• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1    1  15:35:08.640523 IP (tos 0x0, ttl 128, id 376, offset 0, flags [DF], proto TCP (6), length 128)
2    192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], cksum 0x3e2f (incorrect -> 0x3d49), seq 4267808374:4267808462, ack 628292694, win 63102, length 88
3SMB PACKET: SMBtrans2 (REPLY)
4SMB Command   =  0x32
5Error class   =  0x0
6Error code    =  0 (0x0)
7Flags1        =  0xFF
8Flags2        =  0x7
9Tree ID       =  2048 (0x800)
10Proc ID       =  2848 (0xb20)
11UID           =  4098 (0x1002)
12MID           =  1616 (0x650)
13Word Count    =  10 (0xa)
14TRANSACT2_OPEN param_length=2 data_length=24
15TotParam=2 (0x2)
16TotData=24 (0x18)
17Res1=0x0
18ParamCnt=2 (0x2)
19ParamOff=56 (0x38)
20ParamDisp0 (0x0)
21DataCnt=24 (0x18)
22DataOff=60 (0x3c)
23DataDisp=0 (0x0)
24SetupCnt=0 (0x0)
25smb_bcc=29
26Handle=0 (0x0)
27Attrib=Data=
28Data: (24 bytes)
29[000] 00 00 0B 00 00 00 00 00  00 00 00 00 00 00 00 00  ^@^@^K^@^@^@^@^@ ^@^@^@^@^@^@^@^@
30[010] 01 00 00 00 00 00 00 00                           ^A^@^@^@^@^@^@^@
31
32    2  15:35:08.640906 IP (tos 0x0, ttl 128, id 632, offset 0, flags [DF], proto TCP (6), length 114)
33    192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], cksum 0x2437 (correct), seq 1:75, ack 88, win 254, length 74
34SMB PACKET: SMBtrans2 (REQUEST)
35SMB Command   =  0x32
36Error class   =  0x0
37Error code    =  0 (0x0)
38Flags1        =  0x18
39Flags2        =  0x7
40Tree ID       =  2048 (0x800)
41Proc ID       =  2848 (0xb20)
42UID           =  4098 (0x1002)
43MID           =  1632 (0x660)
44Word Count    =  15 (0xf)
45TRANSACT2_QFSINFO param_length=2 data_length=0
46TotParam=2 (0x2)
47TotData=0 (0x0)
48MaxParam=0 (0x0)
49MaxData=560 (0x230)
50MaxSetup=0 (0x0)
51Flags=0x0
52TimeOut=0 (0x0)
53Res1=0x0
54ParamCnt=2 (0x2)
55ParamOff=68 (0x44)
56DataCnt=0 (0x0)
57DataOff=0 (0x0)
58SetupCnt=1 (0x1)
59smb_bcc=5
60InfoLevel=261 (0x105)
61
62    3  15:35:08.641033 IP (tos 0x0, ttl 128, id 377, offset 0, flags [DF], proto TCP (6), length 120)
63    192.168.56.55.445 > 192.168.56.119.49199: Flags [P.], cksum 0xf1fb (incorrect -> 0x1559), seq 88:168, ack 75, win 63028, length 80
64SMB PACKET: SMBtrans2 (REPLY)
65SMB Command   =  0x32
66Error class   =  0x0
67Error code    =  0 (0x0)
68Flags1        =  0x98
69Flags2        =  0x7
70Tree ID       =  0 (0x0)
71Proc ID       =  0 (0x0)
72UID           =  0 (0x0)
73MID           =  0 (0x0)
74Word Count    =  11 (0xb)
75TRANSACT2_QFSINFO param_length=0 data_length=20
76TotParam=0 (0x0)
77TotData=0 (0x0)
78Res1=0x0
79ParamCnt=0 (0x0)
80ParamOff=56 (0x38)
81ParamDisp0 (0x0)
82DataCnt=20 (0x14)
83DataOff=56 (0x38)
84DataDisp=0 (0x0)
85SetupCnt=0 (0x0)
86smb_bcc=65280
87Capabilities=0x700FF
88MaxFileLen=255 (0xff)
89VolNameLen=4278190088
90Volume=... [|smb]
91data:
92[000] FF 00 07 00 FF 00 00 00  08 00 00 FF FF FF FF 00  M-^?^@^G^@M-^?^@^@^@ ^H^@^@M-^?M-^?M-^?M-^?^@
93[010] 46 00 53 00                                       F^@S^@
94
95    4  [Error converting time] IP (tos 0x0, ttl 128, id 633, offset 0, flags [DF], proto TCP (6), length 116)
96    192.168.56.119.49199 > 192.168.56.55.445: Flags [P.], cksum 0x2253 (incorrect -> 0x229b), seq 75:151, ack 168, win 253, length 76 SMB-over-TCP packet:(raw data or continuation?)
97
98