[prev in list] [next in list] [prev in thread] [next in thread]
List: samba-technical
Subject: Samba TNG string overruns (TNG 2.4, 2.5)
From: Max Maischein <maischein () navicon ! de>
Date: 2000-04-27 13:57:52
[Download RAW message or body]
Hello !
I'm desperately trying to get Samba TNG running as a PDC (in its own
isolated network for stability reasons), but for reasons that I don't know,
Samba fails on me with different stuff :
(Tested with TNG 2.5, I just now installed TNG 2.4 and the stuff applies
there too)
Environment :
1 NT 4 SP 6a machine, member of domain DOMAIN (this domain is not connected
to the machine anymore, I just wasn't able yet to move the machine over to
the TEST domain, see below).
1 Linux (SuSE) Samba TNG 2.5 server, member and to-be PDC of domain TEST
Samba TNG 2.4/2.5 compiled with no options given to configure.
The NT box can neither browse nor connect to any share (NT responds "Share
not found") and smbclient provokes some string overrun errors with the
password. I suspect that (among other bad setup stuff) there is some error
in the string handling for passwords (on which side of the connection I
don't know). I've included what I hope can help you about this.
--- smb.conf ---
# Samba config file created using SWAT
# from vinci.navicon.de (192.168.10.40)
# Date: 2000/04/17 14:55:04
# Global parameters
[global]
workgroup = TEST
netbios name = SAMBA
server string = Samba Server
interfaces = 192.168.10.12
# security = USER
security = SHARE
encrypt passwords = Yes
max log size = 50
time server = Yes
dns proxy = No
# wins server = arno
invalid users = bin daemon adm sync shutdown halt mail news uucp
operator gopher
hosts allow = 192.168.10. 192.168.20. 192.168.30.
domain group map = /usr/local/samba/lib/domaingroup.map
domain user map = /usr/local/samba/lib/domainuser.map
smb passwd file = /etc/smbpasswd
# logon script = login.bat
# logon drive = h:
# domain logons = Yes
# domain master = Yes
os level = 33
preferred master = Yes
Wins support = Yes
socket options = TCP_NODELAY
[cdrom]
comment = CD-Laufwerk
path = /cdrom
[tmp]
comment = Testshare
path = /tmp
read only = No
---
And running
smbclient '\samba\cdrom' -U maischein-root -d 200
gives the following results (together with the request failing)
added interface ip�2.168.10.12 bcast�2.168.10.255 nmask%5.255.255.0
Client started (version TNG-alpha).
copy_nt_creds: null creds
cli_init_creds: ntlmssp_flgs: 0
cli_establish_connection: SAMBA<00> connecting to SAMBA<20> (0.0.0.0) -
maischein-root [TEST] with NTLMv1, nopw: No
resolve_lmhosts: Attempting lmhosts lookup for name samba<0x20>
startlmhosts: Can't open lmhosts file /usr/local/samba/lib/lmhosts. Error
was No such file or directory
resolve_hosts: Attempting host lookup for name samba<0x20>
Connecting to 192.168.10.12 at port 139
[000] 81 00 00 48 20 46 44 45 42 45 4E 45 43 45 42 43 ...H FDE BENECEBC
[010] 41 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 ACACACAC ACACACAC
[020] 41 43 41 43 41 00 20 46 44 45 42 45 4E 45 43 45 ACACA. F DEBENECE
[030] 42 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 BCACACAC ACACACAC
[040] 41 43 41 43 41 41 41 00 00 00 00 00 ACACAAA. ....
write_socket(3,76)
write_socket(3,76) wrote 76
Sent session request
got smb length of 0
size=0
smb_com=0x0
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=0
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=0
size�4
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc�9
[000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG
[010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO
[020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 31 2E 30 33 FT NETWO RKS 1.03
[030] 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E 45 54 57 ..MICROS OFT NETW
[040] 4F 52 4B 53 20 33 2E 30 00 02 4C 41 4E 4D 41 4E ORKS 3.0 ..LANMAN
[050] 31 2E 30 00 02 4C 4D 31 2E 32 58 30 30 32 00 02 1.0..LM1 .2X002..
