15:28:23.449208 192.168.1.15.33224 > 192.168.1.11.139: P [tcp sum ok] 3392492149:3392492243(94) ack 2068111808 win 26136 >>> NBT Packet NBT Session Packet Flags=0x0 Length=90 (0x5a) SMB PACKET: SMBtrans2 (REQUEST) SMB Command = 0x32 Error class = 0x0 Error code = 0 (0x0) Flags1 = 0x8 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 6 (0x6) Word Count = 15 (0xf) TRANSACT2_QPATHINFO param_length=22 data_length=0 TotParam=22 (0x16) TotData=0 (0x0) MaxParam=2 (0x2) MaxData=4356 (0x1104) MaxSetup=0 (0x0) Flags=0x0 TimeOut=0 (0x0) Res1=0x0 ParamCnt=22 (0x16) ParamOff=68 (0x44) DataCnt=0 (0x0) DataOff=90 (0x5a) SetupCnt=1 (0x1) TransactionName=Paramaters= Data: (22 bytes) [000] 01 01 00 00 00 00 5C 00 77 00 69 00 6E 00 6E 00 ......\. w.i.n.n. [010] 74 00 5C 00 00 00 t.\... Data= (DF) (ttl 64, id 12074, len 134) 0x0000 4500 0086 2f2a 4000 4006 87dd c0a8 010f E.../*@.@....... 0x0010 c0a8 010b 81c8 008b ca35 5275 7b44 e1c0 .........5Ru{D.. 0x0020 5018 6618 f5ec 0000 0000 005a ff53 4d42 P.f........Z.SMB 0x0030 3200 0000 0008 01c8 0000 0000 0000 0000 2............... 0x0040 0000 0000 0608 f70e 0210 0600 0f16 0000 ................ 0x0050 0002 0004 1100 0000 0000 0000 0000 0016 ................ 0x0060 0044 0000 005a 0001 0005 0019 0000 4420 .D...Z........D. 0x0070 0101 0000 0000 5c00 7700 6900 6e00 6e00 ......\.w.i.n.n. 0x0080 7400 5c00 0000 t.\... 15:28:23.466900 192.168.1.11.139 > 192.168.1.15.33224: P [tcp sum ok] 1:105(104) ack 94 win 8059 >>> NBT Packet NBT Session Packet Flags=0x0 Length=100 (0x64) SMB PACKET: SMBtrans2 (REPLY) SMB Command = 0x32 Error class = 0x0 Error code = 0 (0x0) Flags1 = 0x88 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 6 (0x6) Word Count = 10 (0xa) TRANSACT2_QPATHINFO param_length=2 data_length=40 TotParam=2 (0x2) TotData=40 (0x28) Res1=0x0 ParamCnt=2 (0x2) ParamOff=56 (0x38) ParamDisp0 (0x0) DataCnt=40 (0x28) DataOff=60 (0x3c) DataDisp=0 (0x0) SetupCnt=0 (0x0) Paramaters= Data: (2 bytes) [000] 00 00 .. Data= Data: (40 bytes) [000] 80 12 74 9F 64 7C BD 01 EF 97 86 67 1D 2F C5 01 ..t.d|.. ...g./.. [010] E7 08 CF A0 BE 25 C5 01 E7 08 CF A0 BE 25 C5 01 .....%.. .....%.. [020] 10 00 00 00 00 00 00 00 ........ (DF) (ttl 128, id 9684, len 144) 0x0000 4500 0090 25d4 4000 8006 5129 c0a8 010b E...%.@...Q).... 0x0010 c0a8 010f 008b 81c8 7b44 e1c0 ca35 52d3 ........{D...5R. 0x0020 5018 1f7b 8cb2 0000 0000 0064 ff53 4d42 P..{.......d.SMB 0x0030 3200 0000 0088 01c8 0000 0000 0000 0000 2............... 0x0040 0000 0000 0608 f70e 0210 0600 0a02 0028 ...............( 0x0050 0000 0002 0038 0000 0028 003c 0000 0000 .....8...(.<.... 0x0060 002d 0000 0000 0001 8012 749f 647c bd01 .-........t.d|.. 0x0070 ef97 8667 1d2f c501 e708 cfa0 be25 c501 ...g./.......%.. 0x0080 e708 cfa0 be25 c501 1000 0000 0000 0000 .....%.......... 15:28:23.567063 192.168.1.15.33224 > 192.168.1.11.139: . [tcp sum ok] 94:94(0) ack 105 win 26136 (DF) (ttl 64, id 12075, len 40) 0x0000 4500 0028 2f2b 4000 4006 883a c0a8 010f E..(/+@.@..:.... 0x0010 c0a8 010b 81c8 008b ca35 52d3 7b44 e228 .........5R.{D.( 0x0020 5010 6618 c987 0000 P.f..... 15:28:24.414617 192.168.1.15.33224 > 192.168.1.11.139: P [tcp sum ok] 94:196(102) ack 105 win 26136 >>> NBT Packet NBT Session Packet Flags=0x0 Length=98 (0x62) SMB PACKET: SMBtrans2 (REQUEST) SMB Command = 0x32 Error class = 0x0 Error code = 0 (0x0) Flags1 = 0x8 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 7 (0x7) Word Count = 15 (0xf) TRANSACT2_FINDFIRST param_length=30 data_length=0 TotParam=30 (0x1e) TotData=0 (0x0) MaxParam=10 (0xa) MaxData=4356 (0x1104) MaxSetup=0 (0x0) Flags=0x0 TimeOut=0 (0x0) Res1=0x0 ParamCnt=30 (0x1e) ParamOff=68 (0x44) DataCnt=0 (0x0) DataOff=98 (0x62) SetupCnt=1 (0x1) TransactionName=Attribute=HIDDEN SYSTEM DIR SearchCount=512 (0x200) Flags=0x6 Level=260 (0x104) File= Data: (16 bytes) [000] 77 00 69 00 6E 00 6E 00 74 00 5C 00 2A 00 00 00 w.i.n.n. t.\.*... (DF) (ttl 64, id 12081, len 142) 0x0000 4500 008e 2f31 4000 4006 87ce c0a8 010f E.../1@.@....... 0x0010 c0a8 010b 81c8 008b ca35 52d3 7b44 e228 .........5R.{D.( 0x0020 5018 6618 aaf0 0000 0000 0062 ff53 4d42 P.f........b.SMB 0x0030 3200 0000 0008 01c8 0000 0000 0000 0000 2............... 0x0040 0000 0000 0608 f70e 0210 0700 0f1e 0000 ................ 0x0050 000a 0004 1100 0000 0000 0000 0000 001e ................ 0x0060 0044 0000 0062 0001 0001 0021 0000 4420 .D...b.....!..D. 0x0070 1600 0002 0600 0401 0000 0000 5c00 7700 ............\.w. 0x0080 6900 6e00 6e00 7400 5c00 2a00 0000 i.n.n.t.\.*... 