diff --git a/README.md b/README.md index 4064771..a1c005f 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ CIFS / SMB1 navel gazing, in 65816 assembly. -5/25/2015 - Current status: Connects on port 445, completes Protocol Negotiation, successfully sends login (on Setup_ANDX message), obsolete LM (DES) style password. Sends successful Tree_ANDX message, thus connecting to a remote share. Sends Open_ANDX message message, successfully opening a file. +5/26/2015 - Current status: Connects on port 445, completes Protocol Negotiation, successfully sends login (on Setup_ANDX message), obsolete LM (DES) style password. Sends successful Tree_ANDX message, thus connecting to a remote share. Sends Open_ANDX message, successfully opening a file. Sends Read_ANDX message, successfully reading a file and displaying its contents. Build 'CMD.S' with Merlin32 and the included Library directory. diff --git a/latest_tcpdump.txt b/latest_tcpdump.txt index 2c58ee0..e466868 100644 --- a/latest_tcpdump.txt +++ b/latest_tcpdump.txt @@ -1,50 +1,53 @@ 10.0.2.55 = Apple IIgs running Marinetti -10.0.2.1 = Raspberry Pi running A2SERVER, SMB credentials 'PI' / 'APPLE2' +10.0.2.1 = Raspberry Pi running A2SERVER, SMB credentials 'PI' / 'APPLE2' with hostname 'LIVINGROOM' and workgroup 'WORKGROUP' -00:16:01.908720 IP (tos 0x0, ttl 60, id 432, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [S], cksum 0x364e (correct), seq 255265896, win 16384, length 0 +01:21:25.052918 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.1 tell 10.0.2.55, length 46 + 0x0000: 0001 0800 0604 0001 000e 3aa2 a2a2 0a00 ..........:..... + 0x0010: 0237 0000 0000 0000 0a00 0201 0101 0101 .7.............. + 0x0020: 0101 0101 0101 0101 0101 0101 0101 .............. + +01:21:25.053068 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.0.2.1 is-at 8c:ae:4c:fe:6b:64, length 28 + 0x0000: 0001 0800 0604 0002 8cae 4cfe 6b64 0a00 ..........L.kd.. + 0x0010: 0201 000e 3aa2 a2a2 0a00 0237 ....:......7 + +01:21:28.062931 IP (tos 0x0, ttl 60, id 432, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [S], cksum 0x1d4c (correct), seq 285221793, win 16384, length 0 0x0000: 4500 0028 01b0 0000 3c06 64e9 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0c68 0000 0000 .........7.h.... - 0x0020: 5002 4000 364e 0000 0000 0000 0000 P.@.6N........ + 0x0010: 0a00 0201 0401 01bd 1100 23a1 0000 0000 ..........#..... + 0x0020: 5002 4000 1d4c 0000 0000 0000 0000 P.@..L........ -00:16:01.908987 IP (tos 0x0, ttl 64, id 34805, offset 0, flags [DF], proto TCP (6), length 40) - 10.0.2.1.445 > 10.0.2.55.1025: Flags [.], cksum 0x1852 (incorrect -> 0xb3d1), seq 1158421903, ack 254881673, win 15544, length 0 - 0x0000: 4500 0028 87f5 4000 4006 9aa3 0a00 0201 E..(..@.@....... - 0x0010: 0a00 0237 01bd 0401 450c 1d8f 0f31 2f89 ...7....E....1/. +01:21:28.063147 IP (tos 0x0, ttl 64, id 32470, offset 0, flags [DF], proto TCP (6), length 40) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [.], cksum 0x1852 (incorrect -> 0x554f), seq 411873053, ack 272181237, win 15544, length 0 + 0x0000: 4500 0028 7ed6 4000 4006 a3c2 0a00 0201 E..(~.@.@....... + 0x0010: 0a00 0237 01bd 0401 188c af1d 1039 27f5 ...7.........9'. 0x0020: 5010 3cb8 1852 0000 P.<..R.. -00:16:01.930860 IP (tos 0x0, ttl 60, id 433, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [R], cksum 0x1331 (correct), seq 254881673, win 16384, length 0 +01:21:28.085461 IP (tos 0x0, ttl 60, id 433, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [R], cksum 0x19bd (correct), seq 272181237, win 16384, length 0 0x0000: 4500 0028 01b1 0000 3c06 64e8 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f31 2f89 0000 0000 .........1/..... - 0x0020: 5004 4000 1331 0000 0000 0000 0000 P.@..1........ + 0x0010: 0a00 0201 0401 01bd 1039 27f5 0000 0000 .........9'..... + 0x0020: 5004 4000 19bd 0000 0000 0000 0000 P.