[060] 53 61 6D 62 61 00 02 4E 54 20 4C 41 4E 4D 41 4E Samba..N T LANMAN
[070] 20 31 2E 30 00 02 4E 54 20 4C 4D 20 30 2E 31 32 1.0..NT LM 0.12
[080] 00 .
write_socket(3,168)
write_socket(3,168) wrote 168
got smb length of 89
size‰
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]=6 (0x6)
smb_vwv[1]�802 (0x3202)
smb_vwv[2]%6 (0x100)
smb_vwv[3]e280 (0xFF00)
smb_vwv[4]%5 (0xFF)
smb_vwv[5]=0 (0x0)
smb_vwv[6]%6 (0x100)
smb_vwv[7]5840 (0x8C00)
smb_vwv[8]B (0x2A)
smb_vwv[9]�544 (0x3100)
smb_vwv[10]=3 (0x3)
smb_vwv[11]=0 (0x0)
smb_vwv[12]f33 (0x19E9)
smb_vwv[13]�709 (0x4CFD)
smb_vwv[14]I072 (0xBFB0)
smb_vwv[15]4817 (0x8801)
smb_vwv[16]#03 (0x8FF)
smb_bcc
[000] E5 EE CF 18 54 50 7D D1 53 00 41 00 4D 00 42 00 ....TP}. S.A.M.B.
[010] 41 00 00 00 A...
server's domain: SAMBA bcc: 20
cli_establish_connection: NTLMv1
cli_session_setup. extended security: No
size�1
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]�408 (0x4400)
smb_vwv[3]=2 (0x2)
smb_vwv[4]�891 (0x2A8B)
smb_vwv[5]�892 (0x2A8C)
smb_vwv[6]=0 (0x0)
smb_vwv[7]$ (0x18)
smb_vwv[8]$ (0x18)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_bcc€
[000] 69 34 14 B5 0B D7 59 DB F2 8D CE 31 EE 77 58 5A i4....Y. ...1.wXZ
[010] 24 5D B8 B1 5F 23 20 C0 D1 0F C5 FC F1 CA 3A E8 $].._# . ......:.
[020] B1 4C 25 8C 7F 66 90 0B C5 44 EB 6F D6 24 81 EF .L%..f.. .D.o.$..
[030] 4D 41 49 53 43 48 45 49 4E 2D 52 4F 4F 54 00 54 MAISCHEI N-ROOT.T
[040] 45 53 54 00 55 6E 69 78 00 00 53 61 6D 62 61 00 EST.Unix ..Samba.
write_socket(3,145)
write_socket(3,145) wrote 145
got smb length of 67
sizeg
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=3
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=1 (0x1)
smb_bcc&
[000] 55 6E 69 78 00 53 61 6D 62 61 20 54 4E 47 2D 61 Unix.Sam ba TNG-a
[010] 6C 70 68 61 00 54 45 53 54 00 lpha.TES T.
session setup ok
Domain=[TEST] OS=[Unix] Server=[Samba TNG-alpha]
ERROR: string overflow by 10 in safe_strcpy [N�AunE:e?L%?f?
ADeoO$?i]
size‡
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=4
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]$ (0x18)
smb_bccD
[000] 7F 8E EB 86 79 5C 15 7E 5F 3D ED 3F 5E FE 2D 9E ....y\.~ _=.?^.-.
[010] D9 49 C6 7A 66 9E 5A 3B 5C 5C 53 41 4D 42 41 5C .I.zf.Z; \\SAMBA\
[020] 43 44 52 4F 4D 00 3F 3F 3F 3F 3F 00 CDROM.?? ???.
