6 * Copyright (C) 2016 by Olaf `Olsen' Barthel <obarthel -at- gmx -dot- net>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 /*****************************************************************************/
27 /* The command packets are identified by the command code, but the
28 * contents are interpreted differently if the packets are sent by
29 * the client ("From consumer") or by the server ("To consumer").
31 enum smb_packet_source_t
33 smb_packet_from_consumer
,
34 smb_packet_to_consumer
37 /*****************************************************************************/
39 /* Known SMB command codes. */
42 SMB_COM_CREATE_DIRECTORY
=0x00,
43 SMB_COM_DELETE_DIRECTORY
=0x01,
50 SMB_COM_QUERY_INFORMATION
=0x08,
51 SMB_COM_SET_INFORMATION
=0x09,
54 SMB_COM_LOCK_BYTE_RANGE
=0x0C,
55 SMB_COM_UNLOCK_BYTE_RANGE
=0x0D,
56 SMB_COM_CREATE_TEMPORARY
=0x0E,
57 SMB_COM_CREATE_NEW
=0x0F,
58 SMB_COM_CHECK_DIRECTORY
=0x10,
59 SMB_COM_PROCESS_EXIT
=0x11,
61 SMB_COM_LOCK_AND_READ
=0x13,
62 SMB_COM_WRITE_AND_UNLOCK
=0x14,
63 SMB_COM_READ_RAW
=0x1A,
64 SMB_COM_READ_MPX
=0x1B,
65 SMB_COM_READ_MPX_SECONDARY
=0x1C,
66 SMB_COM_WRITE_RAW
=0x1D,
67 SMB_COM_WRITE_MPX
=0x1E,
68 SMB_COM_WRITE_MPX_SECONDARY
=0x1F,
69 SMB_COM_WRITE_COMPLETE
=0x20,
70 SMB_COM_QUERY_SERVER
=0x21,
71 SMB_COM_SET_INFORMATION2
=0x22,
72 SMB_COM_QUERY_INFORMATION2
=0x23,
73 SMB_COM_LOCKING_ANDX
=0x24,
74 SMB_COM_TRANSACTION
=0x25,
75 SMB_COM_TRANSACTION_SECONDARY
=0x26,
77 SMB_COM_IOCTL_SECONDARY
=0x28,
81 SMB_COM_WRITE_AND_CLOSE
=0x2C,
82 SMB_COM_OPEN_ANDX
=0x2D,
83 SMB_COM_READ_ANDX
=0x2E,
84 SMB_COM_WRITE_ANDX
=0x2F,
85 SMB_COM_NEW_FILE_SIZE
=0x30,
86 SMB_COM_CLOSE_AND_TREE_DISC
=0x31,
87 SMB_COM_TRANSACTION2
=0x32,
88 SMB_COM_TRANSACTION2_SECONDARY
=0x33,
89 SMB_COM_FIND_CLOSE2
=0x34,
90 SMB_COM_FIND_NOTIFY_CLOSE
=0x35,
91 SMB_COM_TREE_CONNECT
=0x70,
92 SMB_COM_TREE_DISCONNECT
=0x71,
93 SMB_COM_NEGOTIATE
=0x72,
94 SMB_COM_SESSION_SETUP_ANDX
=0x73,
95 SMB_COM_LOGOFF_ANDX
=0x74,
96 SMB_COM_TREE_CONNECT_ANDX
=0x75,
97 SMB_COM_SECURITY_PACKAGE_ANDX
=0x7E,
98 SMB_COM_QUERY_INFORMATION_DISK
=0x80,
101 SMB_COM_FIND_UNIQUE
=0x83,
102 SMB_COM_FIND_CLOSE
=0x84,
103 SMB_COM_NT_TRANSACT
=0xA0,
104 SMB_COM_NT_TRANSACT_SECONDARY
=0xA1,
105 SMB_COM_NT_CREATE_ANDX
=0xA2,
106 SMB_COM_NT_CANCEL
=0xA4,
107 SMB_COM_NT_RENAME
=0xA5,
108 SMB_COM_OPEN_PRINT_FILE
=0xC0,
109 SMB_COM_WRITE_PRINT_FILE
=0xC1,
110 SMB_COM_CLOSE_PRINT_FILE
=0xC2,
111 SMB_COM_GET_PRINT_QUEUE
=0xC3,
112 SMB_COM_READ_BULK
=0xD8,
113 SMB_COM_WRITE_BULK
=0xD9,
114 SMB_COM_WRITE_BULK_DATA
=0xDA,
115 SMB_COM_INVALID
=0xFE,
116 SMB_COM_NO_ANDX_COMMAND
=0xFF
119 /* SMB_COM_TRANSACTION2 subcommand codes. */
123 TRANS2_FIND_FIRST2
=0x01,
124 TRANS2_FIND_NEXT2
=0x02,
125 TRANS2_QUERY_FS_INFORMATION
=0x03,
126 TRANS2_QUERY_PATH_INFORMATION
=0x05,
127 TRANS2_SET_PATH_INFORMATION
=0x06,
128 TRANS2_QUERY_FILE_INFORMATION
=0x07,
129 TRANS2_SET_FILE_INFORMATION
=0x08,
132 TRANS2_FIND_NOTIFY_FIRST
=0x0B,
133 TRANS2_FIND_NOTIFY_NEXT
=0x0C,
134 TRANS2_CREATE_DIRECTORY
=0x0D,
135 TRANS2_SESSION_SETUP
=0x0E
140 SMB_FLAGS_SERVER_TO_REDIR
=0x80,
141 SMB_FLAGS_REQUEST_BATCH_OPLOCK
=0x40,
142 SMB_FLAGS_REQUEST_OPLOCK
=0x20,
143 SMB_FLAGS_CANONICAL_PATHNAMES
=0x10,
144 SMB_FLAGS_CASELESS_PATHNAMES
=0x08,
145 SMB_FLAGS_CLIENT_BUF_AVAIL
=0x02,
146 SMB_FLAGS_SUPPORT_LOCKREAD
=0x01
151 SMB_FLAGS2_UNICODE_STRINGS
=0x8000,
152 SMB_FLAGS2_32BIT_STATUS
=0x4000,
153 SMB_FLAGS2_READ_IF_EXECUTE
=0x2000,
154 SMB_FLAGS2_DFS_PATHNAME
=0x1000,
155 SMB_FLAGS2_EXTENDED_SECURITY
=0x0800,
156 SMB_FLAGS2_IS_LONG_NAME
=0x0040,
157 SMB_FLAGS2_SECURITY_SIGNATURE
=0x0004,
158 SMB_FLAGS2_EAS
=0x0002,
159 SMB_FLAGS2_KNOWS_LONG_NAMES
=0x0001
164 unsigned char signature
[4]; // Contains 0xFF, 'SMB' [BYTE smb_idf[4]]
165 unsigned char command
; // Command code [BYTE smb_com]
166 unsigned long status
; // Error code class [BYTE smb_rcls], Reserved [BYTE smb_reh], Error code [WORD smb_err],
168 unsigned short flags2
;
172 unsigned short pid_high
;
173 unsigned short signature
[4];
176 unsigned short tid
; // Tree ID # [WORD smb_tid]
177 unsigned short pid
; // Callers process id [WORD smb_pid]
178 unsigned short uid
; // User ID [WORD smb_uid]
179 unsigned short mid
; // Multiplex ID [WORD smb_mid]
181 int parameter_offset
; // Number of bytes between start of SMB header and parameters
182 int num_parameter_words
; // Count of parameter words [BYTE smb_wct]
183 unsigned char * parameters
; // Variable number of parameter words [SHORT smb_wvw[..]]
185 int data_offset
; // Number of bytes between start of SMB header and data
186 int num_data_bytes
; // Number of data bytes following [WORD smb_bcc]
187 unsigned char * data
; // Variable number of data bytes [BYTE smb_data[..]]
189 int raw_packet_size
; // Number of bytes in raw SMB packet
190 unsigned char * raw_packet
; // Points to raw SMB packet
193 /*****************************************************************************/
195 extern void dump_netbios_header(const char *file_name
,int line_number
,
196 const unsigned char *netbios_session_header
,
197 const unsigned char *netbios_payload
,int netbios_payload_size
);
199 extern void dump_smb(const char *file_name
,int line_number
,int is_raw_data
,
200 const void * packet
,int length
,enum smb_packet_source_t smb_packet_source
,
201 int max_buffer_size
);
203 extern void control_smb_dump(int enable
);
205 /*****************************************************************************/
207 #endif /* DUMP_SMB */