@........... -00:16:01.951983 IP (tos 0x0, ttl 60, id 434, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [R], cksum 0x1331 (correct), seq 254881673, win 16384, length 0 +01:21:31.083243 IP (tos 0x0, ttl 60, id 434, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [S], cksum 0x1d4c (correct), seq 285221793, win 16384, length 0 0x0000: 4500 0028 01b2 0000 3c06 64e7 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f31 2f89 0000 0000 .........1/..... - 0x0020: 5004 4000 1331 0000 0000 0000 0000 P.@..1........ + 0x0010: 0a00 0201 0401 01bd 1100 23a1 0000 0000 ..........#..... + 0x0020: 5002 4000 1d4c 0000 0000 0000 0000 P.@..L........ -00:16:04.930396 IP (tos 0x0, ttl 60, id 435, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [S], cksum 0x364e (correct), seq 255265896, win 16384, length 0 - 0x0000: 4500 0028 01b3 0000 3c06 64e6 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0c68 0000 0000 .........7.h.... - 0x0020: 5002 4000 364e 0000 0000 0000 0000 P.@.6N........ - -00:16:04.930752 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 44) - 10.0.2.1.445 > 10.0.2.55.1025: Flags [S.], cksum 0x1856 (incorrect -> 0x3950), seq 1952741316, ack 255265897, win 14600, options [mss 1460], length 0 +01:21:31.083598 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 44) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [S.], cksum 0x1856 (incorrect -> 0x0f6f), seq 3169337375, ack 285221794, win 14600, options [mss 1460], length 0 0x0000: 4500 002c 0000 4000 4006 2295 0a00 0201 E..,..@.@."..... - 0x0010: 0a00 0237 01bd 0401 7464 77c4 0f37 0c69 ...7....tdw..7.i + 0x0010: 0a00 0237 01bd 0401 bce8 401f 1100 23a2 ...7......@...#. 0x0020: 6012 3908 1856 0000 0204 05b4 `.9..V...... -00:16:04.953220 IP (tos 0x0, ttl 60, id 436, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x4a15 (correct), seq 1, ack 1, win 16384, length 0 - 0x0000: 4500 0028 01b4 0000 3c06 64e5 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0c69 7464 77c5 .........7.itdw. - 0x0020: 5010 4000 4a15 0000 0000 0000 0000 P.@.J......... +01:21:31.106079 IP (tos 0x0, ttl 60, id 435, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x2034 (correct), seq 1, ack 1, win 16384, length 0 + 0x0000: 4500 0028 01b3 0000 3c06 64e6 0a00 0237 E..(....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 23a2 bce8 4020 ..........#...@. + 0x0020: 5010 4000 2034 0000 0000 0000 0000 P.@..4........ -00:16:05.059660 IP (tos 0x0, ttl 60, id 437, offset 0, flags [none], proto TCP (6), length 91) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0xbdfe (correct), seq 1:52, ack 1, win 16384, length 51 +01:21:31.209213 IP (tos 0x0, ttl 60, id 436, offset 0, flags [none], proto TCP (6), length 91) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x941d (correct), seq 1:52, ack 1, win 16384, length 51 SMB PACKET: SMBnegprot (REQUEST) SMB Command = 0x72 Error class = 0x0 @@ -60,21 +63,21 @@ smb_bcc=12 Dialect=NT LM 0.12 - 0x0000: 4500 005b 01b5 0000 3c06 64b1 0a00 0237 E..[....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0c69 7464 77c5 .........7.itdw. - 0x0020: 5018 4000 bdfe 0000 0000 002f ff53 4d42 P.@......../.SMB + 0x0000: 4500 005b 01b4 0000 3c06 64b2 0a00 0237 E..[....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 23a2 bce8 4020 ..........#...@. + 0x0020: 5018 4000 941d 0000 0000 002f ff53 4d42 P.@......../.SMB 0x0030: 7200 0000 0008 0100 0000 0000 0000 0000 r............... 0x0040: 0000 0000 0000 adde 0000 0100 000c 0002 ................ 0x0050: 4e54 204c 4d20 302e 3132 00 NT.LM.0.12. -00:16:05.059899 IP (tos 0x0, ttl 64, id 28006, offset 0, flags [DF], proto TCP (6), length 40) - 10.0.2.1.445 > 10.0.2.55.1025: Flags [.], cksum 0x1852 (incorrect -> 0x50da), seq 1, ack 52, win 14600, length 0 - 0x0000: 4500 0028 6d66 4000 4006 b532 0a00 0201 E..(mf@.@..2.... - 0x0010: 0a00 0237 01bd 0401 7464 77c5 0f37 0c9c ...7....tdw..7.. +01:21:31.209458 IP (tos 0x0, ttl 64, id 22635, offset 0, flags [DF], proto TCP (6), length 40) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [.], cksum 0x1852 (incorrect -> 0x26f9), seq 1, ack 52, win 14600, length 0 + 0x0000: 4500 0028 586b 4000 4006 ca2d 0a00 0201 E..(Xk@.@..-.... + 0x0010: 0a00 0237 01bd 0401 bce8 4020 1100 23d5 ...7......@...#. 0x0020: 5010 3908 1852 0000 P.9..R.. -00:16:05.065101 IP (tos 0x0, ttl 64, id 28007, offset 0, flags [DF], proto TCP (6), length 141) - 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0xe1cf (correct), seq 1:102, ack 52, win 14600, length 101 +01:21:31.214806 IP (tos 0x0, ttl 64, id 22636, offset 0, flags [DF], proto TCP (6), length 141) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x625a (correct), seq 1:102, ack 52, win 14600, length 101 SMB PACKET: SMBnegprot (REPLY) SMB Command = 0x72 Error class = 0x0 @@ -93,35 +96,35 @@ MaxMux=50 (0x32) NumVcs=1 (0x1) MaxBuffer=16644 (0x4104) RawSize=65536 (0x10000) -SessionKey=0x8F0 +SessionKey=0xC87 Capabilities=0x80F3FD -ServerTime=Mon May 25 00:16:06 2015 +ServerTime=Mon May 25 01:21:32 2015 TimeZone=240 (0xf0) CryptKey=Data: (1 bytes) [000] 08 \0x08 smb_bcc=28 -[000] 74 FC 8A 3F 94 43 F3 A8 57 00 4F 00 52 00 4B 00 t\0xfc\0x8a?\0x94C\0xf3\0xa8 W\0x00O\0x00R\0x00K\0x00 +[000] B1 FF 9B 89 49 EF 71 76 57 00 4F 00 52 00 4B 00 \0xb1\0xff\0x9b\0x89I\0xefqv W\0x00O\0x00R\0x00K\0x00 [010] 47 00 52 00 4F 00 55 00 50 00 00 00 G\0x00R\0x00O\0x00U\0x00 P\0x00\0x00\0x00 - 0x0000: 4500 008d 6d67 4000 4006 b4cc 0a00 0201 E...mg@.@....... - 0x0010: 0a00 0237 01bd 0401 7464 77c5 0f37 0c9c ...7....tdw..7.. - 0x0020: 5018 3908 e1cf 0000 0000 0061 ff53 4d42 P.9........a.SMB + 0x0000: 4500 008d 586c 4000 4006 c9c7 0a00 0201 E...Xl@.@....... + 0x0010: 0a00 0237 01bd 0401 bce8 4020 1100 23d5 ...7......@...#. + 0x0020: 5018 3908 625a 0000 0000 0061 ff53 4d42 P.9.bZ.....a.SMB 0x0030: 7200 0000 0088 0340 0000 0000 0000 0000 r......@........ 0x0040: 0000 0000 0000 adde 0000 0100 1100 0003 ................ - 0x0050: 3200 0100 0441 0000 0000 0100 f008 0000 2....A.......... - 0x0060: fdf3 8000 302c 8084 a196 d001 f000 081c ....0,.......... - 0x0070: 0074 fc8a 3f94 43f3 a857 004f 0052 004b .t..?.C..W.O.R.K + 0x0050: 3200 0100 0441 0000 0000 0100 870c 0000 2....A.......... + 0x0060: fdf3 8000 f416 aba8 aa96 d001 f000 081c ................ + 0x0070: 00b1 ff9b 8949 ef71 7657 004f 0052 004b .....I.qvW.O.R.K 0x0080: 0047 0052 004f 0055 0050 0000 00 .G.R.O.U.P... -00:16:05.113858 IP (tos 0x0, ttl 60, id 438, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x497d (correct), seq 52, ack 102, win 16384, length 0 - 0x0000: 4500 0028 01b6 0000 3c06 64e3 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0c9c 7464 782a .........7..tdx* - 0x0020: 5010 4000 497d 0000 0000 0000 0000 P.@.I}........ +01:21:31.267352 IP (tos 0x0, ttl 60, id 437, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x1f9c (correct), seq 52, ack 102, win 16384, length 0 + 0x0000: 4500 0028 01b5 0000 3c06 64e4 0a00 0237 E..(....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 23d5 bce8 4085 ..........#...@. + 0x0020: 5010 4000 1f9c 0000 0000 0000 0000 P.@........... -00:16:05.353446 IP (tos 0x0, ttl 60, id 439, offset 0, flags [none], proto TCP (6), length 183) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x7f37 (correct), seq 52:195, ack 102, win 16384, length 143 +01:21:31.507035 IP (tos 0x0, ttl 60, id 438, offset 0, flags [none], proto TCP (6), length 183) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x9903 (correct), seq 52:195, ack 102, win 16384, length 143 SMB PACKET: SMBsesssetupX (REQUEST) SMB Command = 0x73 Error class = 0x0 @@ -139,35 +142,35 @@ Off2=0 (0x0) MaxBuffer=16644 (0x4104) MaxMpx=50 (0x32) VcNumber=1 (0x1) -SessionKey=0x8F0 +SessionKey=0xC87 CaseInsensitivePasswordLength=24 (0x18) CaseSensitivePasswordLength=0 (0x0) Res=0x0 Capabilities=0x80F3FD Pass1&Pass2&Account&Domain&OS&LanMan= smb_bcc=78 -[000] F3 E1 2B C1 B9 1E F4 0B 7A E8 D5 93 F2 C6 56 11 \0xf3\0xe1+\0xc1\0xb9\0x1e\0xf4\0x0b z\0xe8\0xd5\0x93\0xf2\0xc6V\0x11 -[010] 2C 20 43 40 C5 58 11 C6 00 00 00 00 00 00 00 00 , C@\0xc5X\0x11\0xc6 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00 +[000] 9E 83 A5 64 71 8C 7A 1B 3E 90 0B 53 2D FC A2 26 \0x9e\0x83\0xa5dq\0x8cz\0x1b >\0x90\0x0bS-\0xfc\0xa2& +[010] 6D 9C B3 09 61 56 9C C7 00 00 00 00 00 00 00 00 m\0x9c\0xb3\0x09aV\0x9c\0xc7 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00 [020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00 [030] 50 49 00 57 4F 52 4B 47 52 4F 55 50 00 47 53 2F PI\0x00WORKG ROUP\0x00GS/ [040] 4F 53 00 41 70 70 6C 65 20 49 49 67 73 00 OS\0x00Apple IIgs\0x00 - 0x0000: 4500 00b7 01b7 0000 3c06 6453 0a00 0237 E.......<.dS...7 - 0x0010: 0a00 0201 0401 01bd 0f37 0c9c 7464 782a .........7..tdx* - 0x0020: 5018 4000 7f37 0000 0000 008b ff53 4d42 P.@..7.......SMB + 0x0000: 4500 00b7 01b6 0000 3c06 6454 0a00 0237 E.......<.dT...7 + 0x0010: 0a00 0201 0401 01bd 1100 23d5 bce8 4085 ..........#...@. + 0x0020: 5018 4000 9903 0000 0000 008b ff53 4d42 P.@..........SMB 0x0030: 7300 0000 0008 0100 0000 0000 0000 0000 s............... 0x0040: 0000 0000 0000 adde 0000 0100 0dff 0000 ................ - 0x0050: 0004 4132 0001 00f0 0800 0018 0000 0000 ..A2............ - 0x0060: 0000 00fd f380 004e 00f3 e12b c1b9 1ef4 .......N...+.... - 0x0070: 0b7a e8d5 93f2 c656 112c 2043 40c5 5811 .z.....V.,.C@.X. - 0x0080: c600 0000 0000 0000 0000 0000 0000 0000 ................ + 0x0050: 0004 4132 0001 0087 0c00 0018 0000 0000 ..A2............ + 0x0060: 0000 00fd f380 004e 009e 83a5 6471 8c7a .......N....dq.z + 0x0070: 1b3e 900b 532d fca2 266d 9cb3 0961 569c .>..S-..&m...aV. + 0x0080: c700 0000 0000 0000 0000 0000 0000 0000 ................ 0x0090: 0000 0000 0000 0000 0050 4900 574f 524b .........PI.WORK 0x00a0: 4752 4f55 5000 4753 2f4f 5300 4170 706c GROUP.GS/OS.Appl 0x00b0: 6520 4949 6773 00 e.IIgs. -00:16:05.355813 IP (tos 0x0, ttl 64, id 28008, offset 0, flags [DF], proto TCP (6), length 112) - 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x3907 (correct), seq 102:174, ack 195, win 15544, length 72 +01:21:31.509029 IP (tos 0x0, ttl 64, id 22637, offset 0, flags [DF], proto TCP (6), length 112) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x0f26 (correct), seq 102:174, ack 195, win 15544, length 72 SMB PACKET: SMBsesssetupX (REPLY) SMB Command = 0x73 Error class = 0x0 @@ -187,22 +190,22 @@ smb_bcc=27 [010] 00 57 4F 52 4B 47 52 4F 55 50 00 \0x00WORKGRO UP\0x00 - 0x0000: 4500 0070 6d68 4000 4006 b4e8 0a00 0201 E..pmh@.@....... - 0x0010: 0a00 0237 01bd 0401 7464 782a 0f37 0d2b ...7....tdx*.7.+ - 0x0020: 5018 3cb8 3907 0000 0000 0044 ff53 4d42 P.<.9......D.SMB + 0x0000: 4500 0070 586d 4000 4006 c9e3 0a00 0201 E..pXm@.@....... + 0x0010: 0a00 0237 01bd 0401 bce8 4085 1100 2464 ...7......@...$d + 0x0020: 5018 3cb8 0f26 0000 0000 0044 ff53 4d42 P.<..&.....D.SMB 0x0030: 7300 0000 0088 0340 0000 0000 0000 0000 s......@........ 0x0040: 0000 0000 0000 adde 6400 0100 03ff 0000 ........d....... 0x0050: 0001 001b 0055 6e69 7800 5361 6d62 6120 .....Unix.Samba. 0x0060: 332e 362e 3600 574f 524b 4752 4f55 5000 3.6.6.WORKGROUP. -00:16:05.406553 IP (tos 0x0, ttl 60, id 440, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x48a6 (correct), seq 195, ack 174, win 16384, length 0 - 0x0000: 4500 0028 01b8 0000 3c06 64e1 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0d2b 7464 7872 .........7.+tdxr - 0x0020: 5010 4000 48a6 0000 0000 0000 0000 P.@.H......... +01:21:31.559120 IP (tos 0x0, ttl 60, id 439, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x1ec5 (correct), seq 195, ack 174, win 16384, length 0 + 0x0000: 4500 0028 01b7 0000 3c06 64e2 0a00 0237 E..(....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 2464 bce8 40cd ..........$d..@. + 0x0020: 5010 4000 1ec5 0000 0000 0000 0000 P.@........... -00:16:05.527029 IP (tos 0x0, ttl 60, id 441, offset 0, flags [none], proto TCP (6), length 115) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0xc1b4 (correct), seq 195:270, ack 174, win 16384, length 75 +01:21:31.675661 IP (tos 0x0, ttl 60, id 440, offset 0, flags [none], proto TCP (6), length 115) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x97d3 (correct), seq 195:270, ack 174, win 16384, length 75 SMB PACKET: SMBtconX (REQUEST) SMB Command = 0x75 Error class = 0x0 @@ -225,17 +228,17 @@ smb_buf[]= [010] 46 49 4C 45 53 00 3F 3F 3F 3F 3F 00 FILES\0x00?? ???\0x00 - 0x0000: 4500 0073 01b9 0000 3c06 6495 0a00 0237 E..s....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0d2b 7464 7872 .........7.+tdxr - 0x0020: 5018 4000 c1b4 0000 0000 0047 ff53 4d42 P.@........G.SMB + 0x0000: 4500 0073 01b8 0000 3c06 6496 0a00 0237 E..s....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 2464 bce8 40cd ..........$d..@. + 0x0020: 5018 4000 97d3 0000 0000 0047 ff53 4d42 P.@........G.SMB 0x0030: 7500 0000 0008 0100 0000 0000 0000 0000 u............... 0x0040: 0000 0000 0000 adde 6400 0100 04ff 0000 ........d....... 0x0050: 0000 0001 001c 0000 5c5c 4c49 5649 4e47 ........\\LIVING 0x0060: 524f 4f4d 5c47 5346 494c 4553 003f 3f3f ROOM\GSFILES.??? 0x0070: 3f3f 00 ??. -00:16:05.547372 IP (tos 0x0, ttl 64, id 28009, offset 0, flags [DF], proto TCP (6), length 93) - 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x9f06 (correct), seq 174:227, ack 270, win 15544, length 53 +01:21:31.696071 IP (tos 0x0, ttl 64, id 22638, offset 0, flags [DF], proto TCP (6), length 93) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x7525 (correct), seq 174:227, ack 270, win 15544, length 53 SMB PACKET: SMBtconX (REPLY) SMB Command = 0x75 Error class = 0x0 @@ -257,21 +260,21 @@ Data: (5 bytes) [000] 4E 54 46 53 00 NTFS\0x00 - 0x0000: 4500 005d 6d69 4000 4006 b4fa 0a00 0201 E..]mi@.@....... - 0x0010: 0a00 0237 01bd 0401 7464 7872 0f37 0d76 ...7....tdxr.7.v - 0x0020: 5018 3cb8 9f06 0000 0000 0031 ff53 4d42 P.<........1.SMB + 0x0000: 4500 005d 586e 4000 4006 c9f5 0a00 0201 E..]Xn@.@....... + 0x0010: 0a00 0237 01bd 0401 bce8 40cd 1100 24af ...7......@...$. + 0x0020: 5018 3cb8 7525 0000 0000 0031 ff53 4d42 P.<.u%.....1.SMB 0x0030: 7500 0000 0088 0340 0000 0000 0000 0000 u......@........ 0x0040: 0000 0000 0100 adde 6400 0100 03ff 0000 ........d....... 0x0050: 0001 0008 0041 3a00 4e54 4653 00 .....A:.NTFS. -00:16:05.597997 IP (tos 0x0, ttl 60, id 442, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x4826 (correct), seq 270, ack 227, win 16384, length 0 - 0x0000: 4500 0028 01ba 0000 3c06 64df 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0d76 7464 78a7 .........7.vtdx. - 0x0020: 5010 4000 4826 0000 0000 0000 0000 P.@.H&........ +01:21:31.745968 IP (tos 0x0, ttl 60, id 441, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x1e45 (correct), seq 270, ack 227, win 16384, length 0 + 0x0000: 4500 0028 01b9 0000 3c06 64e0 0a00 0237 E..(....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 24af bce8 4102 ..........$...A. + 0x0020: 5010 4000 1e45 0000 0000 0000 0000 P.@..E........ -00:16:05.714370 IP (tos 0x0, ttl 60, id 443, offset 0, flags [none], proto TCP (6), length 119) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x6e78 (correct), seq 270:349, ack 227, win 16384, length 79 +01:21:31.866926 IP (tos 0x0, ttl 60, id 442, offset 0, flags [none], proto TCP (6), length 119) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x4497 (correct), seq 270:349, ack 227, win 16384, length 79 SMB PACKET: SMBopenX (REQUEST) SMB Command = 0x2D Error class = 0x0 @@ -298,17 +301,17 @@ smb_bcc=10 Path=\TESTFILE - 0x0000: 4500 0077 01bb 0000 3c06 648f 0a00 0237 E..w....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0d76 7464 78a7 .........7.vtdx. - 0x0020: 5018 4000 6e78 0000 0000 004b ff53 4d42 P.@.nx.....K.SMB + 0x0000: 4500 0077 01ba 0000 3c06 6490 0a00 0237 E..w....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 24af bce8 4102 ..........$...A. + 0x0020: 5018 4000 4497 0000 0000 004b ff53 4d42 P.@.D......K.SMB 0x0030: 2d00 0000 0008 0100 0000 0000 0000 0000 -............... 0x0040: 0000 0000 0100 adde 6400 0100 0fff 0000 ........d....... 0x0050: 0000 0000 0000 0000 0000 0000 0001 0000 ................ 0x0060: 0000 0000 0000 0000 0000 000a 005c 5445 .............\TE 0x0070: 5354 4649 4c45 00 STFILE. -00:16:05.717385 IP (tos 0x0, ttl 64, id 28010, offset 0, flags [DF], proto TCP (6), length 109) - 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0xcbec (correct), seq 227:296, ack 349, win 15544, length 69 +01:21:31.869427 IP (tos 0x0, ttl 64, id 22639, offset 0, flags [DF], proto TCP (6), length 109) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x8f24 (correct), seq 227:296, ack 349, win 15544, length 69 SMB PACKET: SMBopenX (REPLY) SMB Command = 0x2D Error class = 0x0 @@ -322,7 +325,7 @@ MID = 1 (0x1) Word Count = 15 (0xf) Com2=0xFF Off2=0 (0x0) -Handle=15093 (0x3af5) +Handle=19932 (0x4ddc) Attrib= Time=Sat Mar 3 10:43:04 2018 Size=44 (0x2c) @@ -335,16 +338,96 @@ Res=0x0 smb_bcc=0 - 0x0000: 4500 006d 6d6a 4000 4006 b4e9 0a00 0201 E..mmj@.@....... - 0x0010: 0a00 0237 01bd 0401 7464 78a7 0f37 0dc5 ...7....tdx..7.. - 0x0020: 5018 3cb8 cbec 0000 0000 0041 ff53 4d42 P.<........A.SMB + 0x0000: 4500 006d 586f 4000 4006 c9e4 0a00 0201 E..mXo@.@....... + 0x0010: 0a00 0237 01bd 0401 bce8 4102 1100 24fe ...7......A...$. + 0x0020: 5018 3cb8 8f24 0000 0000 0041 ff53 4d42 P.<..$.....A.SMB 0x0030: 2d00 0000 0088 0340 0000 0000 0000 0000 -......@........ 0x0040: 0000 0000 0100 adde 6400 0100 0fff 0000 ........d....... - 0x0050: 00f5 3a80 0063 4c62 552c 0000 0000 0000 ..:..cLbU,...... + 0x0050: 00dc 4d80 0063 4c62 552c 0000 0000 0000 ..M..cLbU,...... 0x0060: 0000 0001 0000 0000 0000 0000 00 ............. -00:16:05.771242 IP (tos 0x0, ttl 60, id 444, offset 0, flags [none], proto TCP (6), length 40) - 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x4792 (correct), seq 349, ack 296, win 16384, length 0 - 0x0000: 4500 0028 01bc 0000 3c06 64dd 0a00 0237 E..(....<.d....7 - 0x0010: 0a00 0201 0401 01bd 0f37 0dc5 7464 78ec .........7..tdx. - 0x0020: 5010 4000 4792 0000 0000 0000 0000 P.@.G......... +01:21:31.919908 IP (tos 0x0, ttl 60, id 443, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x1db1 (correct), seq 349, ack 296, win 16384, length 0 + 0x0000: 4500 0028 01bb 0000 3c06 64de 0a00 0237 E..(....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 24fe bce8 4147 ..........$...AG + 0x0020: 5010 4000 1db1 0000 0000 0000 0000 P.@........... + +01:21:32.040297 IP (tos 0x0, ttl 60, id 444, offset 0, flags [none], proto TCP (6), length 103) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x2ed6 (correct), seq 349:412, ack 296, win 16384, length 63 +SMB PACKET: SMBreadX (REQUEST) +SMB Command = 0x2E +Error class = 0x0 +Error code = 0 (0x0) +Flags1 = 0x8 +Flags2 = 0x1 +Tree ID = 1 (0x1) +Proc ID = 57005 (0xdead) +UID = 100 (0x64) +MID = 1 (0x1) +Word Count = 12 (0xc) +Com2=0xFF +Off2=0 (0x0) +Handle=19932 (0x4ddc) +Offset=0 (0x0) +MaxCount=1024 (0x400) +MinCount=0 (0x0) +TimeOut=0 (0x0) +CountLeft=0 (0x0) +Data: (4 bytes) +[000] 00 00 00 00 \0x00\0x00\0x00\0x00 +smb_bcc=0 + + + 0x0000: 4500 0067 01bc 0000 3c06 649e 0a00 0237 E..g....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 24fe bce8 4147 ..........$...AG + 0x0020: 5018 4000 2ed6 0000 0000 003b ff53 4d42 P.@........;.SMB + 0x0030: 2e00 0000 0008 0100 0000 0000 0000 0000 ................ + 0x0040: 0000 0000 0100 adde 6400 0100 0cff 0000 ........d....... + 0x0050: 00dc 4d00 0000 0000 0400 0000 0000 0000 ..M............. + 0x0060: 0000 0000 0000 00 ....... + +01:21:32.041173 IP (tos 0x0, ttl 64, id 22640, offset 0, flags [DF], proto TCP (6), length 147) + 10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x57d3 (correct), seq 296:403, ack 412, win 15544, length 107 +SMB PACKET: SMBreadX (REPLY) +SMB Command = 0x2E +Error class = 0x0 +Error code = 0 (0x0) +Flags1 = 0x88 +Flags2 = 0x3 +Tree ID = 1 (0x1) +Proc ID = 57005 (0xdead) +UID = 100 (0x64) +MID = 1 (0x1) +Word Count = 12 (0xc) +Com2=0xFF +Off2=0 (0x0) +Remaining=65535 (0xffff) +Res=0x0 +DataSize=44 (0x2c) +DataOff=59 (0x3b) +Res=(0x0,0x0,0x0,0x0) +Data: (2 bytes) +[000] 2C 00 ,\0x00 +smb_bcc=44 +smb_buf[]= +[000] 54 68 69 73 20 69 73 20 61 20 74 65 73 74 2E 20 This is a test. +[010] 53 6F 6D 65 74 68 69 6E 67 20 77 61 73 20 64 6F Somethin g was do +[020] 77 6E 6C 6F 61 64 65 64 20 3A 29 0A wnloaded :)\0x0a + + + 0x0000: 4500 0093 5870 4000 4006 c9bd 0a00 0201 E...Xp@.@....... + 0x0010: 0a00 0237 01bd 0401 bce8 4147 1100 253d ...7......AG..%= + 0x0020: 5018 3cb8 57d3 0000 0000 0067 ff53 4d42 P.<.W......g.SMB + 0x0030: 2e00 0000 0088 0340 0000 0000 0000 0000 .......@........ + 0x0040: 0000 0000 0100 adde 6400 0100 0cff 0000 ........d....... + 0x0050: 00ff ff00 0000 002c 003b 0000 0000 0000 .......,.;...... + 0x0060: 0000 002c 002c 0054 6869 7320 6973 2061 ...,.,.This.is.a + 0x0070: 2074 6573 742e 2053 6f6d 6574 6869 6e67 .test..Something + 0x0080: 2077 6173 2064 6f77 6e6c 6f61 6465 6420 .was.downloaded. + 0x0090: 3a29 0a :). + +01:21:32.091445 IP (tos 0x0, ttl 60, id 445, offset 0, flags [none], proto TCP (6), length 40) + 10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x1d07 (correct), seq 412, ack 403, win 16384, length 0 + 0x0000: 4500 0028 01bd 0000 3c06 64dc 0a00 0237 E..(....<.d....7 + 0x0010: 0a00 0201 0401 01bd 1100 253d bce8 41b2 ..........%=..A. + 0x0020: 5010 4000 1d07 0000 0000 0000 0000 P.@........... diff --git a/src/SMBDEMO.S b/src/SMBDEMO.S index f9cbbed..842e031 100644 --- a/src/SMBDEMO.S +++ b/src/SMBDEMO.S @@ -10,6 +10,7 @@ * Also introducing successful SMB_Tree_ANDX message. We connect to remote shares now. * Also introducing SMB_Open_ANDX message. We open a file now. * Monday, May 25, 2015 - Bugfixes on SMB_Open_ANDX; file opening now successful +* Also introducing SMB_Read_ANDX message. We read a file now. * * REFERENCES * smb.c / smb.h from libOGC @@ -750,13 +751,61 @@ sendloop5 PushWord #0000 pla cmp #2 bne noevent6 - jmp breakndie + jmp CTSClose3 noevent6 PushLong MySMBHandle jsr SMB_OpenFile_Poll bcc sendloop5 + tax + pla + phx ; save SFID + +; +; SMB_ReadFile +; + +readf PushLong CTSWinPtr + PushWord #1350 + PushLong #CTSTextD + _SetIText + + ; SFID already on stack still + PushLong MySMBHandle + PushLong #$E12000 ; read buffer = SHR screen + PushLong #$8000 ; size of read buffer + PushLong #0000 ; offset into file + jsr SMB_ReadFile + +sendloop6 PushWord #0000 + PushWord #$0006 + PushLong #EventRec + _EventAvail + pla + beq noevent7 + PushWord #0000 + PushLong #00000000 + _ModalDialog + pla + cmp #2 + bne noevent7 + jmp CTSClose3 + +noevent7 PushLong MySMBHandle + jsr SMB_ReadFile_Poll + bcc sendloop6 + +; +; Display what was downloaded +; + + ; squish length byte a little closer to the string + lda SMB_input+SMB_header_size+25 + xba + sta SMB_input+SMB_header_size+25 + + PushLong #SMB_input+SMB_header_size+26 + jsr InfoDialog -breakndie jmp SMB_staging_brk ; @@ -981,6 +1030,8 @@ CTSTextA str 'Status: Connect Failed' CTSTextB str 'Status: Logging In' CTSTextC str 'Status: Mounting Share' CTSTextD str 'Status: Opening \\testfile' +CTSTextE str 'Status: Reading testfile' +ascdata ds 100 ; we download this from testfile CTSItem6 dw 1360 ; id dw 77,120,87,300 ; bounds @@ -1184,6 +1235,7 @@ SMB_tmp4 = 18 SMB_tmp5 = 20 SMB_tmp6 = 22 SMB_tmp7 = 24 +SMB_tmp8 = 26 * SMB session information * TODO dynamically allocate these - see SMB_Init @@ -2285,6 +2337,7 @@ SMB_DiskInformation * * SMB_ReadFile - Read an open file from the remote share * Arguments: +* SFID of open file (one word, on stack) * SMB session handle (two words, on stack) * Long pointer to read buffer (two words, on stack) * Size of read buffer (two words, on stack) @@ -2292,7 +2345,11 @@ SMB_DiskInformation * Things I return on stack: * Carry flag set if error SMB_ReadFile plx ; return address + PullLong SMB_tmp7 ; SMB_tmp7/SMB_tmp8 = offset + PullLong SMB_tmp5 ; SMB_tmp5/SMB_tmp6 = sizeof read_buffer + PullLong SMB_tmp3 ; SMB_tmp3/SMB_tmp4 = *read_buffer PullLong SMB_sessid + PullWord SMB_tmp1 ; SMB_tmp1 = SFID phx ; saved return address PushWord #SMB_read_ANDX ; command @@ -2300,8 +2357,147 @@ SMB_ReadFile plx ; return address PushWord #CIFS_flags2 ; flags2 jsr _InitSMBHeader ; make an SMB header with this information -* TODO + sep $30 + mx %11 + lda #12 + sta SMB_staging+SMB_header_size ; word count + + lda #$ff + sta SMB_staging+SMB_header_size+1 ; next AndX + + lda #$00 + sta SMB_staging+SMB_header_size+2 ; AndX Reserved + + rep $30 + mx %00 + lda #$0000 + sta SMB_staging+SMB_header_size+3 ; AndX Offset + + lda SMB_tmp1 + sta SMB_staging+SMB_header_size+5 ; SFID + + lda SMB_tmp7 + sta SMB_staging+SMB_header_size+7 ; Offsetlow + lda SMB_tmp8 + sta SMB_staging+SMB_header_size+9 ; Offsetlow2 + + lda #1024 + sta SMB_staging+SMB_header_size+11 ; maxcountbytestoreturn + lda #0000 + sta SMB_staging+SMB_header_size+13 ; mincountbytestoreturn + + lda #0000 + sta SMB_staging+SMB_header_size+15 ; timeout + lda #0000 + sta SMB_staging+SMB_header_size+17 ; timeout2 + + lda #0000 + sta SMB_staging+SMB_header_size+19 ; remaining + + lda #0000 + sta SMB_staging+SMB_header_size+21 ; offsethigh + lda #0000 + sta SMB_staging+SMB_header_size+23 ; offsethigh2 + + lda #0000 + sta SMB_staging+SMB_header_size+25 ; byte count (always 0) + + clc + adc #SMB_header_size+27 + pha ; 'length' parameter for _SMB_Send + dec + dec + dec + dec + xba + sta SMB_staging+SMB_offset_tcplength+1 ; save length for naked-TCP dgram + + jsr _SMB_Send ; send our reply! + clc + rts + +* SMB_ReadFile_Poll - Call me until I tell you to stop, to receive and complete SMB Tree_ANDX +* Arguments: +* SMB session handle (two words, on stack) +* Things I return on stack: +* Setup status (word) +* $0000 - Setup proceeding +* $0001 - Setup finished +* $0002 - Setup failed +* Carry flag set means you can stop calling me +SMB_ReadFile_Poll + plx ; our return address + PullLong SMB_sessid ; your smb sessid + phx + + _TCPIPPoll + + PushWord #0000 ; space for result + ldy #SMB_sess_ipid-SMB_sess_begin + lda [SMB_sessid],y + pha ; push Marinetti IPID for this SMB_sessid + PushLong #statbuf + _TCPIPStatusTCP ; see if marinetti has anything for us + pla + cmp #terrNOCONNECTION + beq rf_trampoline + cmp #terrBADIPID + beq rf_trampoline + lda statbuf+8 ; get recvq size, low word + cmp #0000 ; yeah i know. for clarity. + beq rp_trampoline ; poll us again later, marinetti got nothing + + PushWord #0000 ; space for result + ldy #SMB_sess_ipid-SMB_sess_begin + lda [SMB_sessid],y + pha ; push Marinetti IPID for this SMB_sessid + PushWord #0000 ; bufftype: static pre-allocated buffer + PushLong #SMB_input ; where it's all goin + PushLong #SMB_max_net_read_size + PushLong #readbuf + _TCPIPReadTCP + + pla + cmp #terrNOCONNECTION + beq rf_trampoline + cmp #terrBADIPID + beq rf_trampoline + + jsr _SMB_Check ; do basic check to make sure we received SMB data + bcs rp_trampoline ; if not, wait for them to send again i guess + + bra rft_far +rf_trampoline jmp readx_failed +rp_trampoline jmp readx_proceeding +rft_far + lda SMB_input+SMB_offset_cmd + cmp #SMB_read_ANDX + bne rp_trampoline ; punt if not read_ANDX reply + + lda SMB_input+SMB_offset_eclass + cmp #0000 + bne rf_trampoline ; they returned an error, kbye + +; TODO something + +readx_finished plx ; our return address + PushWord #0001 ; finished! + phx + sec + rts + +readx_failed plx ; our return address + PushWord #0002 ; failure + phx + sec + rts + +readx_proceeding + plx ; our return address + PushWord #0000 ; in progress + phx + clc rts * diff --git a/src/smbdemo b/src/smbdemo index 0ecfb48..ab02e82 100644 Binary files a/src/smbdemo and b/src/smbdemo differ