buffer : r.o.o.t... create_rpc_request: opnum: 0x45 data_len: 0xa6 create_rpc_request: data_len: a6 auth_len: 0 alloc_hint: 96 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00a6 000a auth_len : 0000 000c call_id : 00000006 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000096 0014 context_id: 0000 0016 opnum : 0045 rpc_api_pipe: fnum:771c size=248 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 166 (0xA6) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 166 (0xA6) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=181 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 A6 00 00 00 06 00 00 00 96 ........ ........ [020] 00 00 00 00 00 45 00 01 00 00 00 06 00 00 00 00 .....E.. ........ [030] 00 00 00 06 00 00 00 43 00 61 00 6E 00 6F 00 6E .......C .a.n.o.n [040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 ........ ........ [050] 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 18 ........ ........ [060] 00 00 00 01 00 00 00 01 00 00 00 65 05 00 00 02 ........ ...e.... [070] 00 00 00 00 00 00 00 00 00 00 00 0B 00 00 00 00 ........ ........ [080] 00 00 00 0B 00 00 00 5C 00 5C 00 50 00 52 00 49 .......\ .\.P.R.I [090] 00 4E 00 54 00 42 00 4F 00 59 00 00 00 00 00 05 .N.T.B.O .Y...... [0A0] 00 00 00 00 00 00 00 05 00 00 00 72 00 6F 00 6F ........ ...r.o.o [0B0] 00 74 00 00 00 .t... write_socket(4,252) write_socket(4,252) wrote 252 got smb length of 104 size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 06 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 02 00 00 ........ ........ [020] 00 00 00 00 00 47 76 3D 3F 5C 19 00 00 00 00 00 .....Gv= ?\...... [030] 00 . size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 06 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 02 00 00 ........ ........ [020] 00 00 00 00 00 47 76 3D 3F 5C 19 00 00 00 00 00 .....Gv= ?\...... [030] 00 . rpc_check_hdr: rdata->data_size = 48 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000006 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 48 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_open_printer_ex 000018 smb_io_pol_hnd printer handle 0018 data1: 00000000 001c data2: 00000002 0020 data3: 0000 0022 data4: 0000 0024 data5: 47 76 3d 3f 5c 19 00 00 002c status code: WERR_OK 000000 spoolss_io_q_getprinterdriver2 000000 smb_io_pol_hnd printer handle 0000 data1: 00000000 0004 data2: 00000002 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 0014 architecture_ptr: 00000001 000018 smb_io_unistr2 architecture 0018 uni_max_len: 0000000c 001c undoc : 00000000 0020 uni_str_len: 0000000c 0024 buffer : W.i.n.d.o.w.s. .4...0... 003c level: 00000003 000040 spoolss_io_buffer 0040 ptr: 00000000 0044 offered: 00000000 0048 clientmajorversion: 00000002 004c clientminorversion: 00000002 create_rpc_request: opnum: 0x35 data_len: 0x68 create_rpc_request: data_len: 68 auth_len: 0 alloc_hint: 58 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0068 000a auth_len : 0000 000c call_id : 00000007 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000058 0014 context_id: 0000 0016 opnum : 0035 rpc_api_pipe: fnum:771c size=186 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 104 (0x68) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 104 (0x68) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=119 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 68 00 00 00 07 00 00 00 58 .......h .......X [020] 00 00 00 00 00 35 00 00 00 00 00 02 00 00 00 00 .....5.. ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 01 00 00 00 0C ...Gv=?\ ........ [040] 00 00 00 00 00 00 00 0C 00 00 00 57 00 69 00 6E ........ ...W.i.n [050] 00 64 00 6F 00 77 00 73 00 20 00 34 00 2E 00 30 .d.o.w.s . .4...0 [060] 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 02 ........ ........ [070] 00 00 00 02 00 00 00 ....... write_socket(4,190) write_socket(4,190) wrote 190 got smb length of 100 size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 07 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 07 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... rpc_check_hdr: rdata->data_size = 44 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000007 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000014 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 44 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_getprinterdriver2 000018 spoolss_io_buffer 0018 ptr: 00000000 001c needed: 00000000 0020 servermajorversion: 00000000 0024 serverminorversion: 00000000 0028 status: WERR_UNKNOWN_PRINTER_DRIVER 000000 spoolss_io_q_getprinterdriver2 000000 smb_io_pol_hnd printer handle 0000 data1: 00000000 0004 data2: 00000002 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 0014 architecture_ptr: 00000001 000018 smb_io_unistr2 architecture 0018 uni_max_len: 0000000f 001c undoc : 00000000 0020 uni_str_len: 0000000f 0024 buffer : W.i.n.d.o.w.s. .N.T. .x.8.6... 0044 level: 00000003 000048 spoolss_io_buffer 0048 ptr: 00000000 004c offered: 00000000 0050 clientmajorversion: 00000002 0054 clientminorversion: 00000002 create_rpc_request: opnum: 0x35 data_len: 0x70 create_rpc_request: data_len: 70 auth_len: 0 alloc_hint: 60 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0070 000a auth_len : 0000 000c call_id : 00000008 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000060 0014 context_id: 0000 0016 opnum : 0035 rpc_api_pipe: fnum:771c size=194 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 112 (0x70) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 112 (0x70) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=127 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 70 00 00 00 08 00 00 00 60 .......p .......` [020] 00 00 00 00 00 35 00 00 00 00 00 02 00 00 00 00 .....5.. ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 01 00 00 00 0F ...Gv=?\ ........ [040] 00 00 00 00 00 00 00 0F 00 00 00 57 00 69 00 6E ........ ...W.i.n [050] 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 20 .d.o.w.s . .N.T. [060] 00 78 00 38 00 36 00 00 00 00 00 03 00 00 00 00 .x.8.6.. ........ [070] 00 00 00 00 00 00 00 02 00 00 00 02 00 00 00 ........ ....... write_socket(4,198) write_socket(4,198) wrote 198 got smb length of 100 size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 08 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 8E 01 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 7A 00 00 00 ........ .z... size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 08 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 8E 01 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 7A 00 00 00 ........ .z... rpc_check_hdr: rdata->data_size = 44 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000008 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000014 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 44 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_getprinterdriver2 000018 spoolss_io_buffer 0018 ptr: 00000000 001c needed: 0000018e 0020 servermajorversion: 00000000 0024 serverminorversion: 00000000 0028 status: WERR_INSUFFICIENT_BUFFER 000000 spoolss_io_q_getprinterdriver2 000000 smb_io_pol_hnd printer handle 0000 data1: 00000000 0004 data2: 00000002 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 0014 architecture_ptr: 00000001 000018 smb_io_unistr2 architecture 0018 uni_max_len: 0000000f 001c undoc : 00000000 0020 uni_str_len: 0000000f 0024 buffer : W.i.n.d.o.w.s. .N.T. .x.8.6... 0044 level: 00000003 000048 spoolss_io_buffer 0048 ptr: 00000001 004c size: 0000018e 01e0 offered: 0000018e 01e4 clientmajorversion: 00000002 01e8 clientminorversion: 00000002 create_rpc_request: opnum: 0x35 data_len: 0x204 create_rpc_request: data_len: 204 auth_len: 0 alloc_hint: 1f4 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0204 000a auth_len : 0000 000c call_id : 00000009 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 000001f4 0014 context_id: 0000 0016 opnum : 0035 rpc_api_pipe: fnum:771c size=598 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 516 (0x204) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 516 (0x204) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=531 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 04 02 00 00 09 00 00 00 F4 ........ ........ [020] 01 00 00 00 00 35 00 00 00 00 00 02 00 00 00 00 .....5.. ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 01 00 00 00 0F ...Gv=?\ ........ [040] 00 00 00 00 00 00 00 0F 00 00 00 57 00 69 00 6E ........ ...W.i.n [050] 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 20 .d.o.w.s . .N.T. [060] 00 78 00 38 00 36 00 00 00 00 00 03 00 00 00 01 .x.8.6.. ........ [070] 00 00 00 8E 01 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [100] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [140] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [150] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [160] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [170] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [190] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ write_socket(4,602) write_socket(4,602) wrote 602 got smb length of 504 size=504 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 448 (0x1C0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 448 (0x1C0) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=449 [000] 00 05 00 02 03 10 00 00 00 C0 01 00 00 09 00 00 ........ ........ [010] 00 A8 01 00 00 00 00 00 00 01 00 00 00 8E 01 00 ........ ........ [020] 00 02 00 00 00 82 01 00 00 64 01 00 00 14 01 00 ........ .d...... [030] 00 CA 00 00 00 7E 00 00 00 36 00 00 00 34 00 00 .....~.. .6...4.. [040] 00 32 00 00 00 2A 00 00 00 00 00 52 00 41 00 57 .2...*.. ...R.A.W [050] 00 00 00 00 00 00 00 5C 00 5C 00 70 00 72 00 69 .......\ .\.p.r.i [060] 00 6E 00 74 00 62 00 6F 00 79 00 5C 00 70 00 72 .n.t.b.o .y.\.p.r [070] 00 69 00 6E 00 74 00 24 00 5C 00 57 00 33 00 32 .i.n.t.$ .\.W.3.2 [080] 00 58 00 38 00 36 00 5C 00 32 00 5C 00 63 00 75 .X.8.6.\ .2.\.c.u [090] 00 70 00 73 00 2E 00 68 00 6C 00 70 00 00 00 5C .p.s...h .l.p...\ [0A0] 00 5C 00 70 00 72 00 69 00 6E 00 74 00 62 00 6F .\.p.r.i .n.t.b.o [0B0] 00 79 00 5C 00 70 00 72 00 69 00 6E 00 74 00 24 .y.\.p.r .i.n.t.$ [0C0] 00 5C 00 57 00 33 00 32 00 58 00 38 00 36 00 5C .\.W.3.2 .X.8.6.\ [0D0] 00 32 00 5C 00 63 00 75 00 70 00 73 00 75 00 69 .2.\.c.u .p.s.u.i [0E0] 00 2E 00 64 00 6C 00 6C 00 00 00 5C 00 5C 00 70 ...d.l.l ...\.\.p [0F0] 00 72 00 69 00 6E 00 74 00 62 00 6F 00 79 00 5C .r.i.n.t .b.o.y.\ [100] 00 70 00 72 00 69 00 6E 00 74 00 24 00 5C 00 57 .p.r.i.n .t.$.\.W [110] 00 33 00 32 00 58 00 38 00 36 00 5C 00 32 00 5C .3.2.X.8 .6.\.2.\ [120] 00 43 00 61 00 6E 00 6F 00 6E 00 2E 00 70 00 70 .C.a.n.o .n...p.p [130] 00 64 00 00 00 5C 00 5C 00 70 00 72 00 69 00 6E .d...\.\ .p.r.i.n [140] 00 74 00 62 00 6F 00 79 00 5C 00 70 00 72 00 69 .t.b.o.y .\.p.r.i [150] 00 6E 00 74 00 24 00 5C 00 57 00 33 00 32 00 58 .n.t.$.\ .W.3.2.X [160] 00 38 00 36 00 5C 00 32 00 5C 00 63 00 75 00 70 .8.6.\.2 .\.c.u.p [170] 00 73 00 64 00 72 00 76 00 72 00 2E 00 64 00 6C .s.d.r.v .r...d.l [180] 00 6C 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 .l...W.i .n.d.o.w [190] 00 73 00 20 00 4E 00 54 00 20 00 78 00 38 00 36 .s. .N.T . .x.8.6 [1A0] 00 00 00 43 00 61 00 6E 00 6F 00 6E 00 00 00 00 ...C.a.n .o.n.... [1B0] 00 8E 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1C0] 00 . size=504 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 448 (0x1C0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 448 (0x1C0) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=449 [000] 00 05 00 02 03 10 00 00 00 C0 01 00 00 09 00 00 ........ ........ [010] 00 A8 01 00 00 00 00 00 00 01 00 00 00 8E 01 00 ........ ........ [020] 00 02 00 00 00 82 01 00 00 64 01 00 00 14 01 00 ........ .d...... [030] 00 CA 00 00 00 7E 00 00 00 36 00 00 00 34 00 00 .....~.. .6...4.. [040] 00 32 00 00 00 2A 00 00 00 00 00 52 00 41 00 57 .2...*.. ...R.A.W [050] 00 00 00 00 00 00 00 5C 00 5C 00 70 00 72 00 69 .......\ .\.p.r.i [060] 00 6E 00 74 00 62 00 6F 00 79 00 5C 00 70 00 72 .n.t.b.o .y.\.p.r [070] 00 69 00 6E 00 74 00 24 00 5C 00 57 00 33 00 32 .i.n.t.$ .\.W.3.2 [080] 00 58 00 38 00 36 00 5C 00 32 00 5C 00 63 00 75 .X.8.6.\ .2.\.c.u [090] 00 70 00 73 00 2E 00 68 00 6C 00 70 00 00 00 5C .p.s...h .l.p...\ [0A0] 00 5C 00 70 00 72 00 69 00 6E 00 74 00 62 00 6F .\.p.r.i .n.t.b.o [0B0] 00 79 00 5C 00 70 00 72 00 69 00 6E 00 74 00 24 .y.\.p.r .i.n.t.$ [0C0] 00 5C 00 57 00 33 00 32 00 58 00 38 00 36 00 5C .\.W.3.2 .X.8.6.\ [0D0] 00 32 00 5C 00 63 00 75 00 70 00 73 00 75 00 69 .2.\.c.u .p.s.u.i [0E0] 00 2E 00 64 00 6C 00 6C 00 00 00 5C 00 5C 00 70 ...d.l.l ...\.\.p [0F0] 00 72 00 69 00 6E 00 74 00 62 00 6F 00 79 00 5C .r.i.n.t .b.o.y.\ [100] 00 70 00 72 00 69 00 6E 00 74 00 24 00 5C 00 57 .p.r.i.n .t.$.\.W [110] 00 33 00 32 00 58 00 38 00 36 00 5C 00 32 00 5C .3.2.X.8 .6.\.2.\ [120] 00 43 00 61 00 6E 00 6F 00 6E 00 2E 00 70 00 70 .C.a.n.o .n...p.p [130] 00 64 00 00 00 5C 00 5C 00 70 00 72 00 69 00 6E .d...\.\ .p.r.i.n [140] 00 74 00 62 00 6F 00 79 00 5C 00 70 00 72 00 69 .t.b.o.y .\.p.r.i [150] 00 6E 00 74 00 24 00 5C 00 57 00 33 00 32 00 58 .n.t.$.\ .W.3.2.X [160] 00 38 00 36 00 5C 00 32 00 5C 00 63 00 75 00 70 .8.6.\.2 .\.c.u.p [170] 00 73 00 64 00 72 00 76 00 72 00 2E 00 64 00 6C .s.d.r.v .r...d.l [180] 00 6C 00 00 00 57 00 69 00 6E 00 64 00 6F 00 77 .l...W.i .n.d.o.w [190] 00 73 00 20 00 4E 00 54 00 20 00 78 00 38 00 36 .s. .N.T . .x.8.6 [1A0] 00 00 00 43 00 61 00 6E 00 6F 00 6E 00 00 00 00 ...C.a.n .o.n.... [1B0] 00 8E 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1C0] 00 . rpc_check_hdr: rdata->data_size = 448 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 01c0 000a auth_len : 0000 000c call_id : 00000009 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 000001a8 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 448 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_getprinterdriver2 000018 spoolss_io_buffer 0018 ptr: 00000001 001c size: 0000018e 01b0 needed: 0000018e 01b4 servermajorversion: 00000000 01b8 serverminorversion: 00000000 01bc status: WERR_OK 000000 smb_io_printer_driver_info_3 0000 version: 00000002 0004 offset: 00000182 000182 smb_io_unistr name 0182 unistr: C.a.n.o.n... 0008 offset: 00000164 000164 smb_io_unistr architecture 0164 unistr: W.i.n.d.o.w.s. .N.T. .x.8.6... 000c offset: 00000114 000114 smb_io_unistr driverpath 0114 unistr: \.\.p.r.i.n.t.b.o.y.\.p.r.i.n.t.$.\.W.3.2.X.8.6.\.2.\.c.u.p.s.d.r.v.r...d.l.l... 0010 offset: 000000ca 0000ca smb_io_unistr datafile 00ca unistr: \.\.p.r.i.n.t.b.o.y.\.p.r.i.n.t.$.\.W.3.2.X.8.6.\.2.\.C.a.n.o.n...p.p.d... 0014 offset: 0000007e 00007e smb_io_unistr configfile 007e unistr: \.\.p.r.i.n.t.b.o.y.\.p.r.i.n.t.$.\.W.3.2.X.8.6.\.2.\.c.u.p.s.u.i...d.l.l... 0018 offset: 00000036 000036 smb_io_unistr helpfile 0036 unistr: \.\.p.r.i.n.t.b.o.y.\.p.r.i.n.t.$.\.W.3.2.X.8.6.\.2.\.c.u.p.s...h.l.p... 001c offset: 00000034 000034 smb_io_unistr dependentfiles 0034 unistr: 0020 offset: 00000032 000032 smb_io_unistr monitorname 0032 unistr: 0024 offset: 0000002a 00002a smb_io_unistr defaultdatatype 002a unistr: R.A.W... [Windows NT x86] Printer Driver Info 3: Version: [2] Driver Name: [Canon] Architecture: [Windows NT x86] Driver Path: [\\printboy\print$\W32X86\2\cupsdrvr.dll] Datafile: [\\printboy\print$\W32X86\2\Canon.ppd] Configfile: [\\printboy\print$\W32X86\2\cupsui.dll] Helpfile: [\\printboy\print$\W32X86\2\cups.hlp] Monitorname: [] Defaultdatatype: [RAW] 000000 spoolss_io_q_getprinterdriver2 000000 smb_io_pol_hnd printer handle 0000 data1: 00000000 0004 data2: 00000002 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 0014 architecture_ptr: 00000001 000018 smb_io_unistr2 architecture 0018 uni_max_len: 00000011 001c undoc : 00000000 0020 uni_str_len: 00000011 0024 buffer : W.i.n.d.o.w.s. .N.T. .R.4.0.0.0... 0048 level: 00000003 00004c spoolss_io_buffer 004c ptr: 00000000 0050 offered: 00000000 0054 clientmajorversion: 00000002 0058 clientminorversion: 00000002 create_rpc_request: opnum: 0x35 data_len: 0x74 create_rpc_request: data_len: 74 auth_len: 0 alloc_hint: 64 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0074 000a auth_len : 0000 000c call_id : 0000000a 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000064 0014 context_id: 0000 0016 opnum : 0035 rpc_api_pipe: fnum:771c size=198 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 116 (0x74) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 116 (0x74) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=131 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 74 00 00 00 0A 00 00 00 64 .......t .......d [020] 00 00 00 00 00 35 00 00 00 00 00 02 00 00 00 00 .....5.. ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 01 00 00 00 11 ...Gv=?\ ........ [040] 00 00 00 00 00 00 00 11 00 00 00 57 00 69 00 6E ........ ...W.i.n [050] 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 20 .d.o.w.s . .N.T. [060] 00 52 00 34 00 30 00 30 00 30 00 00 00 00 00 03 .R.4.0.0 .0...... [070] 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 02 ........ ........ [080] 00 00 00 ... write_socket(4,202) write_socket(4,202) wrote 202 got smb length of 100 size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 0A 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 0A 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... rpc_check_hdr: rdata->data_size = 44 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000000a 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000014 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 44 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_getprinterdriver2 000018 spoolss_io_buffer 0018 ptr: 00000000 001c needed: 00000000 0020 servermajorversion: 00000000 0024 serverminorversion: 00000000 0028 status: WERR_UNKNOWN_PRINTER_DRIVER 000000 spoolss_io_q_getprinterdriver2 000000 smb_io_pol_hnd printer handle 0000 data1: 00000000 0004 data2: 00000002 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 0014 architecture_ptr: 00000001 000018 smb_io_unistr2 architecture 0018 uni_max_len: 00000015 001c undoc : 00000000 0020 uni_str_len: 00000015 0024 buffer : W.i.n.d.o.w.s. .N.T. .A.l.p.h.a._.A.X.P... 0050 level: 00000003 000054 spoolss_io_buffer 0054 ptr: 00000000 0058 offered: 00000000 005c clientmajorversion: 00000002 0060 clientminorversion: 00000002 create_rpc_request: opnum: 0x35 data_len: 0x7c create_rpc_request: data_len: 7c auth_len: 0 alloc_hint: 6c 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 007c 000a auth_len : 0000 000c call_id : 0000000b 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000006c 0014 context_id: 0000 0016 opnum : 0035 rpc_api_pipe: fnum:771c size=206 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 124 (0x7C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 124 (0x7C) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=139 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 7C 00 00 00 0B 00 00 00 6C .......| .......l [020] 00 00 00 00 00 35 00 00 00 00 00 02 00 00 00 00 .....5.. ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 01 00 00 00 15 ...Gv=?\ ........ [040] 00 00 00 00 00 00 00 15 00 00 00 57 00 69 00 6E ........ ...W.i.n [050] 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 20 .d.o.w.s . .N.T. [060] 00 41 00 6C 00 70 00 68 00 61 00 5F 00 41 00 58 .A.l.p.h .a._.A.X [070] 00 50 00 00 00 00 00 03 00 00 00 00 00 00 00 00 .P...... ........ [080] 00 00 00 02 00 00 00 02 00 00 00 ........ ... write_socket(4,210) write_socket(4,210) wrote 210 got smb length of 100 size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 0B 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 0B 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... rpc_check_hdr: rdata->data_size = 44 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000000b 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000014 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 44 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_getprinterdriver2 000018 spoolss_io_buffer 0018 ptr: 00000000 001c needed: 00000000 0020 servermajorversion: 00000000 0024 serverminorversion: 00000000 0028 status: WERR_UNKNOWN_PRINTER_DRIVER 000000 spoolss_io_q_getprinterdriver2 000000 smb_io_pol_hnd printer handle 0000 data1: 00000000 0004 data2: 00000002 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 0014 architecture_ptr: 00000001 000018 smb_io_unistr2 architecture 0018 uni_max_len: 00000013 001c undoc : 00000000 0020 uni_str_len: 00000013 0024 buffer : W.i.n.d.o.w.s. .N.T. .P.o.w.e.r.P.C... 004c level: 00000003 000050 spoolss_io_buffer 0050 ptr: 00000000 0054 offered: 00000000 0058 clientmajorversion: 00000002 005c clientminorversion: 00000002 create_rpc_request: opnum: 0x35 data_len: 0x78 create_rpc_request: data_len: 78 auth_len: 0 alloc_hint: 68 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0078 000a auth_len : 0000 000c call_id : 0000000c 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000068 0014 context_id: 0000 0016 opnum : 0035 rpc_api_pipe: fnum:771c size=202 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 120 (0x78) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 120 (0x78) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=135 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 78 00 00 00 0C 00 00 00 68 .......x .......h [020] 00 00 00 00 00 35 00 00 00 00 00 02 00 00 00 00 .....5.. ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 01 00 00 00 13 ...Gv=?\ ........ [040] 00 00 00 00 00 00 00 13 00 00 00 57 00 69 00 6E ........ ...W.i.n [050] 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 20 .d.o.w.s . .N.T. [060] 00 50 00 6F 00 77 00 65 00 72 00 50 00 43 00 00 .P.o.w.e .r.P.C.. [070] 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 02 ........ ........ [080] 00 00 00 02 00 00 00 ....... write_socket(4,206) write_socket(4,206) wrote 206 got smb length of 100 size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 0C 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... size=100 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 44 (0x2C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 05 00 02 03 10 00 00 00 2C 00 00 00 0C 00 00 ........ .,...... [010] 00 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 05 07 00 00 ........ ..... rpc_check_hdr: rdata->data_size = 44 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000000c 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000014 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 44 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_getprinterdriver2 000018 spoolss_io_buffer 0018 ptr: 00000000 001c needed: 00000000 0020 servermajorversion: 00000000 0024 serverminorversion: 00000000 0028 status: WERR_UNKNOWN_PRINTER_DRIVER make_spoolss_q_closeprinter 000000 spoolss_io_q_closeprinter 000000 smb_io_pol_hnd printer handle 0000 data1: 00000000 0004 data2: 00000002 0008 data3: 0000 000a data4: 0000 000c data5: 47 76 3d 3f 5c 19 00 00 create_rpc_request: opnum: 0x1d data_len: 0x2c create_rpc_request: data_len: 2c auth_len: 0 alloc_hint: 1c 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000000d 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000001c 0014 context_id: 0000 0016 opnum : 001d rpc_api_pipe: fnum:771c size=126 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 5680 (0x1630) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=30492 (0x771C) smb_bcc=59 [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 2C 00 00 00 0D 00 00 00 1C ......., ........ [020] 00 00 00 00 00 1D 00 00 00 00 00 02 00 00 00 00 ........ ........ [030] 00 00 00 47 76 3D 3F 5C 19 00 00 ...Gv=?\ ... write_socket(4,130) write_socket(4,130) wrote 130 got smb length of 104 size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 0D 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [030] 00 . size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [000] 00 05 00 02 03 10 00 00 00 30 00 00 00 0D 00 00 ........ .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [030] 00 . rpc_check_hdr: rdata->data_size = 48 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000000d 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 rpc_api_pipe: len left: 0 smbtrans read: 48 rpc_api_pipe: fragment first and last both set 000018 spoolss_io_r_closeprinter 000018 smb_io_pol_hnd printer handle 0018 data1: 00000000 001c data2: 00000000 0020 data3: 0000 0022 data4: 0000 0024 data5: 00 00 00 00 00 00 00 00 002c status: WERR_OK result was WERR_UNKNOWN_PRINTER_DRIVER write_socket(4,45) write_socket(4,45) wrote 45 got smb length of 35 size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=6491 smb_uid=100 smb_mid=1 smt_wct=0 smb_bcc=0