Apple-2gs-SW
/
gscifs
mirror of https://github.com/cshepherd/gscifs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
gscifs/latest_tcpdump.txt

257 lines
11 KiB
Plaintext
Raw Blame History

10.0.2.55 = Apple IIgs running Marinetti
10.0.2.1 = Raspberry Pi running A2SERVER, SMB credentials 'PI' / 'APPLE2'
21:48:02.295804 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.2.1 tell 10.0.2.55, length 46
0x0000: 0001 0800 0604 0001 000e 3aa2 a2a2 0a00 ..........:.....
0x0010: 0237 0000 0000 0000 0a00 0201 0101 0101 .7..............
0x0020: 0101 0101 0101 0101 0101 0101 0101 ..............
21:48:02.295940 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.0.2.1 is-at 8c:ae:4c:fe:6b:64, length 28
0x0000: 0001 0800 0604 0002 8cae 4cfe 6b64 0a00 ..........L.kd..
0x0010: 0201 000e 3aa2 a2a2 0a00 0237 ....:......7
21:48:05.318403 IP (tos 0x0, ttl 60, id 434, offset 0, flags [none], proto TCP (6), length 40)
10.0.2.55.1025 > 10.0.2.1.445: Flags [S], cksum 0x37ff (correct), seq 219876563, win 16384, length 0
0x0000: 4500 0028 01b2 0000 3c06 64e7 0a00 0237 E..(....<.d....7
0x0010: 0a00 0201 0401 01bd 0d1b 0cd3 0000 0000 ................
0x0020: 5002 4000 37ff 0000 0000 0000 0000 P.@.7.........
21:48:05.318708 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 44)
10.0.2.1.445 > 10.0.2.55.1025: Flags [S.], cksum 0x1856 (incorrect -> 0x0585), seq 647756553, ack 219876564, win 14600, options [mss 1460], length 0
0x0000: 4500 002c 0000 4000 4006 2295 0a00 0201 E..,..@.@.".....
0x0010: 0a00 0237 01bd 0401 269b fb09 0d1b 0cd4 ...7....&.......
0x0020: 6012 3908 1856 0000 0204 05b4 `.9..V......
21:48:05.342031 IP (tos 0x0, ttl 60, id 435, offset 0, flags [none], proto TCP (6), length 40)
10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x164a (correct), seq 1, ack 1, win 16384, length 0
0x0000: 4500 0028 01b3 0000 3c06 64e6 0a00 0237 E..(....<.d....7
0x0010: 0a00 0201 0401 01bd 0d1b 0cd4 269b fb0a ............&...
0x0020: 5010 4000 164a 0000 0000 0000 0000 P.@..J........
21:48:05.445169 IP (tos 0x0, ttl 60, id 436, offset 0, flags [none], proto TCP (6), length 91)
10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x8a33 (correct), seq 1:52, ack 1, win 16384, length 51
SMB PACKET: SMBnegprot (REQUEST)
SMB Command = 0x72
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x8
Flags2 = 0x1
Tree ID = 0 (0x0)
Proc ID = 57005 (0xdead)
UID = 0 (0x0)
MID = 1 (0x1)
Word Count = 0 (0x0)
smb_bcc=12
Dialect=NT LM 0.12
0x0000: 4500 005b 01b4 0000 3c06 64b2 0a00 0237 E..[....<.d....7
0x0010: 0a00 0201 0401 01bd 0d1b 0cd4 269b fb0a ............&...
0x0020: 5018 4000 8a33 0000 0000 002f ff53 4d42 P.@..3...../.SMB
0x0030: 7200 0000 0008 0100 0000 0000 0000 0000 r...............
0x0040: 0000 0000 0000 adde 0000 0100 000c 0002 ................
0x0050: 4e54 204c 4d20 302e 3132 00 NT.LM.0.12.
21:48:05.445411 IP (tos 0x0, ttl 64, id 29952, offset 0, flags [DF], proto TCP (6), length 40)
10.0.2.1.445 > 10.0.2.55.1025: Flags [.], cksum 0x1852 (incorrect -> 0x1d0f), seq 1, ack 52, win 14600, length 0
0x0000: 4500 0028 7500 4000 4006 ad98 0a00 0201 E..(u.@.@.......
0x0010: 0a00 0237 01bd 0401 269b fb0a 0d1b 0d07 ...7....&.......
0x0020: 5010 3908 1852 0000 P.9..R..
21:48:05.450385 IP (tos 0x0, ttl 64, id 29953, offset 0, flags [DF], proto TCP (6), length 141)
10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x05dd (correct), seq 1:102, ack 52, win 14600, length 101
SMB PACKET: SMBnegprot (REPLY)
SMB Command = 0x72
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x88
Flags2 = 0x3
Tree ID = 0 (0x0)
Proc ID = 57005 (0xdead)
UID = 0 (0x0)
MID = 1 (0x1)
Word Count = 17 (0x11)
NT1 Protocol
DialectIndex=0 (0x0)
SecMode=0x3
MaxMux=50 (0x32)
NumVcs=1 (0x1)
MaxBuffer=16644 (0x4104)
RawSize=65536 (0x10000)
SessionKey=0x7F5E
Capabilities=0x80F3FD
ServerTime=Sun May 24 21:48:06 2015
TimeZone=240 (0xf0)
CryptKey=Data: (1 bytes)
[000] 08 \0x08
smb_bcc=28
[000] 19 2A FC F4 00 99 70 E1 57 00 4F 00 52 00 4B 00 \0x19*\0xfc\0xf4\0x00\0x99p\0xe1 W\0x00O\0x00R\0x00K\0x00
[010] 47 00 52 00 4F 00 55 00 50 00 00 00 G\0x00R\0x00O\0x00U\0x00 P\0x00\0x00\0x00
0x0000: 4500 008d 7501 4000 4006 ad32 0a00 0201 E...u.@.@..2....
0x0010: 0a00 0237 01bd 0401 269b fb0a 0d1b 0d07 ...7....&.......
0x0020: 5018 3908 05dd 0000 0000 0061 ff53 4d42 P.9........a.SMB
0x0030: 7200 0000 0088 0340 0000 0000 0000 0000 r......@........
0x0040: 0000 0000 0000 adde 0000 0100 1100 0003 ................
0x0050: 3200 0100 0441 0000 0000 0100 5e7f 0000 2....A......^...
0x0060: fdf3 8000 b789 d6d7 8c96 d001 f000 081c ................
0x0070: 0019 2afc f400 9970 e157 004f 0052 004b ..*....p.W.O.R.K
0x0080: 0047 0052 004f 0055 0050 0000 00 .G.R.O.U.P...
21:48:05.503428 IP (tos 0x0, ttl 60, id 437, offset 0, flags [none], proto TCP (6), length 40)
10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x15b2 (correct), seq 52, ack 102, win 16384, length 0
0x0000: 4500 0028 01b5 0000 3c06 64e4 0a00 0237 E..(....<.d....7
0x0010: 0a00 0201 0401 01bd 0d1b 0d07 269b fb6f ............&..o
0x0020: 5010 4000 15b2 0000 0000 0000 0000 P.@...........
21:48:05.743170 IP (tos 0x0, ttl 60, id 438, offset 0, flags [none], proto TCP (6), length 183)
10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0xf1d1 (correct), seq 52:195, ack 102, win 16384, length 143
SMB PACKET: SMBsesssetupX (REQUEST)
SMB Command = 0x73
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x8
Flags2 = 0x1
Tree ID = 0 (0x0)
Proc ID = 57005 (0xdead)
UID = 0 (0x0)
MID = 1 (0x1)
Word Count = 13 (0xd)
Com2=0xFF
Res1=0x0
Off2=0 (0x0)
MaxBuffer=16644 (0x4104)
MaxMpx=50 (0x32)
VcNumber=1 (0x1)
SessionKey=0x7F5E
CaseInsensitivePasswordLength=24 (0x18)
CaseSensitivePasswordLength=0 (0x0)
Res=0x0
Capabilities=0x80F3FD
Pass1&Pass2&Account&Domain&OS&LanMan=
smb_bcc=78
[000] 03 A2 EF AF 3B 63 80 33 F2 40 F0 26 71 F0 32 04 \0x03\0xa2\0xef\0xaf;c\0x803 \0xf2@\0xf0&q\0xf02\0x04
[010] CC BE F5 3D 4C DA 94 68 00 00 00 00 00 00 00 00 \0xcc\0xbe\0xf5=L\0xda\0x94h \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00 \0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00
[030] 50 49 00 57 4F 52 4B 47 52 4F 55 50 00 47 53 2F PI\0x00WORKG ROUP\0x00GS/
[040] 4F 53 00 41 70 70 6C 65 20 49 49 67 73 00 OS\0x00Apple IIgs\0x00
0x0000: 4500 00b7 01b6 0000 3c06 6454 0a00 0237 E.......<.dT...7
0x0010: 0a00 0201 0401 01bd 0d1b 0d07 269b fb6f ............&..o
0x0020: 5018 4000 f1d1 0000 0000 008b ff53 4d42 P.@..........SMB
0x0030: 7300 0000 0008 0100 0000 0000 0000 0000 s...............
0x0040: 0000 0000 0000 adde 0000 0100 0dff 0000 ................
0x0050: 0004 4132 0001 005e 7f00 0018 0000 0000 ..A2...^........
0x0060: 0000 00fd f380 004e 0003 a2ef af3b 6380 .......N.....;c.
0x0070: 33f2 40f0 2671 f032 04cc bef5 3d4c da94 3.@.&q.2....=L..
0x0080: 6800 0000 0000 0000 0000 0000 0000 0000 h...............
0x0090: 0000 0000 0000 0000 0050 4900 574f 524b .........PI.WORK
0x00a0: 4752 4f55 5000 4753 2f4f 5300 4170 706c GROUP.GS/OS.Appl
0x00b0: 6520 4949 6773 00 e.IIgs.
21:48:05.745141 IP (tos 0x0, ttl 64, id 29954, offset 0, flags [DF], proto TCP (6), length 112)
10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x053c (correct), seq 102:174, ack 195, win 15544, length 72
SMB PACKET: SMBsesssetupX (REPLY)
SMB Command = 0x73
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x88
Flags2 = 0x3
Tree ID = 0 (0x0)
Proc ID = 57005 (0xdead)
UID = 100 (0x64)
MID = 1 (0x1)
Word Count = 3 (0x3)
Com2=0xFF
Off2=0 (0x0)
Action=0x1
smb_bcc=27
[000] 55 6E 69 78 00 53 61 6D 62 61 20 33 2E 36 2E 36 Unix\0x00Sam ba 3.6.6
[010] 00 57 4F 52 4B 47 52 4F 55 50 00 \0x00WORKGRO UP\0x00
0x0000: 4500 0070 7502 4000 4006 ad4e 0a00 0201 E..pu.@.@..N....
0x0010: 0a00 0237 01bd 0401 269b fb6f 0d1b 0d96 ...7....&..o....
0x0020: 5018 3cb8 053c 0000 0000 0044 ff53 4d42 P.<..<.....D.SMB
0x0030: 7300 0000 0088 0340 0000 0000 0000 0000 s......@........
0x0040: 0000 0000 0000 adde 6400 0100 03ff 0000 ........d.......
0x0050: 0001 001b 0055 6e69 7800 5361 6d62 6120 .....Unix.Samba.
0x0060: 332e 362e 3600 574f 524b 4752 4f55 5000 3.6.6.WORKGROUP.
21:48:05.795344 IP (tos 0x0, ttl 60, id 439, offset 0, flags [none], proto TCP (6), length 40)
10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x14db (correct), seq 195, ack 174, win 16384, length 0
0x0000: 4500 0028 01b7 0000 3c06 64e2 0a00 0237 E..(....<.d....7
0x0010: 0a00 0201 0401 01bd 0d1b 0d96 269b fbb7 ............&...
0x0020: 5010 4000 14db 0000 0000 0000 0000 P.@...........
21:48:05.911881 IP (tos 0x0, ttl 60, id 440, offset 0, flags [none], proto TCP (6), length 115)
10.0.2.55.1025 > 10.0.2.1.445: Flags [P.], cksum 0x8de9 (correct), seq 195:270, ack 174, win 16384, length 75
SMB PACKET: SMBtconX (REQUEST)
SMB Command = 0x75
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x8
Flags2 = 0x1
Tree ID = 0 (0x0)
Proc ID = 57005 (0xdead)
UID = 100 (0x64)
MID = 1 (0x1)
Word Count = 4 (0x4)
Com2=0xFF
Off2=0 (0x0)
Flags=0x0
PassLen=1 (0x1)
Passwd&Path&Device=
smb_bcc=28
smb_buf[]=
[000] 00 5C 5C 4C 49 56 49 4E 47 52 4F 4F 4D 5C 47 53 \0x00\\LIVIN GROOM\GS
[010] 46 49 4C 45 53 00 3F 3F 3F 3F 3F 00 FILES\0x00?? ???\0x00
0x0000: 4500 0073 01b8 0000 3c06 6496 0a00 0237 E..s....<.d....7
0x0010: 0a00 0201 0401 01bd 0d1b 0d96 269b fbb7 ............&...
0x0020: 5018 4000 8de9 0000 0000 0047 ff53 4d42 P.@........G.SMB
0x0030: 7500 0000 0008 0100 0000 0000 0000 0000 u...............
0x0040: 0000 0000 0000 adde 6400 0100 04ff 0000 ........d.......
0x0050: 0000 0001 001c 0000 5c5c 4c49 5649 4e47 ........\\LIVING
0x0060: 524f 4f4d 5c47 5346 494c 4553 003f 3f3f ROOM\GSFILES.???
0x0070: 3f3f 00 ??.
21:48:05.932366 IP (tos 0x0, ttl 64, id 29955, offset 0, flags [DF], proto TCP (6), length 93)
10.0.2.1.445 > 10.0.2.55.1025: Flags [P.], cksum 0x6b3b (correct), seq 174:227, ack 270, win 15544, length 53
SMB PACKET: SMBtconX (REPLY)
SMB Command = 0x75
Error class = 0x0
Error code = 0 (0x0)
Flags1 = 0x88
Flags2 = 0x3
Tree ID = 1 (0x1)
Proc ID = 57005 (0xdead)
UID = 100 (0x64)
MID = 1 (0x1)
Word Count = 3 (0x3)
Com2=0xFF
Off2=0 (0x0)
Data: (2 bytes)
[000] 01 00 \0x01\0x00
smb_bcc=8
ServiceType=A:
Data: (5 bytes)
[000] 4E 54 46 53 00 NTFS\0x00
0x0000: 4500 005d 7503 4000 4006 ad60 0a00 0201 E..]u.@.@..`....
0x0010: 0a00 0237 01bd 0401 269b fbb7 0d1b 0de1 ...7....&.......
0x0020: 5018 3cb8 6b3b 0000 0000 0031 ff53 4d42 P.<.k;.....1.SMB
0x0030: 7500 0000 0088 0340 0000 0000 0000 0000 u......@........
0x0040: 0000 0000 0100 adde 6400 0100 03ff 0000 ........d.......
0x0050: 0001 0008 0041 3a00 4e54 4653 00 .....A:.NTFS.
21:48:05.982835 IP (tos 0x0, ttl 60, id 441, offset 0, flags [none], proto TCP (6), length 40)
10.0.2.55.1025 > 10.0.2.1.445: Flags [.], cksum 0x145b (correct), seq 270, ack 227, win 16384, length 0
0x0000: 4500 0028 01b9 0000 3c06 64e0 0a00 0237 E..(....<.d....7
0x0010: 0a00 0201 0401 01bd 0d1b 0de1 269b fbec ............&...
0x0020: 5010 4000 145b 0000 0000 0000 0000 P.@..[........
Reference in New Issue View Git Blame Copy Permalink