ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Smb2-protocol: [Smb2-protocol] Re: active opcodes

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Date: Sat, 12 Nov 2005 00:07:17 -0400
0x0c    is Cancel
0x0f    is Notify

See attached trace for the sequence
Create
Notify
Cancel
Close


Interestingly enough   a Cancel is sent with command sequernce number 0

It specifies which pending Notify to cancel by specifying the Process
Id  the server returned in the notify response.




On 11/11/05, tridge@xxxxxxxxx <tridge@xxxxxxxxx> wrote:
> My SMB2-SCAN opcode scanner shows the following active opcodes:
>
> Running SMB2-SCAN
> active opcode    0 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    1 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    2 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    3 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    4 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    5 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    6 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    7 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    8 gave status NT_STATUS_INVALID_PARAMETER
> active opcode    9 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   10 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   11 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   13 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   14 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   15 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   16 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   17 gave status NT_STATUS_INVALID_PARAMETER
> active opcode   18 gave status NT_STATUS_INVALID_PARAMETER
> SMB2-SCAN took 10.4705 secs
>
> of those, I am missing names for 2, 7, 10, 11, 12, 13, 15
>
> the ones I have identified are:
>
> #define SMB2_OP_NEGPROT   0x00
> #define SMB2_OP_SESSSETUP 0x01
> #define SMB2_OP_TCON      0x03
> #define SMB2_OP_TDIS      0x04
> #define SMB2_OP_CREATE    0x05
> #define SMB2_OP_CLOSE     0x06
> #define SMB2_OP_READ      0x08
> #define SMB2_OP_WRITE     0x09
> #define SMB2_OP_FIND      0x0e
> #define SMB2_OP_GETINFO   0x10
> #define SMB2_OP_SETINFO   0x11
> #define SMB2_OP_BREAK     0x12
>
> _______________________________________________
> Smb2-protocol mailing list
> Smb2-protocol@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/smb2-protocol
>

Attachment: smb2_notify_cancel.cap
Description: Binary data

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube