search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Expand PMF_FN_* macros.
[netbsd-mini2440.git] / dist / tcpdump / print-smb.c
blob047516fbc98361c333c5e4c3367367020a860cd5
1 /* $NetBSD$ */
2
3 /*
4 * Copyright (C) Andrew Tridgell 1995-1999
5 *
6 * This software may be distributed either under the terms of the
7 * BSD-style license that accompanies tcpdump or the GNU GPL version 2
8 * or later
9 */
10
11 #ifdef HAVE_CONFIG_H
12 #include "config.h"
13 #endif
14
15 #include <sys/cdefs.h>
16 #ifndef lint
17 #if 0
18 static const char rcsid[] _U_ =
19 "@(#) Header: /tcpdump/master/tcpdump/print-smb.c,v 1.41.2.4 2007/07/14 22:29:05 guy Exp";
20 #else
21 __RCSID("$NetBSD: tcpdump2rcsid.ex,v 1.1 2001/06/25 20:09:58 itojun Exp $");
22 #endif
23 #endif
24
25 #include <tcpdump-stdinc.h>
26
27 #include <stdio.h>
28 #include <string.h>
29
30 #include "interface.h"
31 #include "extract.h"
32 #include "smb.h"
33
34 static int request = 0;
35 static int unicodestr = 0;
36
37 const u_char *startbuf = NULL;
38
39 struct smbdescript {
40 const char *req_f1;
41 const char *req_f2;
42 const char *rep_f1;
43 const char *rep_f2;
44 void (*fn)(const u_char *, const u_char *, const u_char *, const u_char *);
45 };
46
47 struct smbdescriptint {
48 const char *req_f1;
49 const char *req_f2;
50 const char *rep_f1;
51 const char *rep_f2;
52 void (*fn)(const u_char *, const u_char *, int, int);
53 };
54
55 struct smbfns
56 {
57 int id;
58 const char *name;
59 int flags;
60 struct smbdescript descript;
61 };
62
63 struct smbfnsint
64 {
65 int id;
66 const char *name;
67 int flags;
68 struct smbdescriptint descript;
69 };
70
71 #define DEFDESCRIPT { NULL, NULL, NULL, NULL, NULL }
72
73 #define FLG_CHAIN (1 << 0)
74
75 static struct smbfns *
76 smbfind(int id, struct smbfns *list)
77 {
78 int sindex;
79
80 for (sindex = 0; list[sindex].name; sindex++)
81 if (list[sindex].id == id)
82 return(&list[sindex]);
83
84 return(&list[0]);
85 }
86
87 static struct smbfnsint *
88 smbfindint(int id, struct smbfnsint *list)
89 {
90 int sindex;
91
92 for (sindex = 0; list[sindex].name; sindex++)
93 if (list[sindex].id == id)
94 return(&list[sindex]);
95
96 return(&list[0]);
97 }
98
99 static void
100 trans2_findfirst(const u_char *param, const u_char *data, int pcnt, int dcnt)
101 {
102 const char *fmt;
103
104 if (request)
105 fmt = "Attribute=[A]\nSearchCount=[d]\nFlags=[w]\nLevel=[dP4]\nFile=[S]\n";
106 else
107 fmt = "Handle=[w]\nCount=[d]\nEOS=[w]\nEoffset=[d]\nLastNameOfs=[w]\n";
108
109 smb_fdata(param, fmt, param + pcnt, unicodestr);
110 if (dcnt) {
111 printf("data:\n");
112 print_data(data, dcnt);
113 }
114 }
115
116 static void
117 trans2_qfsinfo(const u_char *param, const u_char *data, int pcnt, int dcnt)
118 {
119 static int level = 0;
120 const char *fmt="";
121
122 if (request) {
123 TCHECK2(*param, 2);
124 level = EXTRACT_LE_16BITS(param);
125 fmt = "InfoLevel=[d]\n";
126 smb_fdata(param, fmt, param + pcnt, unicodestr);
127 } else {
128 switch (level) {
129 case 1:
130 fmt = "idFileSystem=[W]\nSectorUnit=[D]\nUnit=[D]\nAvail=[D]\nSectorSize=[d]\n";
131 break;
132 case 2:
133 fmt = "CreationTime=[T2]VolNameLength=[lb]\nVolumeLabel=[c]\n";
134 break;
135 case 0x105:
136 fmt = "Capabilities=[W]\nMaxFileLen=[D]\nVolNameLen=[lD]\nVolume=[C]\n";
137 break;
138 default:
139 fmt = "UnknownLevel\n";
140 break;
141 }
142 smb_fdata(data, fmt, data + dcnt, unicodestr);
143 }
144 if (dcnt) {
145 printf("data:\n");
146 print_data(data, dcnt);
147 }
148 return;
149 trunc:
150 printf("[|SMB]");
151 return;
152 }
153
154 struct smbfnsint trans2_fns[] = {
155 { 0, "TRANSACT2_OPEN", 0,
156 { "Flags2=[w]\nMode=[w]\nSearchAttrib=[A]\nAttrib=[A]\nTime=[T2]\nOFun=[w]\nSize=[D]\nRes=([w, w, w, w, w])\nPath=[S]",
157 NULL,
158 "Handle=[d]\nAttrib=[A]\nTime=[T2]\nSize=[D]\nAccess=[w]\nType=[w]\nState=[w]\nAction=[w]\nInode=[W]\nOffErr=[d]\n|EALength=[d]\n",
159 NULL, NULL }},
160 { 1, "TRANSACT2_FINDFIRST", 0,
161 { NULL, NULL, NULL, NULL, trans2_findfirst }},
162 { 2, "TRANSACT2_FINDNEXT", 0, DEFDESCRIPT },
163 { 3, "TRANSACT2_QFSINFO", 0,
164 { NULL, NULL, NULL, NULL, trans2_qfsinfo }},
165 { 4, "TRANSACT2_SETFSINFO", 0, DEFDESCRIPT },
166 { 5, "TRANSACT2_QPATHINFO", 0, DEFDESCRIPT },
167 { 6, "TRANSACT2_SETPATHINFO", 0, DEFDESCRIPT },
168 { 7, "TRANSACT2_QFILEINFO", 0, DEFDESCRIPT },
169 { 8, "TRANSACT2_SETFILEINFO", 0, DEFDESCRIPT },
170 { 9, "TRANSACT2_FSCTL", 0, DEFDESCRIPT },
171 { 10, "TRANSACT2_IOCTL", 0, DEFDESCRIPT },
172 { 11, "TRANSACT2_FINDNOTIFYFIRST", 0, DEFDESCRIPT },
173 { 12, "TRANSACT2_FINDNOTIFYNEXT", 0, DEFDESCRIPT },
174 { 13, "TRANSACT2_MKDIR", 0, DEFDESCRIPT },
175 { -1, NULL, 0, DEFDESCRIPT }
176 };
177
178
179 static void
180 print_trans2(const u_char *words, const u_char *dat, const u_char *buf, const u_char *maxbuf)
181 {
182 u_int bcc;
183 static struct smbfnsint *fn = &trans2_fns[0];
184 const u_char *data, *param;
185 const u_char *w = words + 1;
186 const char *f1 = NULL, *f2 = NULL;
187 int pcnt, dcnt;
188
189 TCHECK(words[0]);
190 if (request) {
191 TCHECK2(w[14 * 2], 2);
192 pcnt = EXTRACT_LE_16BITS(w + 9 * 2);
193 param = buf + EXTRACT_LE_16BITS(w + 10 * 2);
194 dcnt = EXTRACT_LE_16BITS(w + 11 * 2);
195 data = buf + EXTRACT_LE_16BITS(w + 12 * 2);
196 fn = smbfindint(EXTRACT_LE_16BITS(w + 14 * 2), trans2_fns);
197 } else {
198 if (words[0] == 0) {
199 printf("%s\n", fn->name);
200 printf("Trans2Interim\n");
201 return;
202 }
203 TCHECK2(w[7 * 2], 2);
204 pcnt = EXTRACT_LE_16BITS(w + 3 * 2);
205 param = buf + EXTRACT_LE_16BITS(w + 4 * 2);
206 dcnt = EXTRACT_LE_16BITS(w + 6 * 2);
207 data = buf + EXTRACT_LE_16BITS(w + 7 * 2);
208 }
209
210 printf("%s param_length=%d data_length=%d\n", fn->name, pcnt, dcnt);
211
212 if (request) {
213 if (words[0] == 8) {
214 smb_fdata(words + 1,
215 "Trans2Secondary\nTotParam=[d]\nTotData=[d]\nParamCnt=[d]\nParamOff=[d]\nParamDisp=[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nHandle=[d]\n",
216 maxbuf, unicodestr);
217 return;
218 } else {
219 smb_fdata(words + 1,
220 "TotParam=[d]\nTotData=[d]\nMaxParam=[d]\nMaxData=[d]\nMaxSetup=[b][P1]\nFlags=[w]\nTimeOut=[D]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nDataCnt=[d]\nDataOff=[d]\nSetupCnt=[b][P1]\n",
221 words + 1 + 14 * 2, unicodestr);
222 }
223 f1 = fn->descript.req_f1;
224 f2 = fn->descript.req_f2;
225 } else {
226 smb_fdata(words + 1,
227 "TotParam=[d]\nTotData=[d]\nRes1=[w]\nParamCnt=[d]\nParamOff=[d]\nParamDisp[d]\nDataCnt=[d]\nDataOff=[d]\nDataDisp=[d]\nSetupCnt=[b][P1]\n",
228 words + 1 + 10 * 2, unicodestr);
229 f1 = fn->descript.rep_f1;
230 f2 = fn->descript.rep_f2;
231 }
232
233 TCHECK2(*dat, 2);
234 bcc = EXTRACT_LE_16BITS(dat);
235 printf("smb_bcc=%u\n", bcc);
236 if (fn->descript.fn)
237 (*fn->descript.fn)(param, data, pcnt, dcnt);
238 else {
239 smb_fdata(param, f1 ? f1 : "Parameters=\n", param + pcnt, unicodestr);
240 smb_fdata(data, f2 ? f2 : "Data=\n", data + dcnt, unicodestr);
241 }
242 return;
243 trunc:
244 printf("[|SMB]");
245 return;
246 }
247
248
249 static void
250 print_browse(const u_char *param, int paramlen, const u_char *data, int datalen)
251 {
252 const u_char *maxbuf = data + datalen;
253 int command;
254
255 TCHECK(data[0]);
256 command = data[0];
257
258 smb_fdata(param, "BROWSE PACKET\n|Param ", param+paramlen, unicodestr);
259
260 switch (command) {
261 case 0xF:
262 data = smb_fdata(data,
263 "BROWSE PACKET:\nType=[B] (LocalMasterAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nElectionVersion=[w]\nBrowserConstant=[w]\n",
264 maxbuf, unicodestr);
265 break;
266
267 case 0x1:
268 data = smb_fdata(data,
269 "BROWSE PACKET:\nType=[B] (HostAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nElectionVersion=[w]\nBrowserConstant=[w]\n",
270 maxbuf, unicodestr);
271 break;
272
273 case 0x2:
274 data = smb_fdata(data,
275 "BROWSE PACKET:\nType=[B] (AnnouncementRequest)\nFlags=[B]\nReplySystemName=[S]\n",
276 maxbuf, unicodestr);
277 break;
278
279 case 0xc:
280 data = smb_fdata(data,
281 "BROWSE PACKET:\nType=[B] (WorkgroupAnnouncement)\nUpdateCount=[w]\nRes1=[B]\nAnnounceInterval=[d]\nName=[n2]\nMajorVersion=[B]\nMinorVersion=[B]\nServerType=[W]\nCommentPointer=[W]\nServerName=[S]\n",
282 maxbuf, unicodestr);
283 break;
284
285 case 0x8:
286 data = smb_fdata(data,
287 "BROWSE PACKET:\nType=[B] (ElectionFrame)\nElectionVersion=[B]\nOSSummary=[W]\nUptime=[(W, W)]\nServerName=[S]\n",
288 maxbuf, unicodestr);
289 break;
290
291 case 0xb:
292 data = smb_fdata(data,
293 "BROWSE PACKET:\nType=[B] (BecomeBackupBrowser)\nName=[S]\n",
294 maxbuf, unicodestr);
295 break;
296
297 case 0x9:
298 data = smb_fdata(data,
299 "BROWSE PACKET:\nType=[B] (GetBackupList)\nListCount?=[B]\nToken=[W]\n",
300 maxbuf, unicodestr);
301 break;
302
303 case 0xa:
304 data = smb_fdata(data,
305 "BROWSE PACKET:\nType=[B] (BackupListResponse)\nServerCount?=[B]\nToken=[W]\n*Name=[S]\n",
306 maxbuf, unicodestr);
307 break;
308
309 case 0xd:
310 data = smb_fdata(data,
311 "BROWSE PACKET:\nType=[B] (MasterAnnouncement)\nMasterName=[S]\n",
312 maxbuf, unicodestr);
313 break;
314
315 case 0xe:
316 data = smb_fdata(data,
317 "BROWSE PACKET:\nType=[B] (ResetBrowser)\nOptions=[B]\n", maxbuf, unicodestr);
318 break;
319
320 default:
321 data = smb_fdata(data, "Unknown Browser Frame ", maxbuf, unicodestr);
322 break;
323 }
324 return;
325 trunc:
326 printf("[|SMB]");
327 return;
328 }
329
330
331 static void
332 print_ipc(const u_char *param, int paramlen, const u_char *data, int datalen)
333 {
334 if (paramlen)
335 smb_fdata(param, "Command=[w]\nStr1=[S]\nStr2=[S]\n", param + paramlen,
336 unicodestr);
337 if (datalen)
338 smb_fdata(data, "IPC ", data + datalen, unicodestr);
339 }
340
341
342 static void
343 print_trans(const u_char *words, const u_char *data1, const u_char *buf, const u_char *maxbuf)
344 {
345 u_int bcc;
346 const char *f1, *f2, *f3, *f4;
347 const u_char *data, *param;
348 const u_char *w = words + 1;
349 int datalen, paramlen;
350
351 if (request) {
352 TCHECK2(w[12 * 2], 2);
353 paramlen = EXTRACT_LE_16BITS(w + 9 * 2);
354 param = buf + EXTRACT_LE_16BITS(w + 10 * 2);
355 datalen = EXTRACT_LE_16BITS(w + 11 * 2);
356 data = buf + EXTRACT_LE_16BITS(w + 12 * 2);
357 f1 = "TotParamCnt=[d] \nTotDataCnt=[d] \nMaxParmCnt=[d] \nMaxDataCnt=[d]\nMaxSCnt=[d] \nTransFlags=[w] \nRes1=[w] \nRes2=[w] \nRes3=[w]\nParamCnt=[d] \nParamOff=[d] \nDataCnt=[d] \nDataOff=[d] \nSUCnt=[d]\n";
358 f2 = "|Name=[S]\n";
359 f3 = "|Param ";
360 f4 = "|Data ";
361 } else {
362 TCHECK2(w[7 * 2], 2);
363 paramlen = EXTRACT_LE_16BITS(w + 3 * 2);
364 param = buf + EXTRACT_LE_16BITS(w + 4 * 2);
365 datalen = EXTRACT_LE_16BITS(w + 6 * 2);
366 data = buf + EXTRACT_LE_16BITS(w + 7 * 2);
367 f1 = "TotParamCnt=[d] \nTotDataCnt=[d] \nRes1=[d]\nParamCnt=[d] \nParamOff=[d] \nRes2=[d] \nDataCnt=[d] \nDataOff=[d] \nRes3=[d]\nLsetup=[d]\n";
368 f2 = "|Unknown ";
369 f3 = "|Param ";
370 f4 = "|Data ";
371 }
372
373 smb_fdata(words + 1, f1, SMBMIN(words + 1 + 2 * words[0], maxbuf),
374 unicodestr);
375
376 TCHECK2(*data1, 2);
377 bcc = EXTRACT_LE_16BITS(data1);
378 printf("smb_bcc=%u\n", bcc);
379 if (bcc > 0) {
380 smb_fdata(data1 + 2, f2, maxbuf - (paramlen + datalen), unicodestr);
381
382 if (strcmp((const char *)(data1 + 2), "\\MAILSLOT\\BROWSE") == 0) {
383 print_browse(param, paramlen, data, datalen);
384 return;
385 }
386
387 if (strcmp((const char *)(data1 + 2), "\\PIPE\\LANMAN") == 0) {
388 print_ipc(param, paramlen, data, datalen);
389 return;
390 }
391
392 if (paramlen)
393 smb_fdata(param, f3, SMBMIN(param + paramlen, maxbuf), unicodestr);
394 if (datalen)
395 smb_fdata(data, f4, SMBMIN(data + datalen, maxbuf), unicodestr);
396 }
397 return;
398 trunc:
399 printf("[|SMB]");
400 return;
401 }
402
403
404 static void
405 print_negprot(const u_char *words, const u_char *data, const u_char *buf _U_, const u_char *maxbuf)
406 {
407 u_int wct, bcc;
408 const char *f1 = NULL, *f2 = NULL;
409
410 TCHECK(words[0]);
411 wct = words[0];
412 if (request)
413 f2 = "*|Dialect=[Y]\n";
414 else {
415 if (wct == 1)
416 f1 = "Core Protocol\nDialectIndex=[d]";
417 else if (wct == 17)
418 f1 = "NT1 Protocol\nDialectIndex=[d]\nSecMode=[B]\nMaxMux=[d]\nNumVcs=[d]\nMaxBuffer=[D]\nRawSize=[D]\nSessionKey=[W]\nCapabilities=[W]\nServerTime=[T3]TimeZone=[d]\nCryptKey=";
419 else if (wct == 13)
420 f1 = "Coreplus/Lanman1/Lanman2 Protocol\nDialectIndex=[d]\nSecMode=[w]\nMaxXMit=[d]\nMaxMux=[d]\nMaxVcs=[d]\nBlkMode=[w]\nSessionKey=[W]\nServerTime=[T1]TimeZone=[d]\nRes=[W]\nCryptKey=";
421 }
422
423 if (f1)
424 smb_fdata(words + 1, f1, SMBMIN(words + 1 + wct * 2, maxbuf),
425 unicodestr);
426 else
427 print_data(words + 1, SMBMIN(wct * 2, PTR_DIFF(maxbuf, words + 1)));
428
429 TCHECK2(*data, 2);
430 bcc = EXTRACT_LE_16BITS(data);
431 printf("smb_bcc=%u\n", bcc);
432 if (bcc > 0) {
433 if (f2)
434 smb_fdata(data + 2, f2, SMBMIN(data + 2 + EXTRACT_LE_16BITS(data),
435 maxbuf), unicodestr);
436 else
437 print_data(data + 2, SMBMIN(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2)));
438 }
439 return;
440 trunc:
441 printf("[|SMB]");
442 return;
443 }
444
445 static void
446 print_sesssetup(const u_char *words, const u_char *data, const u_char *buf _U_, const u_char *maxbuf)
447 {
448 u_int wct, bcc;
449 const char *f1 = NULL, *f2 = NULL;
450
451 TCHECK(words[0]);
452 wct = words[0];
453 if (request) {
454 if (wct == 10)
455 f1 = "Com2=[w]\nOff2=[d]\nBufSize=[d]\nMpxMax=[d]\nVcNum=[d]\nSessionKey=[W]\nPassLen=[d]\nCryptLen=[d]\nCryptOff=[d]\nPass&Name=\n";
456 else
457 f1 = "Com2=[B]\nRes1=[B]\nOff2=[d]\nMaxBuffer=[d]\nMaxMpx=[d]\nVcNumber=[d]\nSessionKey=[W]\nCaseInsensitivePasswordLength=[d]\nCaseSensitivePasswordLength=[d]\nRes=[W]\nCapabilities=[W]\nPass1&Pass2&Account&Domain&OS&LanMan=\n";
458 } else {
459 if (wct == 3) {
460 f1 = "Com2=[w]\nOff2=[d]\nAction=[w]\n";
461 } else if (wct == 13) {
462 f1 = "Com2=[B]\nRes=[B]\nOff2=[d]\nAction=[w]\n";
463 f2 = "NativeOS=[S]\nNativeLanMan=[S]\nPrimaryDomain=[S]\n";
464 }
465 }
466
467 if (f1)
468 smb_fdata(words + 1, f1, SMBMIN(words + 1 + wct * 2, maxbuf),
469 unicodestr);
470 else
471 print_data(words + 1, SMBMIN(wct * 2, PTR_DIFF(maxbuf, words + 1)));
472
473 TCHECK2(*data, 2);
474 bcc = EXTRACT_LE_16BITS(data);
475 printf("smb_bcc=%u\n", bcc);
476 if (bcc > 0) {
477 if (f2)
478 smb_fdata(data + 2, f2, SMBMIN(data + 2 + EXTRACT_LE_16BITS(data),
479 maxbuf), unicodestr);
480 else
481 print_data(data + 2, SMBMIN(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2)));
482 }
483 return;
484 trunc:
485 printf("[|SMB]");
486 return;
487 }
488
489 static void
490 print_lockingandx(const u_char *words, const u_char *data, const u_char *buf _U_, const u_char *maxbuf)
491 {
492 u_int wct, bcc;
493 const u_char *maxwords;
494 const char *f1 = NULL, *f2 = NULL;
495
496 TCHECK(words[0]);
497 wct = words[0];
498 if (request) {
499 f1 = "Com2=[w]\nOff2=[d]\nHandle=[d]\nLockType=[w]\nTimeOut=[D]\nUnlockCount=[d]\nLockCount=[d]\n";
500 TCHECK(words[7]);
501 if (words[7] & 0x10)
502 f2 = "*Process=[d]\n[P2]Offset=[M]\nLength=[M]\n";
503 else
504 f2 = "*Process=[d]\nOffset=[D]\nLength=[D]\n";
505 } else {
506 f1 = "Com2=[w]\nOff2=[d]\n";
507 }
508
509 maxwords = SMBMIN(words + 1 + wct * 2, maxbuf);
510 if (wct)
511 smb_fdata(words + 1, f1, maxwords, unicodestr);
512
513 TCHECK2(*data, 2);
514 bcc = EXTRACT_LE_16BITS(data);
515 printf("smb_bcc=%u\n", bcc);
516 if (bcc > 0) {
517 if (f2)
518 smb_fdata(data + 2, f2, SMBMIN(data + 2 + EXTRACT_LE_16BITS(data),
519 maxbuf), unicodestr);
520 else
521 print_data(data + 2, SMBMIN(EXTRACT_LE_16BITS(data), PTR_DIFF(maxbuf, data + 2)));
522 }
523 return;
524 trunc:
525 printf("[|SMB]");
526 return;
527 }
528
529
530 static struct smbfns smb_fns[] = {
531 { -1, "SMBunknown", 0, DEFDESCRIPT },
532
533 { SMBtcon, "SMBtcon", 0,
534 { NULL, "Path=[Z]\nPassword=[Z]\nDevice=[Z]\n",
535 "MaxXmit=[d]\nTreeId=[d]\n", NULL,
536 NULL } },
537
538 { SMBtdis, "SMBtdis", 0, DEFDESCRIPT },
539 { SMBexit, "SMBexit", 0, DEFDESCRIPT },
540 { SMBioctl, "SMBioctl", 0, DEFDESCRIPT },
541
542 { SMBecho, "SMBecho", 0,
543 { "ReverbCount=[d]\n", NULL,
544 "SequenceNum=[d]\n", NULL,
545 NULL } },
546
547 { SMBulogoffX, "SMBulogoffX", FLG_CHAIN, DEFDESCRIPT },
548
549 { SMBgetatr, "SMBgetatr", 0,
550 { NULL, "Path=[Z]\n",
551 "Attribute=[A]\nTime=[T2]Size=[D]\nRes=([w,w,w,w,w])\n", NULL,
552 NULL } },
553
554 { SMBsetatr, "SMBsetatr", 0,
555 { "Attribute=[A]\nTime=[T2]Res=([w,w,w,w,w])\n", "Path=[Z]\n",
556 NULL, NULL, NULL } },
557
558 { SMBchkpth, "SMBchkpth", 0,
559 { NULL, "Path=[Z]\n", NULL, NULL, NULL } },
560
561 { SMBsearch, "SMBsearch", 0,
562 { "Count=[d]\nAttrib=[A]\n",
563 "Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\n",
564 "Count=[d]\n",
565 "BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",
566 NULL } },
567
568 { SMBopen, "SMBopen", 0,
569 { "Mode=[w]\nAttribute=[A]\n", "Path=[Z]\n",
570 "Handle=[d]\nOAttrib=[A]\nTime=[T2]Size=[D]\nAccess=[w]\n",
571 NULL, NULL } },
572
573 { SMBcreate, "SMBcreate", 0,
574 { "Attrib=[A]\nTime=[T2]", "Path=[Z]\n", "Handle=[d]\n", NULL, NULL } },
575
576 { SMBmknew, "SMBmknew", 0,
577 { "Attrib=[A]\nTime=[T2]", "Path=[Z]\n", "Handle=[d]\n", NULL, NULL } },
578
579 { SMBunlink, "SMBunlink", 0,
580 { "Attrib=[A]\n", "Path=[Z]\n", NULL, NULL, NULL } },
581
582 { SMBread, "SMBread", 0,
583 { "Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n", NULL,
584 "Count=[d]\nRes=([w,w,w,w])\n", NULL, NULL } },
585
586 { SMBwrite, "SMBwrite", 0,
587 { "Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n", NULL,
588 "Count=[d]\n", NULL, NULL } },
589
590 { SMBclose, "SMBclose", 0,
591 { "Handle=[d]\nTime=[T2]", NULL, NULL, NULL, NULL } },
592
593 { SMBmkdir, "SMBmkdir", 0,
594 { NULL, "Path=[Z]\n", NULL, NULL, NULL } },
595
596 { SMBrmdir, "SMBrmdir", 0,
597 { NULL, "Path=[Z]\n", NULL, NULL, NULL } },
598
599 { SMBdskattr, "SMBdskattr", 0,
600 { NULL, NULL,
601 "TotalUnits=[d]\nBlocksPerUnit=[d]\nBlockSize=[d]\nFreeUnits=[d]\nMedia=[w]\n",
602 NULL, NULL } },
603
604 { SMBmv, "SMBmv", 0,
605 { "Attrib=[A]\n", "OldPath=[Z]\nNewPath=[Z]\n", NULL, NULL, NULL } },
606
607 /*
608 * this is a Pathworks specific call, allowing the
609 * changing of the root path
610 */
611 { pSETDIR, "SMBsetdir", 0, { NULL, "Path=[Z]\n", NULL, NULL, NULL } },
612
613 { SMBlseek, "SMBlseek", 0,
614 { "Handle=[d]\nMode=[w]\nOffset=[D]\n", "Offset=[D]\n", NULL, NULL, NULL } },
615
616 { SMBflush, "SMBflush", 0, { "Handle=[d]\n", NULL, NULL, NULL, NULL } },
617
618 { SMBsplopen, "SMBsplopen", 0,
619 { "SetupLen=[d]\nMode=[w]\n", "Ident=[Z]\n", "Handle=[d]\n",
620 NULL, NULL } },
621
622 { SMBsplclose, "SMBsplclose", 0,
623 { "Handle=[d]\n", NULL, NULL, NULL, NULL } },
624
625 { SMBsplretq, "SMBsplretq", 0,
626 { "MaxCount=[d]\nStartIndex=[d]\n", NULL,
627 "Count=[d]\nIndex=[d]\n",
628 "*Time=[T2]Status=[B]\nJobID=[d]\nSize=[D]\nRes=[B]Name=[s16]\n",
629 NULL } },
630
631 { SMBsplwr, "SMBsplwr", 0,
632 { "Handle=[d]\n", NULL, NULL, NULL, NULL } },
633
634 { SMBlock, "SMBlock", 0,
635 { "Handle=[d]\nCount=[D]\nOffset=[D]\n", NULL, NULL, NULL, NULL } },
636
637 { SMBunlock, "SMBunlock", 0,
638 { "Handle=[d]\nCount=[D]\nOffset=[D]\n", NULL, NULL, NULL, NULL } },
639
640 /* CORE+ PROTOCOL FOLLOWS */
641
642 { SMBreadbraw, "SMBreadbraw", 0,
643 { "Handle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nRes=[d]\n",
644 NULL, NULL, NULL, NULL } },
645
646 { SMBwritebraw, "SMBwritebraw", 0,
647 { "Handle=[d]\nTotalCount=[d]\nRes=[w]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nRes2=[W]\n|DataSize=[d]\nDataOff=[d]\n",
648 NULL, "WriteRawAck", NULL, NULL } },
649
650 { SMBwritec, "SMBwritec", 0,
651 { NULL, NULL, "Count=[d]\n", NULL, NULL } },
652
653 { SMBwriteclose, "SMBwriteclose", 0,
654 { "Handle=[d]\nCount=[d]\nOffset=[D]\nTime=[T2]Res=([w,w,w,w,w,w])",
655 NULL, "Count=[d]\n", NULL, NULL } },
656
657 { SMBlockread, "SMBlockread", 0,
658 { "Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n", NULL,
659 "Count=[d]\nRes=([w,w,w,w])\n", NULL, NULL } },
660
661 { SMBwriteunlock, "SMBwriteunlock", 0,
662 { "Handle=[d]\nByteCount=[d]\nOffset=[D]\nCountLeft=[d]\n", NULL,
663 "Count=[d]\n", NULL, NULL } },
664
665 { SMBreadBmpx, "SMBreadBmpx", 0,
666 { "Handle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nRes=[w]\n",
667 NULL,
668 "Offset=[D]\nTotCount=[d]\nRemaining=[d]\nRes=([w,w])\nDataSize=[d]\nDataOff=[d]\n",
669 NULL, NULL } },
670
671 { SMBwriteBmpx, "SMBwriteBmpx", 0,
672 { "Handle=[d]\nTotCount=[d]\nRes=[w]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nRes2=[W]\nDataSize=[d]\nDataOff=[d]\n", NULL,
673 "Remaining=[d]\n", NULL, NULL } },
674
675 { SMBwriteBs, "SMBwriteBs", 0,
676 { "Handle=[d]\nTotCount=[d]\nOffset=[D]\nRes=[W]\nDataSize=[d]\nDataOff=[d]\n",
677 NULL, "Count=[d]\n", NULL, NULL } },
678
679 { SMBsetattrE, "SMBsetattrE", 0,
680 { "Handle=[d]\nCreationTime=[T2]AccessTime=[T2]ModifyTime=[T2]", NULL,
681 NULL, NULL, NULL } },
682
683 { SMBgetattrE, "SMBgetattrE", 0,
684 { "Handle=[d]\n", NULL,
685 "CreationTime=[T2]AccessTime=[T2]ModifyTime=[T2]Size=[D]\nAllocSize=[D]\nAttribute=[A]\n",
686 NULL, NULL } },
687
688 { SMBtranss, "SMBtranss", 0, DEFDESCRIPT },
689 { SMBioctls, "SMBioctls", 0, DEFDESCRIPT },
690
691 { SMBcopy, "SMBcopy", 0,
692 { "TreeID2=[d]\nOFun=[w]\nFlags=[w]\n", "Path=[S]\nNewPath=[S]\n",
693 "CopyCount=[d]\n", "|ErrStr=[S]\n", NULL } },
694
695 { SMBmove, "SMBmove", 0,
696 { "TreeID2=[d]\nOFun=[w]\nFlags=[w]\n", "Path=[S]\nNewPath=[S]\n",
697 "MoveCount=[d]\n", "|ErrStr=[S]\n", NULL } },
698
699 { SMBopenX, "SMBopenX", FLG_CHAIN,
700 { "Com2=[w]\nOff2=[d]\nFlags=[w]\nMode=[w]\nSearchAttrib=[A]\nAttrib=[A]\nTime=[T2]OFun=[w]\nSize=[D]\nTimeOut=[D]\nRes=[W]\n",
701 "Path=[S]\n",
702 "Com2=[w]\nOff2=[d]\nHandle=[d]\nAttrib=[A]\nTime=[T2]Size=[D]\nAccess=[w]\nType=[w]\nState=[w]\nAction=[w]\nFileID=[W]\nRes=[w]\n",
703 NULL, NULL } },
704
705 { SMBreadX, "SMBreadX", FLG_CHAIN,
706 { "Com2=[w]\nOff2=[d]\nHandle=[d]\nOffset=[D]\nMaxCount=[d]\nMinCount=[d]\nTimeOut=[D]\nCountLeft=[d]\n",
707 NULL,
708 "Com2=[w]\nOff2=[d]\nRemaining=[d]\nRes=[W]\nDataSize=[d]\nDataOff=[d]\nRes=([w,w,w,w])\n",
709 NULL, NULL } },
710
711 { SMBwriteX, "SMBwriteX", FLG_CHAIN,
712 { "Com2=[w]\nOff2=[d]\nHandle=[d]\nOffset=[D]\nTimeOut=[D]\nWMode=[w]\nCountLeft=[d]\nRes=[w]\nDataSize=[d]\nDataOff=[d]\n",
713 NULL,
714 "Com2=[w]\nOff2=[d]\nCount=[d]\nRemaining=[d]\nRes=[W]\n",
715 NULL, NULL } },
716
717 { SMBffirst, "SMBffirst", 0,
718 { "Count=[d]\nAttrib=[A]\n",
719 "Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n",
720 "Count=[d]\n",
721 "BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",
722 NULL } },
723
724 { SMBfunique, "SMBfunique", 0,
725 { "Count=[d]\nAttrib=[A]\n",
726 "Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n",
727 "Count=[d]\n",
728 "BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",
729 NULL } },
730
731 { SMBfclose, "SMBfclose", 0,
732 { "Count=[d]\nAttrib=[A]\n",
733 "Path=[Z]\nBlkType=[B]\nBlkLen=[d]\n|Res1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\n",
734 "Count=[d]\n",
735 "BlkType=[B]\nBlkLen=[d]\n*\nRes1=[B]\nMask=[s11]\nSrv1=[B]\nDirIndex=[d]\nSrv2=[w]\nRes2=[W]\nAttrib=[a]\nTime=[T1]Size=[D]\nName=[s13]\n",
736 NULL } },
737
738 { SMBfindnclose, "SMBfindnclose", 0,
739 { "Handle=[d]\n", NULL, NULL, NULL, NULL } },
740
741 { SMBfindclose, "SMBfindclose", 0,
742 { "Handle=[d]\n", NULL, NULL, NULL, NULL } },
743
744 { SMBsends, "SMBsends", 0,
745 { NULL, "Source=[Z]\nDest=[Z]\n", NULL, NULL, NULL } },
746
747 { SMBsendstrt, "SMBsendstrt", 0,
748 { NULL, "Source=[Z]\nDest=[Z]\n", "GroupID=[d]\n", NULL, NULL } },
749
750 { SMBsendend, "SMBsendend", 0,
751 { "GroupID=[d]\n", NULL, NULL, NULL, NULL } },
752
753 { SMBsendtxt, "SMBsendtxt", 0,
754 { "GroupID=[d]\n", NULL, NULL, NULL, NULL } },
755
756 { SMBsendb, "SMBsendb", 0,
757 { NULL, "Source=[Z]\nDest=[Z]\n", NULL, NULL, NULL } },
758
759 { SMBfwdname, "SMBfwdname", 0, DEFDESCRIPT },
760 { SMBcancelf, "SMBcancelf", 0, DEFDESCRIPT },
761 { SMBgetmac, "SMBgetmac", 0, DEFDESCRIPT },
762
763 { SMBnegprot, "SMBnegprot", 0,
764 { NULL, NULL, NULL, NULL, print_negprot } },
765
766 { SMBsesssetupX, "SMBsesssetupX", FLG_CHAIN,
767 { NULL, NULL, NULL, NULL, print_sesssetup } },
768
769 { SMBtconX, "SMBtconX", FLG_CHAIN,
770 { "Com2=[w]\nOff2=[d]\nFlags=[w]\nPassLen=[d]\nPasswd&Path&Device=\n",
771 NULL, "Com2=[w]\nOff2=[d]\n", "ServiceType=[R]\n", NULL } },
772
773 { SMBlockingX, "SMBlockingX", FLG_CHAIN,
774 { NULL, NULL, NULL, NULL, print_lockingandx } },
775
776 { SMBtrans2, "SMBtrans2", 0, { NULL, NULL, NULL, NULL, print_trans2 } },
777
778 { SMBtranss2, "SMBtranss2", 0, DEFDESCRIPT },
779 { SMBctemp, "SMBctemp", 0, DEFDESCRIPT },
780 { SMBreadBs, "SMBreadBs", 0, DEFDESCRIPT },
781 { SMBtrans, "SMBtrans", 0, { NULL, NULL, NULL, NULL, print_trans } },
782
783 { SMBnttrans, "SMBnttrans", 0, DEFDESCRIPT },
784 { SMBnttranss, "SMBnttranss", 0, DEFDESCRIPT },
785
786 { SMBntcreateX, "SMBntcreateX", FLG_CHAIN,
787 { "Com2=[w]\nOff2=[d]\nRes=[b]\nNameLen=[ld]\nFlags=[W]\nRootDirectoryFid=[D]\nAccessMask=[W]\nAllocationSize=[L]\nExtFileAttributes=[W]\nShareAccess=[W]\nCreateDisposition=[W]\nCreateOptions=[W]\nImpersonationLevel=[W]\nSecurityFlags=[b]\n",
788 "Path=[C]\n",
789 "Com2=[w]\nOff2=[d]\nOplockLevel=[b]\nFid=[d]\nCreateAction=[W]\nCreateTime=[T3]LastAccessTime=[T3]LastWriteTime=[T3]ChangeTime=[T3]ExtFileAttributes=[W]\nAllocationSize=[L]\nEndOfFile=[L]\nFileType=[w]\nDeviceState=[w]\nDirectory=[b]\n",
790 NULL, NULL } },
791
792 { SMBntcancel, "SMBntcancel", 0, DEFDESCRIPT },
793
794 { -1, NULL, 0, DEFDESCRIPT }
795 };
796
797
798 /*
799 * print a SMB message
800 */
801 static void
802 print_smb(const u_char *buf, const u_char *maxbuf)
803 {
804 u_int16_t flags2;
805 int nterrcodes;
806 int command;
807 u_int32_t nterror;
808 const u_char *words, *maxwords, *data;
809 struct smbfns *fn;
810 const char *fmt_smbheader =
811 "[P4]SMB Command = [B]\nError class = [BP1]\nError code = [d]\nFlags1 = [B]\nFlags2 = [B][P13]\nTree ID = [d]\nProc ID = [d]\nUID = [d]\nMID = [d]\nWord Count = [b]\n";
812 int smboffset;
813
814 TCHECK(buf[9]);
815 request = (buf[9] & 0x80) ? 0 : 1;
816 flags2 = EXTRACT_LE_16BITS(&buf[10]);
817 unicodestr = flags2 & 0x8000;
818 nterrcodes = flags2 & 0x4000;
819 startbuf = buf;
820
821 command = buf[4];
822
823 fn = smbfind(command, smb_fns);
824
825 if (vflag > 1)
826 printf("\n");
827
828 printf("SMB PACKET: %s (%s)\n", fn->name, request ? "REQUEST" : "REPLY");
829
830 if (vflag < 2)
831 return;
832
833 /* print out the header */
834 smb_fdata(buf, fmt_smbheader, buf + 33, unicodestr);
835
836 if (nterrcodes) {
837 nterror = EXTRACT_LE_32BITS(&buf[5]);
838 if (nterror)
839 printf("NTError = %s\n", nt_errstr(nterror));
840 } else {
841 if (buf[5])
842 printf("SMBError = %s\n", smb_errstr(buf[5], EXTRACT_LE_16BITS(&buf[7])));
843 }
844
845 smboffset = 32;
846
847 for (;;) {
848 const char *f1, *f2;
849 int wct;
850 u_int bcc;
851 int newsmboffset;
852
853 words = buf + smboffset;
854 TCHECK(words[0]);
855 wct = words[0];
856 data = words + 1 + wct * 2;
857 maxwords = SMBMIN(data, maxbuf);
858
859 if (request) {
860 f1 = fn->descript.req_f1;
861 f2 = fn->descript.req_f2;
862 } else {
863 f1 = fn->descript.rep_f1;
864 f2 = fn->descript.rep_f2;
865 }
866
867 if (fn->descript.fn)
868 (*fn->descript.fn)(words, data, buf, maxbuf);
869 else {
870 if (wct) {
871 if (f1)
872 smb_fdata(words + 1, f1, words + 1 + wct * 2, unicodestr);
873 else {
874 int i;
875 int v;
876
877 for (i = 0; &words[1 + 2 * i] < maxwords; i++) {
878 TCHECK2(words[1 + 2 * i], 2);
879 v = EXTRACT_LE_16BITS(words + 1 + 2 * i);
880 printf("smb_vwv[%d]=%d (0x%X)\n", i, v, v);
881 }
882 }
883 }
884
885 TCHECK2(*data, 2);
886 bcc = EXTRACT_LE_16BITS(data);
887 printf("smb_bcc=%u\n", bcc);
888 if (f2) {
889 if (bcc > 0)
890 smb_fdata(data + 2, f2, data + 2 + bcc, unicodestr);
891 } else {
892 if (bcc > 0) {
893 printf("smb_buf[]=\n");
894 print_data(data + 2, SMBMIN(bcc, PTR_DIFF(maxbuf, data + 2)));
895 }
896 }
897 }
898
899 if ((fn->flags & FLG_CHAIN) == 0)
900 break;
901 if (wct == 0)
902 break;
903 TCHECK(words[1]);
904 command = words[1];
905 if (command == 0xFF)
906 break;
907 TCHECK2(words[3], 2);
908 newsmboffset = EXTRACT_LE_16BITS(words + 3);
909
910 fn = smbfind(command, smb_fns);
911
912 printf("\nSMB PACKET: %s (%s) (CHAINED)\n",
913 fn->name, request ? "REQUEST" : "REPLY");
914 if (newsmboffset <= smboffset) {
915 printf("Bad andX offset: %u <= %u\n", newsmboffset, smboffset);
916 break;
917 }
918 smboffset = newsmboffset;
919 }
920
921 printf("\n");
922 return;
923 trunc:
924 printf("[|SMB]");
925 return;
926 }
927
928
929 /*
930 * print a NBT packet received across tcp on port 139
931 */
932 void
933 nbt_tcp_print(const u_char *data, int length)
934 {
935 int caplen;
936 int type;
937 u_int nbt_len;
938 const u_char *maxbuf;
939
940 if (length < 4)
941 goto trunc;
942 if (snapend < data)
943 goto trunc;
944 caplen = snapend - data;
945 if (caplen < 4)
946 goto trunc;
947 maxbuf = data + caplen;
948 type = data[0];
949 nbt_len = EXTRACT_16BITS(data + 2);
950 length -= 4;
951 caplen -= 4;
952
953 startbuf = data;
954
955 if (vflag < 2) {
956 printf(" NBT Session Packet: ");
957 switch (type) {
958 case 0x00:
959 printf("Session Message");
960 break;
961
962 case 0x81:
963 printf("Session Request");
964 break;
965
966 case 0x82:
967 printf("Session Granted");
968 break;
969
970 case 0x83:
971 {
972 int ecode;
973
974 if (nbt_len < 4)
975 goto trunc;
976 if (length < 4)
977 goto trunc;
978 if (caplen < 4)
979 goto trunc;
980 ecode = data[4];
981
982 printf("Session Reject, ");
983 switch (ecode) {
984 case 0x80:
985 printf("Not listening on called name");
986 break;
987 case 0x81:
988 printf("Not listening for calling name");
989 break;
990 case 0x82:
991 printf("Called name not present");
992 break;
993 case 0x83:
994 printf("Called name present, but insufficient resources");
995 break;
996 default:
997 printf("Unspecified error 0x%X", ecode);
998 break;
999 }
1000 }
1001 break;
1002
1003 case 0x85:
1004 printf("Session Keepalive");
1005 break;
1006
1007 default:
1008 data = smb_fdata(data, "Unknown packet type [rB]", maxbuf, 0);
1009 break;
1010 }
1011 } else {
1012 printf ("\n>>> NBT Session Packet\n");
1013 switch (type) {
1014 case 0x00:
1015 data = smb_fdata(data, "[P1]NBT Session Message\nFlags=[B]\nLength=[rd]\n",
1016 data + 4, 0);
1017 if (data == NULL)
1018 break;
1019 if (nbt_len >= 4 && caplen >= 4 && memcmp(data,"\377SMB",4) == 0) {
1020 if ((int)nbt_len > caplen) {
1021 if ((int)nbt_len > length)
1022 printf("WARNING: Packet is continued in later TCP segments\n");
1023 else
1024 printf("WARNING: Short packet. Try increasing the snap length by %d\n",
1025 nbt_len - caplen);
1026 }
1027 print_smb(data, maxbuf > data + nbt_len ? data + nbt_len : maxbuf);
1028 } else
1029 printf("Session packet:(raw data or continuation?)\n");
1030 break;
1031
1032 case 0x81:
1033 data = smb_fdata(data,
1034 "[P1]NBT Session Request\nFlags=[B]\nLength=[rd]\nDestination=[n1]\nSource=[n1]\n",
1035 maxbuf, 0);
1036 break;
1037
1038 case 0x82:
1039 data = smb_fdata(data, "[P1]NBT Session Granted\nFlags=[B]\nLength=[rd]\n", maxbuf, 0);
1040 break;
1041
1042 case 0x83:
1043 {
1044 const u_char *origdata;
1045 int ecode;
1046
1047 origdata = data;
1048 data = smb_fdata(data, "[P1]NBT SessionReject\nFlags=[B]\nLength=[rd]\nReason=[B]\n",
1049 maxbuf, 0);
1050 if (data == NULL)
1051 break;
1052 if (nbt_len >= 1 && caplen >= 1) {
1053 ecode = origdata[4];
1054 switch (ecode) {
1055 case 0x80:
1056 printf("Not listening on called name\n");
1057 break;
1058 case 0x81:
1059 printf("Not listening for calling name\n");
1060 break;
1061 case 0x82:
1062 printf("Called name not present\n");
1063 break;
1064 case 0x83:
1065 printf("Called name present, but insufficient resources\n");
1066 break;
1067 default:
1068 printf("Unspecified error 0x%X\n", ecode);
1069 break;
1070 }
1071 }
1072 }
1073 break;
1074
1075 case 0x85:
1076 data = smb_fdata(data, "[P1]NBT Session Keepalive\nFlags=[B]\nLength=[rd]\n", maxbuf, 0);
1077 break;
1078
1079 default:
1080 data = smb_fdata(data, "NBT - Unknown packet type\nType=[B]\n", maxbuf, 0);
1081 break;
1082 }
1083 printf("\n");
1084 fflush(stdout);
1085 }
1086 return;
1087 trunc:
1088 printf("[|SMB]");
1089 return;
1090 }
1091
1092
1093 /*
1094 * print a NBT packet received across udp on port 137
1095 */
1096 void
1097 nbt_udp137_print(const u_char *data, int length)
1098 {
1099 const u_char *maxbuf = data + length;
1100 int name_trn_id, response, opcode, nm_flags, rcode;
1101 int qdcount, ancount, nscount, arcount;
1102 const char *opcodestr;
1103 const u_char *p;
1104 int total, i;
1105
1106 TCHECK2(data[10], 2);
1107 name_trn_id = EXTRACT_16BITS(data);
1108 response = (data[2] >> 7);
1109 opcode = (data[2] >> 3) & 0xF;
1110 nm_flags = ((data[2] & 0x7) << 4) + (data[3] >> 4);
1111 rcode = data[3] & 0xF;
1112 qdcount = EXTRACT_16BITS(data + 4);
1113 ancount = EXTRACT_16BITS(data + 6);
1114 nscount = EXTRACT_16BITS(data + 8);
1115 arcount = EXTRACT_16BITS(data + 10);
1116 startbuf = data;
1117
1118 if (maxbuf <= data)
1119 return;
1120
1121 if (vflag > 1)
1122 printf("\n>>> ");
1123
1124 printf("NBT UDP PACKET(137): ");
1125
1126 switch (opcode) {
1127 case 0: opcodestr = "QUERY"; break;
1128 case 5: opcodestr = "REGISTRATION"; break;
1129 case 6: opcodestr = "RELEASE"; break;
1130 case 7: opcodestr = "WACK"; break;
1131 case 8: opcodestr = "REFRESH(8)"; break;
1132 case 9: opcodestr = "REFRESH"; break;
1133 case 15: opcodestr = "MULTIHOMED REGISTRATION"; break;
1134 default: opcodestr = "OPUNKNOWN"; break;
1135 }
1136 printf("%s", opcodestr);
1137 if (response) {
1138 if (rcode)
1139 printf("; NEGATIVE");
1140 else
1141 printf("; POSITIVE");
1142 }
1143
1144 if (response)
1145 printf("; RESPONSE");
1146 else
1147 printf("; REQUEST");
1148
1149 if (nm_flags & 1)
1150 printf("; BROADCAST");
1151 else
1152 printf("; UNICAST");
1153
1154 if (vflag < 2)
1155 return;
1156
1157 printf("\nTrnID=0x%X\nOpCode=%d\nNmFlags=0x%X\nRcode=%d\nQueryCount=%d\nAnswerCount=%d\nAuthorityCount=%d\nAddressRecCount=%d\n",
1158 name_trn_id, opcode, nm_flags, rcode, qdcount, ancount, nscount,
1159 arcount);
1160
1161 p = data + 12;
1162
1163 total = ancount + nscount + arcount;
1164
1165 if (qdcount > 100 || total > 100) {
1166 printf("Corrupt packet??\n");
1167 return;
1168 }
1169
1170 if (qdcount) {
1171 printf("QuestionRecords:\n");
1172 for (i = 0; i < qdcount; i++) {
1173 p = smb_fdata(p,
1174 "|Name=[n1]\nQuestionType=[rw]\nQuestionClass=[rw]\n#",
1175 maxbuf, 0);
1176 if (p == NULL)
1177 goto out;
1178 }
1179 }
1180
1181 if (total) {
1182 printf("\nResourceRecords:\n");
1183 for (i = 0; i < total; i++) {
1184 int rdlen;
1185 int restype;
1186
1187 p = smb_fdata(p, "Name=[n1]\n#", maxbuf, 0);
1188 if (p == NULL)
1189 goto out;
1190 restype = EXTRACT_16BITS(p);
1191 p = smb_fdata(p, "ResType=[rw]\nResClass=[rw]\nTTL=[rD]\n", p + 8, 0);
1192 if (p == NULL)
1193 goto out;
1194 rdlen = EXTRACT_16BITS(p);
1195 printf("ResourceLength=%d\nResourceData=\n", rdlen);
1196 p += 2;
1197 if (rdlen == 6) {
1198 p = smb_fdata(p, "AddrType=[rw]\nAddress=[b.b.b.b]\n", p + rdlen, 0);
1199 if (p == NULL)
1200 goto out;
1201 } else {
1202 if (restype == 0x21) {
1203 int numnames;
1204
1205 TCHECK(*p);
1206 numnames = p[0];
1207 p = smb_fdata(p, "NumNames=[B]\n", p + 1, 0);
1208 if (p == NULL)
1209 goto out;
1210 while (numnames--) {
1211 p = smb_fdata(p, "Name=[n2]\t#", maxbuf, 0);
1212 if (p == NULL)
1213 goto out;
1214 TCHECK(*p);
1215 if (p[0] & 0x80)
1216 printf("<GROUP> ");
1217 switch (p[0] & 0x60) {
1218 case 0x00: printf("B "); break;
1219 case 0x20: printf("P "); break;
1220 case 0x40: printf("M "); break;
1221 case 0x60: printf("_ "); break;
1222 }
1223 if (p[0] & 0x10)
1224 printf("<DEREGISTERING> ");
1225 if (p[0] & 0x08)
1226 printf("<CONFLICT> ");
1227 if (p[0] & 0x04)
1228 printf("<ACTIVE> ");
1229 if (p[0] & 0x02)
1230 printf("<PERMANENT> ");
1231 printf("\n");
1232 p += 2;
1233 }
1234 } else {
1235 print_data(p, min(rdlen, length - (p - data)));
1236 p += rdlen;
1237 }
1238 }
1239 }
1240 }
1241
1242 if (p < maxbuf)
1243 smb_fdata(p, "AdditionalData:\n", maxbuf, 0);
1244
1245 out:
1246 printf("\n");
1247 fflush(stdout);
1248 return;
1249 trunc:
1250 printf("[|SMB]");
1251 return;
1252 }
1253
1254
1255
1256 /*
1257 * print a NBT packet received across udp on port 138
1258 */
1259 void
1260 nbt_udp138_print(const u_char *data, int length)
1261 {
1262 const u_char *maxbuf = data + length;
1263
1264 if (maxbuf > snapend)
1265 maxbuf = snapend;
1266 if (maxbuf <= data)
1267 return;
1268 startbuf = data;
1269
1270 if (vflag < 2) {
1271 printf("NBT UDP PACKET(138)");
1272 return;
1273 }
1274
1275 data = smb_fdata(data,
1276 "\n>>> NBT UDP PACKET(138) Res=[rw] ID=[rw] IP=[b.b.b.b] Port=[rd] Length=[rd] Res2=[rw]\nSourceName=[n1]\nDestName=[n1]\n#",
1277 maxbuf, 0);
1278
1279 if (data != NULL) {
1280 /* If there isn't enough data for "\377SMB", don't check for it. */
1281 if (&data[3] >= maxbuf)
1282 goto out;
1283
1284 if (memcmp(data, "\377SMB",4) == 0)
1285 print_smb(data, maxbuf);
1286 }
1287 out:
1288 printf("\n");
1289 fflush(stdout);
1290 }
1291
1292
1293 /*
1294 print netbeui frames
1295 */
1296 struct nbf_strings {
1297 const char *name;
1298 const char *nonverbose;
1299 const char *verbose;
1300 } nbf_strings[0x20] = {
1301 { "Add Group Name Query", ", [P23]Name to add=[n2]#",
1302 "[P5]ResponseCorrelator=[w]\n[P16]Name to add=[n2]\n" },
1303 { "Add Name Query", ", [P23]Name to add=[n2]#",
1304 "[P5]ResponseCorrelator=[w]\n[P16]Name to add=[n2]\n" },
1305 { "Name In Conflict", NULL, NULL },
1306 { "Status Query", NULL, NULL },
1307 { NULL, NULL, NULL }, /* not used */
1308 { NULL, NULL, NULL }, /* not used */
1309 { NULL, NULL, NULL }, /* not used */
1310 { "Terminate Trace", NULL, NULL },
1311 { "Datagram", NULL,
1312 "[P7]Destination=[n2]\nSource=[n2]\n" },
1313 { "Broadcast Datagram", NULL,
1314 "[P7]Destination=[n2]\nSource=[n2]\n" },
1315 { "Name Query", ", [P7]Name=[n2]#",
1316 "[P1]SessionNumber=[B]\nNameType=[B][P2]\nResponseCorrelator=[w]\nName=[n2]\nName of sender=[n2]\n" },
1317 { NULL, NULL, NULL }, /* not used */
1318 { NULL, NULL, NULL }, /* not used */
1319 { "Add Name Response", ", [P1]GroupName=[w] [P4]Destination=[n2] Source=[n2]#",
1320 "AddNameInProcess=[B]\nGroupName=[w]\nTransmitCorrelator=[w][P2]\nDestination=[n2]\nSource=[n2]\n" },
1321 { "Name Recognized", NULL,
1322 "[P1]Data2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nDestination=[n2]\nSource=[n2]\n" },
1323 { "Status Response", NULL, NULL },
1324 { NULL, NULL, NULL }, /* not used */
1325 { NULL, NULL, NULL }, /* not used */
1326 { NULL, NULL, NULL }, /* not used */
1327 { "Terminate Trace", NULL, NULL },
1328 { "Data Ack", NULL,
1329 "[P3]TransmitCorrelator=[w][P2]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1330 { "Data First/Middle", NULL,
1331 "Flags=[{RECEIVE_CONTINUE|NO_ACK||PIGGYBACK_ACK_INCLUDED|}]\nResyncIndicator=[w][P2]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1332 { "Data Only/Last", NULL,
1333 "Flags=[{|NO_ACK|PIGGYBACK_ACK_ALLOWED|PIGGYBACK_ACK_INCLUDED|}]\nResyncIndicator=[w][P2]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1334 { "Session Confirm", NULL,
1335 "Data1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1336 { "Session End", NULL,
1337 "[P1]Data2=[w][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1338 { "Session Initialize", NULL,
1339 "Data1=[B]\nData2=[w]\nTransmitCorrelator=[w]\nResponseCorelator=[w]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1340 { "No Receive", NULL,
1341 "Flags=[{|SEND_NO_ACK}]\nDataBytesAccepted=[b][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1342 { "Receive Outstanding", NULL,
1343 "[P1]DataBytesAccepted=[b][P4]\nRemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1344 { "Receive Continue", NULL,
1345 "[P2]TransmitCorrelator=[w]\n[P2]RemoteSessionNumber=[B]\nLocalSessionNumber=[B]\n" },
1346 { NULL, NULL, NULL }, /* not used */
1347 { NULL, NULL, NULL }, /* not used */
1348 { "Session Alive", NULL, NULL }
1349 };
1350
1351 void
1352 netbeui_print(u_short control, const u_char *data, int length)
1353 {
1354 const u_char *maxbuf = data + length;
1355 int len;
1356 int command;
1357 const u_char *data2;
1358 int is_truncated = 0;
1359
1360 if (maxbuf > snapend)
1361 maxbuf = snapend;
1362 TCHECK(data[4]);
1363 len = EXTRACT_LE_16BITS(data);
1364 command = data[4];
1365 data2 = data + len;
1366 if (data2 >= maxbuf) {
1367 data2 = maxbuf;
1368 is_truncated = 1;
1369 }
1370
1371 startbuf = data;
1372
1373 if (vflag < 2) {
1374 printf("NBF Packet: ");
1375 data = smb_fdata(data, "[P5]#", maxbuf, 0);
1376 } else {
1377 printf("\n>>> NBF Packet\nType=0x%X ", control);
1378 data = smb_fdata(data, "Length=[d] Signature=[w] Command=[B]\n#", maxbuf, 0);
1379 }
1380 if (data == NULL)
1381 goto out;
1382
1383 if (command > 0x1f || nbf_strings[command].name == NULL) {
1384 if (vflag < 2)
1385 data = smb_fdata(data, "Unknown NBF Command#", data2, 0);
1386 else
1387 data = smb_fdata(data, "Unknown NBF Command\n", data2, 0);
1388 } else {
1389 if (vflag < 2) {
1390 printf("%s", nbf_strings[command].name);
1391 if (nbf_strings[command].nonverbose != NULL)
1392 data = smb_fdata(data, nbf_strings[command].nonverbose, data2, 0);
1393 } else {
1394 printf("%s:\n", nbf_strings[command].name);
1395 if (nbf_strings[command].verbose != NULL)
1396 data = smb_fdata(data, nbf_strings[command].verbose, data2, 0);
1397 else
1398 printf("\n");
1399 }
1400 }
1401
1402 if (vflag < 2)
1403 return;
1404
1405 if (data == NULL)
1406 goto out;
1407
1408 if (is_truncated) {
1409 /* data2 was past the end of the buffer */
1410 goto out;
1411 }
1412
1413 /* If this isn't a command that would contain an SMB message, quit. */
1414 if (command != 0x08 && command != 0x09 && command != 0x15 &&
1415 command != 0x16)
1416 goto out;
1417
1418 /* If there isn't enough data for "\377SMB", don't look for it. */
1419 if (&data2[3] >= maxbuf)
1420 goto out;
1421
1422 if (memcmp(data2, "\377SMB",4) == 0)
1423 print_smb(data2, maxbuf);
1424 else {
1425 int i;
1426 for (i = 0; i < 128; i++) {
1427 if (&data2[i + 3] >= maxbuf)
1428 break;
1429 if (memcmp(&data2[i], "\377SMB", 4) == 0) {
1430 printf("found SMB packet at %d\n", i);
1431 print_smb(&data2[i], maxbuf);
1432 break;
1433 }
1434 }
1435 }
1436
1437 out:
1438 printf("\n");
1439 return;
1440 trunc:
1441 printf("[|SMB]");
1442 return;
1443 }
1444
1445
1446 /*
1447 * print IPX-Netbios frames
1448 */
1449 void
1450 ipx_netbios_print(const u_char *data, u_int length)
1451 {
1452 /*
1453 * this is a hack till I work out how to parse the rest of the
1454 * NetBIOS-over-IPX stuff
1455 */
1456 int i;
1457 const u_char *maxbuf;
1458
1459 maxbuf = data + length;
1460 /* Don't go past the end of the captured data in the packet. */
1461 if (maxbuf > snapend)
1462 maxbuf = snapend;
1463 startbuf = data;
1464 for (i = 0; i < 128; i++) {
1465 if (&data[i + 4] > maxbuf)
1466 break;
1467 if (memcmp(&data[i], "\377SMB", 4) == 0) {
1468 smb_fdata(data, "\n>>> IPX transport ", &data[i], 0);
1469 print_smb(&data[i], maxbuf);
1470 printf("\n");
1471 fflush(stdout);
1472 break;
1473 }
1474 }
1475 if (i == 128)
1476 smb_fdata(data, "\n>>> Unknown IPX ", maxbuf, 0);
1477 }
NetBSD on the FriendlyARM MINI2440