15:28:24.417959 192.168.1.11.139 > 192.168.1.15.33224: . [tcp sum ok] 105:1557(1452) ack 196 win 7957 >>> NBT Packet NBT Session Packet Flags=0x0 Length=4336 (0x10f0) WARNING: Short packet. Try increasing the snap length (1448) SMB PACKET: SMBtrans2 (REPLY) SMB Command = 0x32 Error class = 0x0 Error code = 0 (0x0) Flags1 = 0x88 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 7 (0x7) Word Count = 10 (0xa) TRANSACT2_FINDFIRST param_length=10 data_length=4268 TotParam=10 (0xa) TotData=4268 (0x10ac) Res1=0x0 ParamCnt=10 (0xa) ParamOff=56 (0x38) ParamDisp0 (0x0) DataCnt=4268 (0x10ac) DataOff=68 (0x44) DataDisp=0 (0x0) SetupCnt=0 (0x0) Handle=0x80B Count=36 (0x24) EOS=0x0 Eoffset=0 (0x0) LastNameOfs=0x1034 data: [000] 64 00 00 00 00 00 00 00 80 12 74 9F 64 7C BD 01 d....... ..t.d|.. [010] F0 A3 16 5C 1A 2F C5 01 E7 08 CF A0 BE 25 C5 01 ...\./.. .....%.. [020] E7 08 CF A0 BE 25 C5 01 00 00 00 00 00 00 00 00 .....%.. ........ [030] 00 00 00 00 00 00 00 00 10 00 00 00 02 00 00 00 ........ ........ [040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2E 00 ........ ........ [060] 00 00 00 00 68 00 00 00 00 00 00 00 80 12 74 9F ....h... ......t. [070] 64 7C BD 01 F0 A3 16 5C 1A 2F C5 01 E7 08 CF A0 d|.....\ ./...... [080] BE 25 C5 01 E7 08 CF A0 BE 25 C5 01 00 00 00 00 .%...... .%...... [090] 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 ........ ........ [0A0] 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0C0] 00 00 2E 00 2E 00 00 00 00 00 00 00 70 00 00 00 ........ ....p... [0D0] 00 00 00 00 00 37 BD 7B 2B 96 BD 01 1D E9 1C 11 .....7.{ +....... [0E0] 54 77 C4 01 00 8B 09 2C B8 44 C3 01 FA 4C 79 EF Tw....., .D...Ly. [0F0] 54 2E C5 01 ED 01 00 00 00 00 00 00 F0 01 00 00 T....... ........ [100] 00 00 00 00 80 00 00 00 0E 00 00 00 00 00 00 00 ........ ........ [110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [120] 00 00 00 00 00 00 00 00 00 00 39 00 6C 00 77 00 ........ ..9.l.w. [130] 2E 00 69 00 6E 00 69 00 00 00 00 00 78 00 00 00 ..i.n.i. ....x... [140] 00 00 00 00 00 75 2D 07 7C 6F BE 01 06 70 1E 11 .....u-. |o...p.. [150] 54 77 C4 01 00 08 25 20 66 5F B9 01 10 FF 2D B4 Tw....% f_....-. [160] 96 86 C4 01 70 05 00 00 00 00 00 00 70 05 00 00 ....p... ....p... [170] 00 00 00 00 80 00 00 00 16 00 00 00 00 00 00 00 ........ ........ [180] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [190] 00 00 00 00 00 00 00 00 00 00 41 00 43 00 52 00 ........ ..A.C.R. [1A0] 4F 00 43 00 41 00 54 00 2E 00 49 00 4E 00 49 00 O.C.A.T. ..I.N.I. [1B0] 00 00 00 00 78 00 00 00 00 00 00 00 80 79 C7 E8 ....x... .....y.. [1C0] 7B 6F BE 01 AE 94 72 E3 96 1A C5 01 AE 94 72 E3 {o....r. ......r. [1D0] 96 1A C5 01 FA 4C 79 EF 54 2E C5 01 F9 09 00 00 .....Ly. T....... [1E0] 00 00 00 00 00 0A 00 00 00 00 00 00 80 00 00 00 ........ ........ [1F0] 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [200] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [210] 00 00 41 00 43 00 52 00 4F 00 45 00 58 00 43 00 ..A.C.R. O.E.X.C. [220] 48 00 2E 00 49 00 4E 00 49 00 00 00 88 00 00 00 H...I.N. I....... [230] 00 00 00 00 80 DF 48 26 A5 7C BD 01 4C C6 4D 11 ......H& .|..L.M. [240] 54 77 C4 01 D4 1A 75 5F A1 75 C3 01 D0 1B 34 B4 Tw....u_ .u....4. [250] 96 86 C4 01 F7 87 00 00 00 00 00 00 00 90 00 00 ........ ........ [260] 00 00 00 00 80 00 00 00 28 00 00 00 00 00 00 00 ........ (....... [270] 18 00 41 00 43 00 54 00 49 00 56 00 45 00 7E 00 ..A.C.T. I.V.E.~. [280] 31 00 2E 00 54 00 58 00 54 00 41 00 63 00 74 00 1...T.X. T.A.c.t. [290] 69 00 76 00 65 00 20 00 53 00 65 00 74 00 75 00 i.v.e. . S.e.t.u. [2A0] 70 00 20 00 4C 00 6F 00 67 00 2E 00 74 00 78 00 p. .L.o. g...t.x. [2B0] 74 00 00 00 80 00 00 00 00 00 00 00 00 9B 44 37 t....... ......D7 [2C0] 2A 8C BD 01 AD 57 35 11 54 77 C4 01 00 81 1C 9E *....W5. Tw...... [2D0] 37 8C BD 01 30 2A 37 B4 96 86 C4 01 17 86 00 00 7...0*7. ........ [2E0] 00 00 00 00 00 90 00 00 00 00 00 00 80 00 00 00 ........ ........ [2F0] 20 00 00 00 00 00 00 00 18 00 41 00 43 00 54 00 ....... ..A.C.T. [300] 49 00 56 00 45 00 7E 00 31 00 2E 00 4C 00 4F 00 I.V.E.~. 1...L.O. [310] 47 00 41 00 63 00 74 00 69 00 76 00 65 00 20 00 G.A.c.t. i.v.e. . [320] 53 00 65 00 74 00 75 00 70 00 2E 00 4C 00 6F 00 S.e.t.u. p...L.o. [330] 67 00 00 00 70 00 00 00 00 00 00 00 00 45 40 1A g...p... .....E@. [340] 7C 6F BE 01 36 4D 4F 11 54 77 C4 01 80 60 70 1E |o..6MO. Tw...`p. [350] 84 6F BE 01 90 38 3A B4 96 86 C4 01 C0 00 00 00 .o...8:. ........ [360] 00 00 00 00 C0 00 00 00 00 00 00 00 80 00 00 00 ........ ........ [370] 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [380] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [390] 00 00 41 00 44 00 41 00 4D 00 2E 00 49 00 4E 00 ..A.D.A. M...I.N. [3A0] 49 00 00 00 78 00 00 00 00 00 00 00 00 A8 4C 90 I...x... ......L. [3B0] 8C 6F BE 01 30 AF FB 3C DB 2B C5 01 80 3E 58 A2 .o..0..< .+...>X. [3C0] 38 D6 C2 01 C0 BF 3B B4 96 86 C4 01 A3 0A 00 00 8.....;. ........ [3D0] 00 00 00 00 A8 0A 00 00 00 00 00 00 80 00 00 00 ........ ........ [3E0] 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [3F0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [400] 00 00 41 00 64 00 6F 00 62 00 65 00 50 00 44 00 ..A.d.o. b.e.P.D. [410] 46 00 2E 00 69 00 6E 00 69 00 00 00 78 00 00 00 F...i.n. i...x... [420] 00 00 00 00 80 DD E5 FD 66 6F BE 01 F4 E1 53 11 ........ fo....S. [430] 54 77 C4 01 00 B8 CC B5 72 6F BE 01 C0 BF 3B B4 Tw...... ro....;. [440] 96 86 C4 01 89 02 00 00 00 00 00 00 90 02 00 00 ........ ........ [450] 00 00 00 00 80 00 00 00 16 00 00 00 00 00 00 00 ........ ........ [460] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [470] 00 00 00 00 00 00 00 00 00 00 61 00 64 00 6F 00 ........ ..a.d.o. [480] 62 00 65 00 72 00 65 00 67 00 2E 00 64 00 62 00 b.e.r.e. g...d.b. [490] 00 00 00 00 70 00 00 00 00 00 00 00 80 8A F5 6C ....p... .......l [4A0] 61 9E BE 01 88 92 EF 82 55 2E C5 01 40 7D AB 9C a....... U...@}.. [4B0] 4F 75 C3 01 40 7D AB 9C 4F 75 C3 01 00 00 00 00 Ou..@}.. Ou...... [4C0] 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 ........ ........ [4D0] 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [4E0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [4F0] 00 00 41 00 45 00 43 00 53 00 6F 00 66 00 74 00 ..A.E.C. S.o.f.t. [500] 00 00 00 00 68 00 00 00 00 00 00 00 80 13 A6 7C ....h... .......| [510] CB 6D BE 01 5A A0 F2 82 55 2E C5 01 80 13 A6 7C .m..Z... U......| [520] CB 6D BE 01 F0 B0 D1 9C 4F 75 C3 01 00 00 00 00 .m...... Ou...... [530] 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 ........ ........ [540] 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [550] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [560] 00 00 61 00 05 E2 DB 65 05 E2 00 00 00 36 00 00 ..a....e .....6.. [570] 00 36 00 00 00 50 00 00 00 00 42 40 7F E8 00 06 .6...P.. ..B@.... [580] 61 7A 00 C0 F0 49 79 B7 08 00 20 9C 12 6E 08 00 az...Iy. .. ..n.. [590] 45 00 00 28 2F 32 40 00 40 06 88 33 C0 A8 01 0F E..(/2@. @..3.... [5A0] C0 A8 01 0B 81 C8 00 8B CA 35 53 39 7B 44 E7 D4 ........ .5S9{D.. [5B0] 50 10 66 18 C3 75 00 00 69 0A 00 00 05 E2 00 00 P.f..u.. i....... [5C0] 05 E2 00 00 06 00 00 00 00 00 42 40 7F E8 00 06 ........ ..B@.... [5D0] 61 82 08 00 20 9C 12 6E 00 C0 F0 49 79 B7 08 00 a... ..n ...Iy... [5E0] 45 00 05 D4 2E D4 40 00 80 06 42 E5 C0 A8 01 0B E.....@. ..B..... [5F0] C0 A8 01 0F 00 8B 81 C8 7B 44 E7 D4 CA 35 53 39 ........ {D...5S9 [600] 50 10 1F 15 59 48 00 00 69 00 6D 00 39 00 35 00 P...YH.. i.m.9.5. [610] 70 00 00 00 00 00 00 00 80 FA 2E 50 77 6F BE 01 p....... ...Pwo.. [620] F4 E1 53 11 54 77 C4 01 00 EC 92 7D F9 56 C0 01 ..S.Tw.. ...}.V.. [630] F0 46 3D B4 96 86 C4 01 18 00 00 00 00 00 00 00 .F=..... ........ [640] 18 00 00 00 00 00 00 00 80 00 00 00 0E 00 00 00 ........ ........ [650] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [660] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41 00 ........ ......A. [670] 4F 00 43 00 2E 00 49 00 4E 00 49 00 00 00 00 00 O.C...I. N.I..... [680] 70 00 00 00 00 00 00 00 14 15 11 F0 05 95 C3 01 p....... ........ [690] 5A A0 F2 82 55 2E C5 01 14 15 11 F0 05 95 C3 01 Z...U... ........ [6A0] 14 15 11 F0 05 95 C3 01 00 00 00 00 00 00 00 00 ........ ........ [6B0] 00 00 00 00 00 00 00 00 10 00 00 00 10 00 00 00 ........ ........ [6C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [6D0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41 00 ........ ......A. [6E0] 70 00 70 00 50 00 61 00 74 00 63 00 68 00 00 00 p.p.P.a. t.c.h... [6F0] 78 00 00 00 00 00 00 00 80 3B E4 C3 1A 5D BE 01 x....... .;...].. [700] 2E A0 61 11 54 77 C4 01 00 28 A7 C3 7E 76 BC 01 ..a.Tw.. .(..~v.. [710] 40 F9 47 B4 96 86 C4 01 50 2F 07 00 00 00 00 00 @.G..... P/...... [720] 00 30 07 00 00 00 00 00 80 00 00 00 14 00 00 00 .0...... ........ [730] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [740] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41 00 ........ ......A. [750] 50 00 53 00 4C 00 5F 00 53 00 2E 00 45 00 58 00 P.S.L._. S...E.X. [760] 45 00 00 00 00 00 00 00 78 00 00 00 00 00 00 00 E....... x....... [770] 00 18 5E 0C C8 8D BC 01 00 18 5E 0C C8 8D BC 01 ..^..... ..^..... [780] 00 18 5E 0C C8 8D BC 01 70 80 49 B4 96 86 C4 01 ..^..... p.I..... [790] 02 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 ........ ........ [7A0] 80 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [7B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [7C0] 00 00 00 00 00 00 41 00 52 00 54 00 47 00 41 00 ......A. R.T.G.A. [7D0] 4C 00 52 00 59 00 2E 00 43 00 41 00 47 00 00 00 L.R.Y... C.A.G... [7E0] 70 00 00 00 00 00 00 00 80 84 7E 3F 77 6F BE 01 p....... ..~?wo.. [7F0] 74 12 0F 07 F9 2E C5 01 00 68 04 00 78 6F BE 01 t....... .h..xo.. [800] A0 07 4B B4 96 86 C4 01 2B 00 00 00 00 00 00 00 ..K..... +....... [810] 30 00 00 00 00 00 00 00 80 00 00 00 0E 00 00 00 0....... ........ [820] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [830] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41 00 ........ ......A. [840] 54 00 4D 00 2E 00 49 00 4E 00 49 00 00 00 00 00 T.M...I. N.I..... [850] 78 00 00 00 00 00 00 00 00 47 2E F3 6C 6F BE 01 x....... .G..lo.. [860] 18 27 63 11 54 77 C4 01 00 BB E7 13 40 D6 C2 01 .'c.Tw.. ....@... [870] FA 4C 79 EF 54 2E C5 01 5F A6 00 00 00 00 00 00 .Ly.T... _....... [880] 00 B0 00 00 00 00 00 00 80 00 00 00 14 00 00 00 ........ ........ [890] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [8A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41 00 ........ ......A. [8B0] 54 00 4D 00 52 00 45 00 47 00 2E 00 41 00 54 00 T.M.R.E. G...A.T. [8C0] 4D 00 00 00 00 00 00 00 78 00 00 00 00 00 00 00 M....... x....... [8D0] 80 D2 D5 26 1B 5D BE 01 02 AE 64 11 54 77 C4 01 ...&.].. ..d.Tw.. [8E0] 88 7A FC 3F 53 1C C4 01 E3 D3 7A EF 54 2E C5 01 .z.?S... ..z.T... [8F0] 38 04 00 00 00 00 00 00 38 04 00 00 00 00 00 00 8....... 8....... [900] 80 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [910] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [920] 00 00 00 00 00 00 41 00 55 00 54 00 4F 00 4C 00 ......A. U.T.O.L. [930] 4E 00 43 00 48 00 2E 00 52 00 45 00 47 00 00 00 N.C.H... R.E.G... [940] 80 00 00 00 00 00 00 00 80 86 98 E8 A5 7C BD 01 ........ .....|.. [950] AA C9 6A 11 54 77 C4 01 00 F0 9E 60 27 F1 BE 01 ..j.Tw.. ...`'... [960] 30 9D 4F B4 96 86 C4 01 8C 33 00 00 00 00 00 00 0.O..... .3...... [970] 00 40 00 00 00 00 00 00 80 00 00 00 22 00 00 00 .@...... ...."... [980] 00 00 00 00 18 00 42 00 49 00 4E 00 44 00 4C 00 ......B. I.N.D.L. [990] 49 00 7E 00 31 00 2E 00 54 00 58 00 54 00 42 00 I.~.1... T.X.T.B. [9A0] 69 00 6E 00 64 00 20 00 4C 00 69 00 73 00 74 00 i.n.d. . L.i.s.t. [9B0] 20 00 4C 00 6F 00 67 00 2E 00 74 00 78 00 74 00 .L.o.g. ..t.x.t. [9C0] 78 00 00 00 00 00 00 00 00 AD A2 27 F1 D4 BB 01 x....... ...'.... [9D0] 18 7D 38 AE 60 7F C4 01 00 AD A2 27 F1 D4 BB 01 .}8.`... ...'.... [9E0] 90 AB 52 B4 96 86 C4 01 D0 14 00 00 00 00 00 00 ..R..... ........ [9F0] 00 20 00 00 00 00 00 00 80 00 00 00 16 00 00 00 . ...... ........ [A00] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [A10] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 62 00 ........ ......b. [A20] 6C 00 61 00 63 00 6B 00 31 00 36 00 2E 00 73 00 l.a.c.k. 1.6...s. [A30] 63 00 72 00 00 00 00 00 80 00 00 00 00 00 00 00 c.r..... ........ [A40] 80 A5 1B 4F A2 7C BD 01 94 50 6C 11 54 77 C4 01 ...O.|.. .Pl.Tw.. [A50] 00 85 01 D4 2B D5 BB 01 F0 B9 55 B4 96 86 C4 01 ....+... ..U..... [A60] F8 04 00 00 00 00 00 00 F8 04 00 00 00 00 00 00 ........ ........ [A70] 80 00 00 00 20 00 00 00 00 00 00 00 18 00 42 00 .... ... ......B. [A80] 4C 00 55 00 45 00 4C 00 41 00 7E 00 31 00 2E 00 L.U.E.L. A.~.1... [A90] 42 00 4D 00 50 00 42 00 6C 00 75 00 65 00 20 00 B.M.P.B. l.u.e. . [AA0] 4C 00 61 00 63 00 65 00 20 00 31 00 36 00 2E 00 L.a.c.e. .1.6... [AB0] 62 00 6D 00 70 00 00 00 88 00 00 00 00 00 00 00 b.m.p... ........ [AC0] 80 A5 1B 4F A2 7C BD 01 7E D7 6D 11 54 77 C4 01 ...O.|.. ~.m.Tw.. [AD0] 00 85 01 D4 2B D5 BB 01 20 41 57 B4 96 86 C4 01 ....+... AW..... [AE0] 76 20 00 00 00 00 00 00 00 30 00 00 00 00 00 00 v ...... .0...... [AF0] 80 00 00 00 24 00 00 00 00 00 00 00 18 00 42 00 ....$... ......B. [B00] 4C 00 55 00 45 00 4D 00 4F 00 7E 00 31 00 2E 00 L.U.E.M. O.~.1... [B10] 42 00 4D 00 50 00 42 00 6C 00 75 00 65 00 20 00 B.M.P.B. l.u.e. . [B20] 4D 00 6F 00 6E 00 64 00 61 00 79 00 20 00 31 00 M.o.n.d. a.y. .1. [B30] 36 00 2E 00 62 00 6D 00 70 00 00 00 00 00 00 00 6...b.m. p....... [B40] 80 00 00 00 00 00 00 00 80 A5 1B 4F A2 7C BD 01 ........ ...O.|.. [B50] 7E D7 6D 11 54 77 C4 01 00 85 01 D4 2B D5 BB 01 ~.m.Tw.. ....+... [B60] 50 C8 58 B4 96 86 C4 01 34 94 00 00 00 00 00 00 P.X..... 4....... [B70] 00 A0 00 00 00 00 00 00 80 00 00 00 1E 00 00 00 ........ ........ [B80] 00 00 00 00 18 00 42 00 4C 00 55 00 45 00 4D 00 ......B. L.U.E.M. [B90] 4F 00 7E 00 32 00 2E 00 42 00 4D 00 50 00 42 00 O.~.2... B.M.P.B. [BA0] 6C 00 75 00 65 00 20 00 4D 00 6F 00 6E 00 64 00 l.u.e. . M.o.n.d. [BB0] 61 00 79 00 05 E2 DB 65 05 E2 00 00 05 D2 00 00 a.y....e ........ [BC0] 05 D2 00 00 05 F0 00 00 00 00 42 40 7F E8 00 06 ........ ..B@.... [BD0] 62 44 08 00 20 9C 12 6E 00 C0 F0 49 79 B7 08 00 bD.. ..n ...Iy... [BE0] 45 00 05 C4 2F D4 40 00 80 06 41 F5 C0 A8 01 0B E.../.@. ..A..... [BF0] C0 A8 01 0F 00 8B 81 C8 7B 44 ED 80 CA 35 53 39 ........ {D...5S9 [C00] 50 18 1F 15 23 FE 00 00 2E 00 62 00 6D 00 70 00 P...#... ..b.m.p. [C10] 00 00 00 00 78 00 00 00 00 00 00 00 00 01 AF 84 ....x... ........ [C20] 28 F1 BE 01 3C 6C 72 11 54 77 C4 01 00 00 DF 77 (...X. 0x0430 38d6 c201 c0bf 3bb4 9686 c401 a30a 0000 8.....;......... 0x0440 0000 0000 a80a 0000 0000 0000 8000 0000 ................ 0x0450 1800 0000 0000 0000 0000 0000 0000 0000 ................ 0x0460 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0470 0000 4100 6400 6f00 6200 6500 5000 4400 ..A.d.o.b.e.P.D. 0x0480 4600 2e00 6900 6e00 6900 0000 7800 0000 F...i.n.i...x... 0x0490 0000 0000 80dd e5fd 666f be01 f4e1 5311 ........fo....S. 0x04a0 5477 c401 00b8 ccb5 726f be01 c0bf 3bb4 Tw......ro....;. 0x04b0 9686 c401 8902 0000 0000 0000 9002 0000 ................ 0x04c0 0000 0000 8000 0000 1600 0000 0000 0000 ................ 0x04d0 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x04e0 0000 0000 0000 0000 0000 6100 6400 6f00 ..........a.d.o. 0x04f0 6200 6500 7200 6500 6700 2e00 6400 6200 b.e.r.e.g...d.b. 0x0500 0000 0000 7000 0000 0000 0000 808a f56c ....p..........l 0x0510 619e be01 8892 ef82 552e c501 407d ab9c a.......U...@}.. 0x0520 4f75 c301 407d ab9c 4f75 c301 0000 0000 Ou..@}..Ou...... 0x0530 0000 0000 0000 0000 0000 0000 1000 0000 ................ 0x0540 0e00 0000 0000 0000 0000 0000 0000 0000 ................ 0x0550 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0560 0000 4100 4500 4300 5300 6f00 6600 7400 ..A.E.C.S.o.f.t. 0x0570 0000 0000 6800 0000 0000 0000 8013 a67c ....h..........| 0x0580 cb6d be01 5aa0 f282 552e c501 8013 a67c .m..Z...U......| 0x0590 cb6d be01 f0b0 d19c 4f75 c301 0000 0000 .m......Ou...... 0x05a0 0000 0000 0000 0000 0000 0000 1000 0000 ................ 0x05b0 0a00 0000 0000 0000 0000 0000 0000 0000 ................ 0x05c0 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x05d0 0000 6100 ..a. 15:28:24.418170 192.168.1.15.33224 > 192.168.1.11.139: . [tcp sum ok] 196:196(0) ack 1557 win 26136 (DF) (ttl 64, id 12082, len 40) 0x0000 4500 0028 2f32 4000 4006 8833 c0a8 010f E..(/2@.@..3.... 0x0010 c0a8 010b 81c8 008b ca35 5339 7b44 e7d4 .........5S9{D.. 0x0020 5010 6618 c375 0000 P.f..u.. 15:28:24.418178 192.168.1.11.139 > 192.168.1.15.33224: . [tcp sum ok] 1557:3009(1452) ack 196 win 7957 >>> NBT Packet flags=0x69 NBT - Unknown packet type Type=0x69006D00 Data: (1448 bytes) [000] 39 00 35 00 70 00 00 00 00 00 00 00 80 FA 2E 50 9.5.p... .......P [010] 77 6F BE 01 F4 E1 53 11 54 77 C4 01 00 EC 92 7D wo....S. Tw.....} [020] F9 56 C0 01 F0 46 3D B4 96 86 C4 01 18 00 00 00 .V...F=. ........ [030] 00 00 00 00 18 00 00 00 00 00 00 00 80 00 00 00 ........ ........ [040] 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [060] 00 00 41 00 4F 00 43 00 2E 00 49 00 4E 00 49 00 ..A.O.C. ..I.N.I. [070] 00 00 00 00 70 00 00 00 00 00 00 00 14 15 11 F0 ....p... ........ [080] 05 95 C3 01 5A A0 F2 82 55 2E C5 01 14 15 11 F0 ....Z... U....... [090] 05 95 C3 01 14 15 11 F0 05 95 C3 01 00 00 00 00 ........ ........ [0A0] 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 ........ ........ [0B0] 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0D0] 00 00 41 00 70 00 70 00 50 00 61 00 74 00 63 00 ..A.p.p. P.a.t.c. [0E0] 68 00 00 00 78 00 00 00 00 00 00 00 80 3B E4 C3 h...x... .....;.. [0F0] 1A 5D BE 01 2E A0 61 11 54 77 C4 01 00 28 A7 C3 .]....a. Tw...(.. [100] 7E 76 BC 01 40 F9 47 B4 96 86 C4 01 50 2F 07 00 ~v..@.G. ....P/.. [110] 00 00 00 00 00 30 07 00 00 00 00 00 80 00 00 00 .....0.. ........ [120] 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [130] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [140] 00 00 41 00 50 00 53 00 4C 00 5F 00 53 00 2E 00 ..A.P.S. L._.S... [150] 45 00 58 00 45 00 00 00 00 00 00 00 78 00 00 00 E.X.E... ....x... [160] 00 00 00 00 00 18 5E 0C C8 8D BC 01 00 18 5E 0C ......^. ......^. [170] C8 8D BC 01 00 18 5E 0C C8 8D BC 01 70 80 49 B4 ......^. ....p.I. [180] 96 86 C4 01 02 00 00 00 00 00 00 00 08 00 00 00 ........ ........ [190] 00 00 00 00 80 00 00 00 18 00 00 00 00 00 00 00 ........ ........ [1A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1B0] 00 00 00 00 00 00 00 00 00 00 41 00 52 00 54 00 ........ ..A.R.T. [1C0] 47 00 41 00 4C 00 52 00 59 00 2E 00 43 00 41 00 G.A.L.R. Y...C.A. [1D0] 47 00 00 00 70 00 00 00 00 00 00 00 80 84 7E 3F G...p... ......~? [1E0] 77 6F BE 01 74 12 0F 07 F9 2E C5 01 00 68 04 00 wo..t... .....h.. [1F0] 78 6F BE 01 A0 07 4B B4 96 86 C4 01 2B 00 00 00 xo....K. ....+... [200] 00 00 00 00 30 00 00 00 00 00 00 00 80 00 00 00 ....0... ........ [210] 0E 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [220] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [230] 00 00 41 00 54 00 4D 00 2E 00 49 00 4E 00 49 00 ..A.T.M. ..I.N.I. [240] 00 00 00 00 78 00 00 00 00 00 00 00 00 47 2E F3 ....x... .....G.. [250] 6C 6F BE 01 18 27 63 11 54 77 C4 01 00 BB E7 13 lo...'c. Tw...... [260] 40 D6 C2 01 FA 4C 79 EF 54 2E C5 01 5F A6 00 00 @....Ly. T..._... [270] 00 00 00 00 00 B0 00 00 00 00 00 00 80 00 00 00 ........ ........ [280] 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [290] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [2A0] 00 00 41 00 54 00 4D 00 52 00 45 00 47 00 2E 00 ..A.T.M. R.E.G... [2B0] 41 00 54 00 4D 00 00 00 00 00 00 00 78 00 00 00 A.T.M... ....x... [2C0] 00 00 00 00 80 D2 D5 26 1B 5D BE 01 02 AE 64 11 .......& .]....d. [2D0] 54 77 C4 01 88 7A FC 3F 53 1C C4 01 E3 D3 7A EF Tw...z.? S.....z. [2E0] 54 2E C5 01 38 04 00 00 00 00 00 00 38 04 00 00 T...8... ....8... [2F0] 00 00 00 00 80 00 00 00 18 00 00 00 00 00 00 00 ........ ........ [300] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [310] 00 00 00 00 00 00 00 00 00 00 41 00 55 00 54 00 ........ ..A.U.T. [320] 4F 00 4C 00 4E 00 43 00 48 00 2E 00 52 00 45 00 O.L.N.C. H...R.E. [330] 47 00 00 00 80 00 00 00 00 00 00 00 80 86 98 E8 G....... ........ [340] A5 7C BD 01 AA C9 6A 11 54 77 C4 01 00 F0 9E 60 .|....j. Tw.....` [350] 27 F1 BE 01 30 9D 4F B4 96 86 C4 01 8C 33 00 00 '...0.O. .....3.. [360] 00 00 00 00 00 40 00 00 00 00 00 00 80 00 00 00 .....@.. ........ [370] 22 00 00 00 00 00 00 00 18 00 42 00 49 00 4E 00 "....... ..B.I.N. [380] 44 00 4C 00 49 00 7E 00 31 00 2E 00 54 00 58 00 D.L.I.~. 1...T.X. [390] 54 00 42 00 69 00 6E 00 64 00 20 00 4C 00 69 00 T.B.i.n. d. .L.i. [3A0] 73 00 74 00 20 00 4C 00 6F 00 67 00 2E 00 74 00 s.t. .L. o.g...t. [3B0] 78 00 74 00 78 00 00 00 00 00 00 00 00 AD A2 27 x.t.x... .......' [3C0] F1 D4 BB 01 18 7D 38 AE 60 7F C4 01 00 AD A2 27 .....}8. `......' [3D0] F1 D4 BB 01 90 AB 52 B4 96 86 C4 01 D0 14 00 00 ......R. ........ [3E0] 00 00 00 00 00 20 00 00 00 00 00 00 80 00 00 00 ..... .. ........ [3F0] 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [400] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [410] 00 00 62 00 6C 00 61 00 63 00 6B 00 31 00 36 00 ..b.l.a. c.k.1.6. [420] 2E 00 73 00 63 00 72 00 00 00 00 00 80 00 00 00 ..s.c.r. ........ [430] 00 00 00 00 80 A5 1B 4F A2 7C BD 01 94 50 6C 11 .......O .|...Pl. [440] 54 77 C4 01 00 85 01 D4 2B D5 BB 01 F0 B9 55 B4 Tw...... +.....U. [450] 96 86 C4 01 F8 04 00 00 00 00 00 00 F8 04 00 00 ........ ........ [460] 00 00 00 00 80 00 00 00 20 00 00 00 00 00 00 00 ........ ....... [470] 18 00 42 00 4C 00 55 00 45 00 4C 00 41 00 7E 00 ..B.L.U. E.L.A.~. [480] 31 00 2E 00 42 00 4D 00 50 00 42 00 6C 00 75 00 1...B.M. P.B.l.u. [490] 65 00 20 00 4C 00 61 00 63 00 65 00 20 00 31 00 e. .L.a. c.e. .1. [4A0] 36 00 2E 00 62 00 6D 00 70 00 00 00 88 00 00 00 6...b.m. p....... [4B0] 00 00 00 00 80 A5 1B 4F A2 7C BD 01 7E D7 6D 11 .......O .|..~.m. [4C0] 54 77 C4 01 00 85 01 D4 2B D5 BB 01 20 41 57 B4 Tw...... +... AW. [4D0] 96 86 C4 01 76 20 00 00 00 00 00 00 00 30 00 00 ....v .. .....0.. [4E0] 00 00 00 00 80 00 00 00 24 00 00 00 00 00 00 00 ........ $....... [4F0] 18 00 42 00 4C 00 55 00 45 00 4D 00 4F 00 7E 00 ..B.L.U. E.M.O.~. [500] 31 00 2E 00 42 00 4D 00 50 00 42 00 6C 00 75 00 1...B.M. P.B.l.u. [510] 65 00 20 00 4D 00 6F 00 6E 00 64 00 61 00 79 00 e. .M.o. n.d.a.y. [520] 20 00 31 00 36 00 2E 00 62 00 6D 00 70 00 00 00 .1.6... b.m.p... [530] 00 00 00 00 80 00 00 00 00 00 00 00 80 A5 1B 4F ........ .......O [540] A2 7C BD 01 7E D7 6D 11 54 77 C4 01 00 85 01 D4 .|..~.m. Tw...... [550] 2B D5 BB 01 50 C8 58 B4 96 86 C4 01 34 94 00 00 +...P.X. ....4... [560] 00 00 00 00 00 A0 00 00 00 00 00 00 80 00 00 00 ........ ........ [570] 1E 00 00 00 00 00 00 00 18 00 42 00 4C 00 55 00 ........ ..B.L.U. [580] 45 00 4D 00 4F 00 7E 00 32 00 2E 00 42 00 4D 00 E.M.O.~. 2...B.M. [590] 50 00 42 00 6C 00 75 00 65 00 20 00 4D 00 6F 00 P.B.l.u. e. .M.o. [5A0] 6E 00 64 00 61 00 79 00 n.d.a.y. (DF) (ttl 128, id 11988, len 1492) 0x0000 4500 05d4 2ed4 4000 8006 42e5 c0a8 010b E.....@...B..... 0x0010 c0a8 010f 008b 81c8 7b44 e7d4 ca35 5339 ........{D...5S9 0x0020 5010 1f15 5948 0000 6900 6d00 3900 3500 P...YH..i.m.9.5. 0x0030 7000 0000 0000 0000 80fa 2e50 776f be01 p..........Pwo.. 0x0040 f4e1 5311 5477 c401 00ec 927d f956 c001 ..S.Tw.....}.V.. 0x0050 f046 3db4 9686 c401 1800 0000 0000 0000 .F=............. 0x0060 1800 0000 0000 0000 8000 0000 0e00 0000 ................ 0x0070 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0080 0000 0000 0000 0000 0000 0000 0000 4100 ..............A. 0x0090 4f00 4300 2e00 4900 4e00 4900 0000 0000 O.C...I.N.I..... 0x00a0 7000 0000 0000 0000 1415 11f0 0595 c301 p............... 0x00b0 5aa0 f282 552e c501 1415 11f0 0595 c301 Z...U........... 0x00c0 1415 11f0 0595 c301 0000 0000 0000 0000 ................ 0x00d0 0000 0000 0000 0000 1000 0000 1000 0000 ................ 0x00e0 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x00f0 0000 0000 0000 0000 0000 0000 0000 4100 ..............A. 0x0100 7000 7000 5000 6100 7400 6300 6800 0000 p.p.P.a.t.c.h... 0x0110 7800 0000 0000 0000 803b e4c3 1a5d be01 x........;...].. 0x0120 2ea0 6111 5477 c401 0028 a7c3 7e76 bc01 ..a.Tw...(..~v.. 0x0130 40f9 47b4 9686 c401 502f 0700 0000 0000 @.G.....P/...... 0x0140 0030 0700 0000 0000 8000 0000 1400 0000 .0.............. 0x0150 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0160 0000 0000 0000 0000 0000 0000 0000 4100 ..............A. 0x0170 5000 5300 4c00 5f00 5300 2e00 4500 5800 P.S.L._.S...E.X. 0x0180 4500 0000 0000 0000 7800 0000 0000 0000 E.......x....... 0x0190 0018 5e0c c88d bc01 0018 5e0c c88d bc01 ..^.......^..... 0x01a0 0018 5e0c c88d bc01 7080 49b4 9686 c401 ..^.....p.I..... 0x01b0 0200 0000 0000 0000 0800 0000 0000 0000 ................ 0x01c0 8000 0000 1800 0000 0000 0000 0000 0000 ................ 0x01d0 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x01e0 0000 0000 0000 4100 5200 5400 4700 4100 ......A.R.T.G.A. 0x01f0 4c00 5200 5900 2e00 4300 4100 4700 0000 L.R.Y...C.A.G... 0x0200 7000 0000 0000 0000 8084 7e3f 776f be01 p.........~?wo.. 0x0210 7412 0f07 f92e c501 0068 0400 786f be01 t........h..xo.. 0x0220 a007 4bb4 9686 c401 2b00 0000 0000 0000 ..K.....+....... 0x0230 3000 0000 0000 0000 8000 0000 0e00 0000 0............... 0x0240 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0250 0000 0000 0000 0000 0000 0000 0000 4100 ..............A. 0x0260 5400 4d00 2e00 4900 4e00 4900 0000 0000 T.M...I.N.I..... 0x0270 7800 0000 0000 0000 0047 2ef3 6c6f be01 x........G..lo.. 0x0280 1827 6311 5477 c401 00bb e713 40d6 c201 .'c.Tw......@... 0x0290 fa4c 79ef 542e c501 5fa6 0000 0000 0000 .Ly.T..._....... 0x02a0 00b0 0000 0000 0000 8000 0000 1400 0000 ................ 0x02b0 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x02c0 0000 0000 0000 0000 0000 0000 0000 4100 ..............A. 0x02d0 5400 4d00 5200 4500 4700 2e00 4100 5400 T.M.R.E.G...A.T. 0x02e0 4d00 0000 0000 0000 7800 0000 0000 0000 M.......x....... 0x02f0 80d2 d526 1b5d be01 02ae 6411 5477 c401 ...&.]....d.Tw.. 0x0300 887a fc3f 531c c401 e3d3 7aef 542e c501 .z.?S.....z.T... 0x0310 3804 0000 0000 0000 3804 0000 0000 0000 8.......8....... 0x0320 8000 0000 1800 0000 0000 0000 0000 0000 ................ 0x0330 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0340 0000 0000 0000 4100 5500 5400 4f00 4c00 ......A.U.T.O.L. 0x0350 4e00 4300 4800 2e00 5200 4500 4700 0000 N.C.H...R.E.G... 0x0360 8000 0000 0000 0000 8086 98e8 a57c bd01 .............|.. 0x0370 aac9 6a11 5477 c401 00f0 9e60 27f1 be01 ..j.Tw.....`'... 0x0380 309d 4fb4 9686 c401 8c33 0000 0000 0000 0.O......3...... 0x0390 0040 0000 0000 0000 8000 0000 2200 0000 .@.........."... 0x03a0 0000 0000 1800 4200 4900 4e00 4400 4c00 ......B.I.N.D.L. 0x03b0 4900 7e00 3100 2e00 5400 5800 5400 4200 I.~.1...T.X.T.B. 0x03c0 6900 6e00 6400 2000 4c00 6900 7300 7400 i.n.d...L.i.s.t. 0x03d0 2000 4c00 6f00 6700 2e00 7400 7800 7400 ..L.o.g...t.x.t. 0x03e0 7800 0000 0000 0000 00ad a227 f1d4 bb01 x..........'.... 0x03f0 187d 38ae 607f c401 00ad a227 f1d4 bb01 .}8.`......'.... 0x0400 90ab 52b4 9686 c401 d014 0000 0000 0000 ..R............. 0x0410 0020 0000 0000 0000 8000 0000 1600 0000 ................ 0x0420 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0430 0000 0000 0000 0000 0000 0000 0000 6200 ..............b. 0x0440 6c00 6100 6300 6b00 3100 3600 2e00 7300 l.a.c.k.1.6...s. 0x0450 6300 7200 0000 0000 8000 0000 0000 0000 c.r............. 0x0460 80a5 1b4f a27c bd01 9450 6c11 5477 c401 ...O.|...Pl.Tw.. 0x0470 0085 01d4 2bd5 bb01 f0b9 55b4 9686 c401 ....+.....U..... 0x0480 f804 0000 0000 0000 f804 0000 0000 0000 ................ 0x0490 8000 0000 2000 0000 0000 0000 1800 4200 ..............B. 0x04a0 4c00 5500 4500 4c00 4100 7e00 3100 2e00 L.U.E.L.A.~.1... 0x04b0 4200 4d00 5000 4200 6c00 7500 6500 2000 B.M.P.B.l.u.e... 0x04c0 4c00 6100 6300 6500 2000 3100 3600 2e00 L.a.c.e...1.6... 0x04d0 6200 6d00 7000 0000 8800 0000 0000 0000 b.m.p........... 0x04e0 80a5 1b4f a27c bd01 7ed7 6d11 5477 c401 ...O.|..~.m.Tw.. 0x04f0 0085 01d4 2bd5 bb01 2041 57b4 9686 c401 ....+....AW..... 0x0500 7620 0000 0000 0000 0030 0000 0000 0000 v........0...... 0x0510 8000 0000 2400 0000 0000 0000 1800 4200 ....$.........B. 0x0520 4c00 5500 4500 4d00 4f00 7e00 3100 2e00 L.U.E.M.O.~.1... 0x0530 4200 4d00 5000 4200 6c00 7500 6500 2000 B.M.P.B.l.u.e... 0x0540 4d00 6f00 6e00 6400 6100 7900 2000 3100 M.o.n.d.a.y...1. 0x0550 3600 2e00 6200 6d00 7000 0000 0000 0000 6...b.m.p....... 0x0560 8000 0000 0000 0000 80a5 1b4f a27c bd01 ...........O.|.. 0x0570 7ed7 6d11 5477 c401 0085 01d4 2bd5 bb01 ~.m.Tw......+... 0x0580 50c8 58b4 9686 c401 3494 0000 0000 0000 P.X.....4....... 0x0590 00a0 0000 0000 0000 8000 0000 1e00 0000 ................ 0x05a0 0000 0000 1800 4200 4c00 5500 4500 4d00 ......B.L.U.E.M. 0x05b0 4f00 7e00 3200 2e00 4200 4d00 5000 4200 O.~.2...B.M.P.B. 0x05c0 6c00 7500 6500 2000 4d00 6f00 6e00 6400 l.u.e...M.o.n.d. 0x05d0 6100 7900 a.y. 15:28:24.418372 192.168.1.11.139 > 192.168.1.15.33224: P [tcp sum ok] 3009:4445(1436) ack 196 win 7957 >>> NBT Packet flags=0x2e NBT - Unknown packet type Type=0x2E006200 Data: (1432 bytes) [000] 6D 00 70 00 00 00 00 00 78 00 00 00 00 00 00 00 m.p..... x....... [010] 00 01 AF 84 28 F1 BE 01 3C 6C 72 11 54 77 C4 01 ....(... 192.168.1.11.139: P [tcp sum ok] 196:300(104) ack 4445 win 26136 >>> NBT Packet NBT Session Packet Flags=0x0 Length=100 (0x64) SMB PACKET: SMBtrans2 (REQUEST) SMB Command = 0x32 Error class = 0x0 Error code = 0 (0x0) Flags1 = 0x8 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 8 (0x8) Word Count = 15 (0xf) TRANSACT2_FINDNEXT param_length=32 data_length=0 TotParam=32 (0x20) TotData=0 (0x0) MaxParam=10 (0xa) MaxData=4356 (0x1104) MaxSetup=0 (0x0) Flags=0x0 TimeOut=0 (0x0) Res1=0x0 ParamCnt=32 (0x20) ParamOff=68 (0x44) DataCnt=0 (0x0) DataOff=100 (0x64) SetupCnt=1 (0x1) TransactionName=Paramaters= Data: (32 bytes) [000] 0B 08 00 02 06 00 00 00 00 00 00 00 63 00 6C 00 ........ ....c.l. [010] 6F 00 63 00 6B 00 2E 00 61 00 76 00 69 00 00 00 o.c.k... a.v.i... Data= (DF) (ttl 64, id 12083, len 144) 0x0000 4500 0090 2f33 4000 4006 87ca c0a8 010f E.../3@.@....... 0x0010 c0a8 010b 81c8 008b ca35 5339 7b44 f31c .........5S9{D.. 0x0020 5018 6618 3f82 0000 0000 0064 ff53 4d42 P.f.?......d.SMB 0x0030 3200 0000 0008 01c8 0000 0000 0000 0000 2............... 0x0040 0000 0000 0608 f70e 0210 0800 0f20 0000 ................ 0x0050 000a 0004 1100 0000 0000 0000 0000 0020 ................ 0x0060 0044 0000 0064 0001 0002 0023 0000 4420 .D...d.....#..D. 0x0070 0b08 0002 0600 0000 0000 0000 6300 6c00 ............c.l. 0x0080 6f00 6300 6b00 2e00 6100 7600 6900 0000 o.c.k...a.v.i... 15:28:24.436159 192.168.1.11.139 > 192.168.1.15.33224: P [tcp sum ok] 4445:4484(39) ack 300 win 7853 >>> NBT Packet NBT Session Packet Flags=0x0 Length=35 (0x23) SMB PACKET: SMBtrans2 (REPLY) SMB Command = 0x32 Error class = 0x1 Error code = 124 (0x7c) Flags1 = 0x88 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 8 (0x8) Word Count = 0 (0x0) SMBError = ERRDOS - 124 TRANSACT2_FINDNEXT param_length=0 data_length=93 Trans2Interim (DF) (ttl 128, id 12500, len 79) 0x0000 4500 004f 30d4 4000 8006 466a c0a8 010b E..O0.@...Fj.... 0x0010 c0a8 010f 008b 81c8 7b44 f31c ca35 53a1 ........{D...5S. 0x0020 5018 1ead 7654 0000 0000 0023 ff53 4d42 P...vT.....#.SMB 0x0030 3201 007c 0088 01c8 0000 0000 0000 0000 2..|............ 0x0040 0000 0000 0608 f70e 0210 0800 0000 00 ............... 15:28:24.438379 192.168.1.15.33224 > 192.168.1.11.139: P [tcp sum ok] 300:339(39) ack 4484 win 26136 >>> NBT Packet NBT Session Packet Flags=0x0 Length=35 (0x23) SMB PACKET: SMBdskattr (REQUEST) SMB Command = 0x80 Error class = 0x0 Error code = 0 (0x0) Flags1 = 0x8 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 9 (0x9) Word Count = 0 (0x0) smb_bcc=0 (DF) (ttl 64, id 12084, len 79) 0x0000 4500 004f 2f34 4000 4006 880a c0a8 010f E..O/4@.@....... 0x0010 c0a8 010b 81c8 008b ca35 53a1 7b44 f343 .........5S.{D.C 0x0020 5018 6618 e0be 0000 0000 0023 ff53 4d42 P.f........#.SMB 0x0030 8000 0000 0008 01c8 0000 0000 0000 0000 ................ 0x0040 0000 0000 0608 f70e 0210 0900 0000 00 ............... 15:28:24.438757 192.168.1.11.139 > 192.168.1.15.33224: P [tcp sum ok] 4484:4533(49) ack 339 win 7814 >>> NBT Packet NBT Session Packet Flags=0x0 Length=45 (0x2d) SMB PACKET: SMBdskattr (REPLY) SMB Command = 0x80 Error class = 0x0 Error code = 0 (0x0) Flags1 = 0x88 Flags2 = 0x1 Tree ID = 2054 (0x806) Proc ID = 3831 (0xef7) UID = 4098 (0x1002) MID = 9 (0x9) Word Count = 5 (0x5) smbvwv[]= TotalUnits=64259 (0xfb03) BlocksPerUnit=256 (0x100) BlockSize=512 (0x200) FreeUnits=1992 (0x7c8) Media=0x0 smb_bcc=0 (DF) (ttl 128, id 12756, len 89) 0x0000 4500 0059 31d4 4000 8006 4560 c0a8 010b E..Y1.@...E`.... 0x0010 c0a8 010f 008b 81c8 7b44 f343 ca35 53c8 ........{D.C.5S. 0x0020 5018 1e86 1cca 0000 0000 002d ff53 4d42 P..........-.SMB 0x0030 8000 0000 0088 01c8 0000 0000 0000 0000 ................ 0x0040 0000 0000 0608 f70e 0210 0900 0503 fb00 ................ 0x0050 0100 02c8 0700 0000 00 ......... 15:28:24.538044 192.168.1.15.33224 > 192.168.1.11.139: . [tcp sum ok] 339:339(0) ack 4533 win 26136 (DF) (ttl 64, id 12085, len 40) 0x0000 4500 0028 2f35 4000 4006 8830 c0a8 010f E..(/5@.@..0.... 0x0010 c0a8 010b 81c8 008b ca35 53c8 7b44 f374 .........5S.{D.t 0x0020 5010 6618 b746 0000 P.f..F..