write_socket(3,91)
write_socket(3,91) wrote 91
got smb length of 35
size5
smb_com=0x75
smb_rcls=2
smb_reh=0
smb_err=2
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc=0
failed tcon_X
cli_establish_connection: SAMBA<00> connecting to *SMBSERVER<20>
(192.168.10.12) - MAISCHEIN-ROOT [TEST] with NTLMv1, nopw: No
[000] 81 00 00 48 20 43 4B 46 44 45 4E 45 43 46 44 45 ...H CKF DENECFDE
[010] 46 46 43 46 47 45 46 46 43 43 41 43 41 43 41 43 FFCFGEFF CCACACAC
[020] 41 43 41 43 41 00 20 46 44 45 42 45 4E 45 43 45 ACACA. F DEBENECE
[030] 42 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 BCACACAC ACACACAC
[040] 41 43 41 43 41 41 41 00 5C 53 41 4D ACACAAA. \SAM
write_socket(3,76)
write_socket(3,76) wrote 76
Sent session request
got smb length of 0
size=0
smb_com=0x0
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=0
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=0
size�4
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc�9
[000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG
[010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO
[020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 31 2E 30 33 FT NETWO RKS 1.03
[030] 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E 45 54 57 ..MICROS OFT NETW
[040] 4F 52 4B 53 20 33 2E 30 00 02 4C 41 4E 4D 41 4E ORKS 3.0 ..LANMAN
[050] 31 2E 30 00 02 4C 4D 31 2E 32 58 30 30 32 00 02 1.0..LM1 .2X002..
[060] 53 61 6D 62 61 00 02 4E 54 20 4C 41 4E 4D 41 4E Samba..N T LANMAN
[070] 20 31 2E 30 00 02 4E 54 20 4C 4D 20 30 2E 31 32 1.0..NT LM 0.12
[080] 00 .
write_socket(3,168)
write_socket(3,168) wrote 168
got smb length of 89
size‰
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]=6 (0x6)
smb_vwv[1]�802 (0x3202)
smb_vwv[2]%6 (0x100)
smb_vwv[3]e280 (0xFF00)
smb_vwv[4]%5 (0xFF)
smb_vwv[5]=0 (0x0)
smb_vwv[6]%6 (0x100)
smb_vwv[7]5840 (0x8C00)
smb_vwv[8]B (0x2A)
smb_vwv[9]�544 (0x3100)
smb_vwv[10]=3 (0x3)
smb_vwv[11]=0 (0x0)
smb_vwv[12]f33 (0x19E9)
smb_vwv[13]�709 (0x4CFD)
smb_vwv[14]I072 (0xBFB0)
smb_vwv[15]4817 (0x8801)
smb_vwv[16]#03 (0x8FF)
smb_bcc
[000] 86 D0 08 87 3E 1F 2C E5 53 00 41 00 4D 00 42 00 ....>.,. S.A.M.B.
[010] 41 00 00 00 A...
server's domain: SAMBA bcc: 20
cli_establish_connection: NTLMv1
cli_session_setup. extended security: No
size�1
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]�408 (0x4400)
smb_vwv[3]=2 (0x2)
smb_vwv[4]�891 (0x2A8B)
smb_vwv[5]�892 (0x2A8C)
smb_vwv[6]=0 (0x0)
smb_vwv[7]$ (0x18)
smb_vwv[8]$ (0x18)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_bcc€
[000] AE 67 F6 68 0F 3B 01 2D EA 6B 45 E6 BD C8 B2 85 .g.h.;.- .kE.....
[010] 69 84 D2 5B DB ED 68 DF 43 4C A7 A8 72 DF 03 8A i..[..h. CL..r...
[020] 0B 93 05 D2 95 00 86 CC 4D AD 5B 96 EC 90 A9 C7 ........ M.[.....
[030] 4D 41 49 53 43 48 45 49 4E 2D 52 4F 4F 54 00 54 MAISCHEI N-ROOT.T
[040] 45 53 54 00 55 6E 69 78 00 00 53 61 6D 62 61 00 EST.Unix ..Samba.
write_socket(3,145)
write_socket(3,145) wrote 145
got smb length of 67
sizeg
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=3
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=1 (0x1)
smb_bcc&
[000] 55 6E 69 78 00 53 61 6D 62 61 20 54 4E 47 2D 61 Unix.Sam ba TNG-a
[010] 6C 70 68 61 00 54 45 53 54 00 lpha.TES T.
session setup ok
Domain=[TEST] OS=[Unix] Server=[Samba TNG-alpha]
size‡
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=4
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]$ (0x18)
smb_bccD
[000] EA D0 04 F0 6E 00 B2 7B BC 4E 0A 97 29 85 7A 68 ....n..{ .N..).zh
[010] 5D 8C 8E 1C D1 58 97 33 5C 5C 53 41 4D 42 41 5C ]....X.3 \\SAMBA\
[020] 43 44 52 4F 4D 00 3F 3F 3F 3F 3F 00 CDROM.?? ???.
write_socket(3,91)
write_socket(3,91) wrote 91
got smb length of 35
size5
smb_com=0x75
smb_rcls=2
smb_reh=0
smb_err=2
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�891
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc=0
failed tcon_X
added interface ip�2.168.10.12 bcast�2.168.10.255 nmask%5.255.255.0
Client started (version TNG-alpha).
copy_nt_creds: null creds
cli_init_creds: ntlmssp_flgs: 0
cli_establish_connection: SAMBA<00> connecting to SAMBA<20> (0.0.0.0) -
maischein-root [TEST] with NTLMv1, nopw: No
resolve_lmhosts: Attempting lmhosts lookup for name samba<0x20>
startlmhosts: Can't open lmhosts file /usr/local/samba/lib/lmhosts. Error
was No such file or directory
resolve_hosts: Attempting host lookup for name samba<0x20>
Connecting to 192.168.10.12 at port 139
[000] 81 00 00 48 20 46 44 45 42 45 4E 45 43 45 42 43 ...H FDE BENECEBC
[010] 41 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 ACACACAC ACACACAC
[020] 41 43 41 43 41 00 20 46 44 45 42 45 4E 45 43 45 ACACA. F DEBENECE
[030] 42 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 BCACACAC ACACACAC
[040] 41 43 41 43 41 41 41 00 00 00 00 00 ACACAAA. ....
write_socket(3,76)
write_socket(3,76) wrote 76
Sent session request
got smb length of 0
size=0
smb_com=0x0
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=0
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=0
size�4
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc�9
[000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG
[010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO
[020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 31 2E 30 33 FT NETWO RKS 1.03
[030] 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E 45 54 57 ..MICROS OFT NETW
[040] 4F 52 4B 53 20 33 2E 30 00 02 4C 41 4E 4D 41 4E ORKS 3.0 ..LANMAN
[050] 31 2E 30 00 02 4C 4D 31 2E 32 58 30 30 32 00 02 1.0..LM1 .2X002..
[060] 53 61 6D 62 61 00 02 4E 54 20 4C 41 4E 4D 41 4E Samba..N T LANMAN
[070] 20 31 2E 30 00 02 4E 54 20 4C 4D 20 30 2E 31 32 1.0..NT LM 0.12
[080] 00 .
write_socket(3,168)
write_socket(3,168) wrote 168
got smb length of 89
size‰
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]=6 (0x6)
smb_vwv[1]�802 (0x3202)
smb_vwv[2]%6 (0x100)
smb_vwv[3]e280 (0xFF00)
smb_vwv[4]%5 (0xFF)
smb_vwv[5]=0 (0x0)
smb_vwv[6]%6 (0x100)
smb_vwv[7]6352 (0x8E00)
smb_vwv[8]B (0x2A)
smb_vwv[9]�544 (0x3100)
smb_vwv[10]=3 (0x3)
smb_vwv[11]=0 (0x0)
smb_vwv[12]V989 (0xDE9D)
smb_vwv[13]�713 (0x4D01)
smb_vwv[14]I072 (0xBFB0)
smb_vwv[15]4817 (0x8801)
smb_vwv[16]#03 (0x8FF)
smb_bcc
[000] 53 34 18 96 9D 18 93 FD 53 00 41 00 4D 00 42 00 S4...... S.A.M.B.
[010] 41 00 00 00 A...
server's domain: SAMBA bcc: 20
cli_establish_connection: NTLMv1
cli_session_setup. extended security: No
size�1
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]�408 (0x4400)
smb_vwv[3]=2 (0x2)
smb_vwv[4]�893 (0x2A8D)
smb_vwv[5]�894 (0x2A8E)
smb_vwv[6]=0 (0x0)
smb_vwv[7]$ (0x18)
smb_vwv[8]$ (0x18)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_bcc€
[000] 1D 7A BA F0 65 9C 03 7A 7B 14 ED 29 8C 49 BA EB .z..e..z {..).I..
[010] C7 43 DB DD 99 60 3A A3 8D 73 95 E8 9E 35 92 2E .C...`:. .s...5..
[020] 5B 82 A0 92 E8 EE F5 E3 85 27 2F E2 01 C2 88 FB [....... .'/.....
[030] 4D 41 49 53 43 48 45 49 4E 2D 52 4F 4F 54 00 54 MAISCHEI N-ROOT.T
[040] 45 53 54 00 55 6E 69 78 00 00 53 61 6D 62 61 00 EST.Unix ..Samba.
write_socket(3,145)
write_socket(3,145) wrote 145
got smb length of 67
sizeg
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=3
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=1 (0x1)
smb_bcc&
[000] 55 6E 69 78 00 53 61 6D 62 61 20 54 4E 47 2D 61 Unix.Sam ba TNG-a
[010] 6C 70 68 61 00 54 45 53 54 00 lpha.TES T.
session setup ok
Domain=[TEST] OS=[Unix] Server=[Samba TNG-alpha]
ERROR: string overflow by 10 in safe_strcpy [?s.e?5'.[, 'eioa?'/a�A^u]
size‡
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=4
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]$ (0x18)
smb_bccD
[000] FF E9 07 85 C0 7A 6E D6 E9 D6 1C 34 B6 7C F4 9D .....zn. ...4.|..
[010] 07 C6 4F 01 E7 50 B7 C6 5C 5C 53 41 4D 42 41 5C ..O..P.. \\SAMBA\
[020] 43 44 52 4F 4D 00 3F 3F 3F 3F 3F 00 CDROM.?? ???.
write_socket(3,91)
write_socket(3,91) wrote 91
got smb length of 35
size5
smb_com=0x75
smb_rcls=2
smb_reh=0
smb_err=2
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc=0
failed tcon_X
cli_establish_connection: SAMBA<00> connecting to *SMBSERVER<20>
(192.168.10.12) - MAISCHEIN-ROOT [TEST] with NTLMv1, nopw: No
[000] 81 00 00 48 20 43 4B 46 44 45 4E 45 43 46 44 45 ...H CKF DENECFDE
[010] 46 46 43 46 47 45 46 46 43 43 41 43 41 43 41 43 FFCFGEFF CCACACAC
[020] 41 43 41 43 41 00 20 46 44 45 42 45 4E 45 43 45 ACACA. F DEBENECE
[030] 42 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 BCACACAC ACACACAC
[040] 41 43 41 43 41 41 41 00 5C 53 41 4D ACACAAA. \SAM
write_socket(3,76)
write_socket(3,76) wrote 76
Sent session request
got smb length of 0
size=0
smb_com=0x0
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=0
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=0
size�4
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc�9
[000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG
[010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO
[020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 31 2E 30 33 FT NETWO RKS 1.03
[030] 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E 45 54 57 ..MICROS OFT NETW
[040] 4F 52 4B 53 20 33 2E 30 00 02 4C 41 4E 4D 41 4E ORKS 3.0 ..LANMAN
[050] 31 2E 30 00 02 4C 4D 31 2E 32 58 30 30 32 00 02 1.0..LM1 .2X002..
[060] 53 61 6D 62 61 00 02 4E 54 20 4C 41 4E 4D 41 4E Samba..N T LANMAN
[070] 20 31 2E 30 00 02 4E 54 20 4C 4D 20 30 2E 31 32 1.0..NT LM 0.12
[080] 00 .
write_socket(3,168)
write_socket(3,168) wrote 168
got smb length of 89
size‰
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]=6 (0x6)
smb_vwv[1]�802 (0x3202)
smb_vwv[2]%6 (0x100)
smb_vwv[3]e280 (0xFF00)
smb_vwv[4]%5 (0xFF)
smb_vwv[5]=0 (0x0)
smb_vwv[6]%6 (0x100)
smb_vwv[7]6352 (0x8E00)
smb_vwv[8]B (0x2A)
smb_vwv[9]�544 (0x3100)
smb_vwv[10]=3 (0x3)
smb_vwv[11]=0 (0x0)
smb_vwv[12]V989 (0xDE9D)
smb_vwv[13]�713 (0x4D01)
smb_vwv[14]I072 (0xBFB0)
smb_vwv[15]4817 (0x8801)
smb_vwv[16]#03 (0x8FF)
smb_bcc
[000] 29 0E D5 D4 B9 36 9B F8 53 00 41 00 4D 00 42 00 )....6.. S.A.M.B.
[010] 41 00 00 00 A...
server's domain: SAMBA bcc: 20
cli_establish_connection: NTLMv1
cli_session_setup. extended security: No
size�1
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]�408 (0x4400)
smb_vwv[3]=2 (0x2)
smb_vwv[4]�893 (0x2A8D)
smb_vwv[5]�894 (0x2A8E)
smb_vwv[6]=0 (0x0)
smb_vwv[7]$ (0x18)
smb_vwv[8]$ (0x18)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_bcc€
[000] 6F 85 B4 2A AC D4 61 36 9D B0 38 59 C3 DC 92 F7 o..*..a6 ..8Y....
[010] E4 90 60 D4 53 3F 20 1F 7B 6F 76 B2 40 6F D7 52 ..`.S? . {ov.@o.R
[020] 4A EA B7 1F DE A7 90 E4 E9 D1 D7 32 D3 FF 9A B7 J....... ...2....
[030] 4D 41 49 53 43 48 45 49 4E 2D 52 4F 4F 54 00 54 MAISCHEI N-ROOT.T
[040] 45 53 54 00 55 6E 69 78 00 00 53 61 6D 62 61 00 EST.Unix ..Samba.
write_socket(3,145)
write_socket(3,145) wrote 145
got smb length of 67
sizeg
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=3
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=1 (0x1)
smb_bcc&
[000] 55 6E 69 78 00 53 61 6D 62 61 20 54 4E 47 2D 61 Unix.Sam ba TNG-a
[010] 6C 70 68 61 00 54 45 53 54 00 lpha.TES T.
session setup ok
Domain=[TEST] OS=[Unix] Server=[Samba TNG-alpha]
ERROR: string overflow by 10 in safe_strcpy [{ov?@o?RJe.�???aeN?2Oy?.]
size‡
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=4
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]$ (0x18)
smb_bccD
[000] 34 E4 C3 1E 98 24 DF E2 3F 9D 5F 82 A8 00 22 FD 4....$.. ?._...".
[010] E7 2B 97 2D 44 68 D0 60 5C 5C 53 41 4D 42 41 5C .+.-Dh.` \\SAMBA\
[020] 43 44 52 4F 4D 00 3F 3F 3F 3F 3F 00 CDROM.?? ???.
write_socket(3,91)
write_socket(3,91) wrote 91
got smb length of 35
size5
smb_com=0x75
smb_rcls=2
smb_reh=0
smb_err=2
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�893
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc=0
failed tcon_X
added interface ip�2.168.10.12 bcast�2.168.10.255 nmask%5.255.255.0
Client started (version TNG-alpha).
copy_nt_creds: null creds
cli_init_creds: ntlmssp_flgs: 0
cli_establish_connection: SAMBA<00> connecting to SAMBA<20> (0.0.0.0) -
maischein-root [TEST] with NTLMv1, nopw: Yes
resolve_lmhosts: Attempting lmhosts lookup for name samba<0x20>
startlmhosts: Can't open lmhosts file /usr/local/samba/lib/lmhosts. Error
was No such file or directory
resolve_hosts: Attempting host lookup for name samba<0x20>
Connecting to 192.168.10.12 at port 139
[000] 81 00 00 48 20 46 44 45 42 45 4E 45 43 45 42 43 ...H FDE BENECEBC
[010] 41 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 ACACACAC ACACACAC
[020] 41 43 41 43 41 00 20 46 44 45 42 45 4E 45 43 45 ACACA. F DEBENECE
[030] 42 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 BCACACAC ACACACAC
[040] 41 43 41 43 41 41 41 00 00 00 00 00 ACACAAA. ....
write_socket(3,76)
write_socket(3,76) wrote 76
Sent session request
got smb length of 0
size=0
smb_com=0x0
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=0
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=0
size�4
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc�9
[000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG
[010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO
[020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 31 2E 30 33 FT NETWO RKS 1.03
[030] 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E 45 54 57 ..MICROS OFT NETW
[040] 4F 52 4B 53 20 33 2E 30 00 02 4C 41 4E 4D 41 4E ORKS 3.0 ..LANMAN
[050] 31 2E 30 00 02 4C 4D 31 2E 32 58 30 30 32 00 02 1.0..LM1 .2X002..
[060] 53 61 6D 62 61 00 02 4E 54 20 4C 41 4E 4D 41 4E Samba..N T LANMAN
[070] 20 31 2E 30 00 02 4E 54 20 4C 4D 20 30 2E 31 32 1.0..NT LM 0.12
[080] 00 .
write_socket(3,168)
write_socket(3,168) wrote 168
got smb length of 89
size‰
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]=6 (0x6)
smb_vwv[1]�802 (0x3202)
smb_vwv[2]%6 (0x100)
smb_vwv[3]e280 (0xFF00)
smb_vwv[4]%5 (0xFF)
smb_vwv[5]=0 (0x0)
smb_vwv[6]%6 (0x100)
smb_vwv[7]6864 (0x9000)
smb_vwv[8]B (0x2A)
smb_vwv[9]�544 (0x3100)
smb_vwv[10]=3 (0x3)
smb_vwv[11]2768 (0x8000)
smb_vwv[12]'924 (0x6D14)
smb_vwv[13]�720 (0x4D08)
smb_vwv[14]I072 (0xBFB0)
smb_vwv[15]4817 (0x8801)
smb_vwv[16]#03 (0x8FF)
smb_bcc
[000] 3F 17 D7 96 EE 61 B8 3A 53 00 41 00 4D 00 42 00 ?....a.: S.A.M.B.
[010] 41 00 00 00 A...
server's domain: SAMBA bcc: 20
cli_session_setup. extended security: No
size•
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]�408 (0x4400)
smb_vwv[3]=2 (0x2)
smb_vwv[4]�895 (0x2A8F)
smb_vwv[5]�896 (0x2A90)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=1 (0x1)
smb_vwv[8]=1 (0x1)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_bcc4
[000] 00 00 4D 41 49 53 43 48 45 49 4E 2D 52 4F 4F 54 ..MAISCH EIN-ROOT
[010] 00 54 45 53 54 00 55 6E 69 78 00 00 53 61 6D 62 .TEST.Un ix..Samb
[020] 61 00 a.
write_socket(3,99)
write_socket(3,99) wrote 99
got smb length of 67
sizeg
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=3
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=1 (0x1)
smb_bcc&
[000] 55 6E 69 78 00 53 61 6D 62 61 20 54 4E 47 2D 61 Unix.Sam ba TNG-a
[010] 6C 70 68 61 00 54 45 53 54 00 lpha.TES T.
sizec
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=4
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_bcc
[000] 5C 5C 53 41 4D 42 41 5C 43 44 52 4F 4D 00 3F 3F \\SAMBA\ CDROM.??
[010] 3F 3F 3F 00 ???.
write_socket(3,67)
write_socket(3,67) wrote 67
got smb length of 35
size5
smb_com=0x75
smb_rcls=2
smb_reh=0
smb_err=2
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc=0
failed tcon_X
cli_establish_connection: SAMBA<00> connecting to *SMBSERVER<20>
(192.168.10.12) - MAISCHEIN-ROOT [TEST] with NTLMv1, nopw: Yes
[000] 81 00 00 48 20 43 4B 46 44 45 4E 45 43 46 44 45 ...H CKF DENECFDE
[010] 46 46 43 46 47 45 46 46 43 43 41 43 41 43 41 43 FFCFGEFF CCACACAC
[020] 41 43 41 43 41 00 20 46 44 45 42 45 4E 45 43 45 ACACA. F DEBENECE
[030] 42 43 41 43 41 43 41 43 41 43 41 43 41 43 41 43 BCACACAC ACACACAC
[040] 41 43 41 43 41 41 41 00 48 45 49 4E ACACAAA. HEIN
write_socket(3,76)
write_socket(3,76) wrote 76
Sent session request
got smb length of 0
size=0
smb_com=0x0
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=0
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=0
size�4
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc�9
[000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG
[010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO
[020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 31 2E 30 33 FT NETWO RKS 1.03
[030] 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E 45 54 57 ..MICROS OFT NETW
[040] 4F 52 4B 53 20 33 2E 30 00 02 4C 41 4E 4D 41 4E ORKS 3.0 ..LANMAN
[050] 31 2E 30 00 02 4C 4D 31 2E 32 58 30 30 32 00 02 1.0..LM1 .2X002..
[060] 53 61 6D 62 61 00 02 4E 54 20 4C 41 4E 4D 41 4E Samba..N T LANMAN
[070] 20 31 2E 30 00 02 4E 54 20 4C 4D 20 30 2E 31 32 1.0..NT LM 0.12
[080] 00 .
write_socket(3,168)
write_socket(3,168) wrote 168
got smb length of 89
size‰
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]=6 (0x6)
smb_vwv[1]�802 (0x3202)
smb_vwv[2]%6 (0x100)
smb_vwv[3]e280 (0xFF00)
smb_vwv[4]%5 (0xFF)
smb_vwv[5]=0 (0x0)
smb_vwv[6]%6 (0x100)
smb_vwv[7]6864 (0x9000)
smb_vwv[8]B (0x2A)
smb_vwv[9]�544 (0x3100)
smb_vwv[10]=3 (0x3)
smb_vwv[11]2768 (0x8000)
smb_vwv[12]'924 (0x6D14)
smb_vwv[13]�720 (0x4D08)
smb_vwv[14]I072 (0xBFB0)
smb_vwv[15]4817 (0x8801)
smb_vwv[16]#03 (0x8FF)
smb_bcc
[000] 42 E9 A8 95 B9 AE EA C6 53 00 41 00 4D 00 42 00 B....... S.A.M.B.
[010] 41 00 00 00 A...
server's domain: SAMBA bcc: 20
cli_session_setup. extended security: No
size•
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct�
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]�408 (0x4400)
smb_vwv[3]=2 (0x2)
smb_vwv[4]�895 (0x2A8F)
smb_vwv[5]�896 (0x2A90)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=1 (0x1)
smb_vwv[8]=1 (0x1)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_bcc4
[000] 00 00 4D 41 49 53 43 48 45 49 4E 2D 52 4F 4F 54 ..MAISCH EIN-ROOT
[010] 00 54 45 53 54 00 55 6E 69 78 00 00 53 61 6D 62 .TEST.Un ix..Samb
[020] 61 00 a.
write_socket(3,99)
write_socket(3,99) wrote 99
got smb length of 67
sizeg
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=3
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=1 (0x1)
smb_bcc&
[000] 55 6E 69 78 00 53 61 6D 62 61 20 54 4E 47 2D 61 Unix.Sam ba TNG-a
[010] 6C 70 68 61 00 54 45 53 54 00 lpha.TES T.
sizec
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2�433
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=4
smb_vwv[0]%5 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_bcc
[000] 5C 5C 53 41 4D 42 41 5C 43 44 52 4F 4D 00 3F 3F \\SAMBA\ CDROM.??
[010] 3F 3F 3F 00 ???.
write_socket(3,67)
write_socket(3,67) wrote 67
got smb length of 35
size5
smb_com=0x75
smb_rcls=2
smb_reh=0
smb_err=2
smb_flg�6
smb_flg2=1
smb_tid=0
smb_pid�895
smb_uid=0
smb_mid=1
smt_wct=0
smb_bcc=0
failed tcon_X
-max
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic