hierynomus / smbj

Server Message Block (SMB2, SMB3) implementation in Java
Other
713 stars 180 forks source link

STATUS_ACCESS_DENIED (0xc0000022): #607

Closed gvj414 closed 7 months ago

gvj414 commented 3 years ago

STATUS_ACCESS_DENIED (0xc0000022): Could not connect to \\smbproxy\greatplainsfast\n" private static String USERNAME = "***";// username private static String PASSWORD = "****"; // password private static String DOMAIN = "smbproxy"; // Domain private static String sharename = "greatplainsfast"; // sharename

    // Set the timeout (optional)
        SmbConfig config = SmbConfig.builder()
                 .withMultiProtocolNegotiate(true)
                 .withSigningRequired(true)
                 .withTransportLayerFactory(new AsyncDirectTcpTransportFactory<>())
                 .withTimeout(120, TimeUnit.SECONDS)
                 .withTimeout(120, TimeUnit.SECONDS) // Timeout sets read, write and Transact timeouts (default is 60 seconds)
                 .withSoTimeout(180, TimeUnit.SECONDS) // Socket timeout (default is 0 seconds)
                 .build();

        // If you do not set the timeout period SMBClient client = new SMBClient();
        SMBClient client = new SMBClient(config);

        try {
            Connection connection = client.connect(DOMAIN); // For example: 123.123.123.123
            AuthenticationContext ac = new AuthenticationContext(USERNAME, PASSWORD.toCharArray(), DOMAIN);

            Session session = connection.authenticate(ac);
            // Connect to a shared folder
            DiskShare share = (DiskShare) session.connectShare("greatplainsfast");
            System.out.println("*********************Testing SMB");

            if (share.fileExists(pathId)) {
                System.out.println("*********************In if case");
                File smbFileRead = share.openFile(pathId, EnumSet.of(AccessMask.GENERIC_READ), null,
                        SMB2ShareAccess.ALL, SMB2CreateDisposition.FILE_OPEN, null);
                System.out.println("*********************In if case"+ smbFileRead);
            } else {
                System.out.println("File does not exist");
            }

Error

felixRajkumar commented 3 years ago

Connection connection = client.connect(machineName); AuthenticationContext ac = new AuthenticationContext(USERNAME, PASSWORD.toCharArray(), DOMAIN);

Try machine name instead of domain name. If the machine is in a workgroup and not in a domain. You should use null for DOMAIN parameter @gvj414

gvj414 commented 3 years ago

Thank you @felixRajkumar for your response. I did use MachineName and now I get this error. error 2 Capture

gvj414 commented 3 years ago

Can you please provide any suggestions @hierynomus

hierynomus commented 3 years ago

The Host address cannot be resolved, No bug in SMBJ, ensure that the machine name is either an IP, or a resolvable hostname

gvj414 commented 3 years ago

@hierynomus Thank you.

After few changes Now I am getting this Error

DEBUG c.h.s.SMBClient - Connection to << 10.250.21.59:445 >> closed 01/31/2021 21:57:50.853 [http-nio-8080-exec-4 - ] DEBUG c.h.p.c.s.ProxySocketFactory - Connecting to /10.250.21.59:445 01/31/2021 21:57:50.912 [http-nio-8080-exec-4 - ] DEBUG c.h.s.t.PacketReader - Starting PacketReader on thread: Packet Reader for 10.250.21.59 01/31/2021 21:57:50.913 [http-nio-8080-exec-4 - ] DEBUG c.h.s.c.Connection - Negotiating dialects [SMB_2_0_2, SMB_2_1] with server 10.250.21.59 01/31/2021 21:57:50.913 [http-nio-8080-exec-4 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 1) credits to SMB2_NEGOTIATE with message id << 0 >> 01/31/2021 21:57:50.914 [http-nio-8080-exec-4 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_NEGOTIATE with message id << 0 >> 01/31/2021 21:57:50.914 [http-nio-8080-exec-4 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 0 >> 01/31/2021 21:57:50.973 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@686d381f 01/31/2021 21:57:50.974 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 1 credits for com.hierynomus.mssmb2.SMB2PacketData@686d381f, now available: 1 credits 01/31/2021 21:57:50.974 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 0 >> to SMB2_NEGOTIATE with message id << 0 >> 01/31/2021 21:57:50.974 [http-nio-8080-exec-4 - ] DEBUG c.h.s.c.Connection - Negotiated the following connection settings: ConnectionInfo{ serverGuid=2d6d6361-7364-2d34-7361-6d6261300000, serverName='10.250.21.59', negotiatedProtocol=NegotiatedProtocol{dialect=SMB_2_1, maxTransactSize=1048576, maxReadSize=1048576, maxWriteSize=1048576}, clientGuid=bf90fc83-db0a-481c-8868-e8269c878823, clientCapabilities=[SMB2_GLOBAL_CAP_DFS], serverCapabilities=[SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_LARGE_MTU], clientSecurityMode=0, serverSecurityMode=1, server='null' } 01/31/2021 21:57:50.974 [http-nio-8080-exec-4 - ] INFO c.h.s.c.Connection - Successfully connected to: 10.250.21.59 is connected:true com.hierynomus.smbj.connection.Connection@1702c4eb 01/31/2021 21:57:50.976 [http-nio-8080-exec-4 - ] DEBUG c.h.s.a.NtlmAuthenticator - Initialized Authentication of USERNAME using NTLM 01/31/2021 21:57:50.977 [http-nio-8080-exec-4 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 1 >> 01/31/2021 21:57:50.977 [http-nio-8080-exec-4 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_SESSION_SETUP with message id << 1 >> 01/31/2021 21:57:50.977 [http-nio-8080-exec-4 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 1 >> 01/31/2021 21:57:51.034 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@66aadb62 01/31/2021 21:57:51.034 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 1 credits for com.hierynomus.mssmb2.SMB2PacketData@66aadb62, now available: 1 credits 01/31/2021 21:57:51.035 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 1 >> to SMB2_SESSION_SETUP with message id << 1 >> 01/31/2021 21:57:51.035 [http-nio-8080-exec-4 - ] DEBUG c.h.s.c.Connection - More processing required for authentication of USERNAME using com.hierynomus.smbj.auth.NtlmAuthenticator@563fced0 01/31/2021 21:57:51.035 [http-nio-8080-exec-4 - ] DEBUG c.h.s.a.NtlmAuthenticator - Received token: a1 81 d0 30 81 cd a0 03 0a 01 01 a1 0c 06 0a 2b 06 01 04 01 82 37 02 02 0a a2 81 b7 04 81 b4 4e 54 4c 4d 53 53 50 00 02 00 00 00 1c 00 1c 00 30 00 00 00 15 82 8a e0 e6 f2 4d bc 1b a4 33 20 00 00 00 00 00 00 00 00 68 00 68 00 4c 00 00 00 41 00 43 00 4d 00 2d 00 44 00 53 00 34 00 2d 00 53 00 41 00 4d 00 42 00 41 00 30 00 02 00 1c 00 41 00 43 00 4d 00 2d 00 44 00 53 00 34 00 2d 00 53 00 41 00 4d 00 42 00 41 00 30 00 01 00 1c 00 41 00 43 00 4d 00 2d 00 44 00 53 00 34 00 2d 00 53 00 41 00 4d 00 42 00 41 00 30 00 04 00 00 00 03 00 1c 00 61 00 63 00 6d 00 2d 00 64 00 73 00 34 00 2d 00 73 00 61 00 6d 00 62 00 61 00 30 00 00 00 00 00 01/31/2021 21:57:51.035 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],] 01/31/2021 21:57:51.035 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],] 01/31/2021 21:57:51.035 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],] 01/31/2021 21:57:51.035 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],] 01/31/2021 21:57:51.036 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1Sequence[[ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],]]] 01/31/2021 21:57:51.036 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1Enumerated[1] 01/31/2021 21:57:51.036 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1ObjectIdentifier[1.3.6.1.4.1.311.2.2.10] 01/31/2021 21:57:51.036 [http-nio-8080-exec-4 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1OctetString[[78, 84, 76, 77, 83, 83, 80, 0, 2, 0, 0, 0, 28, 0, 28, 0, 48, 0, 0, 0, 21, -126, -118, -32, -26, -14, 77, -68, 27, -92, 51, 32, 0, 0, 0, 0, 0, 0, 0, 0, 104, 0, 104, 0, 76, 0, 0, 0, 65, 0, 67, 0, 77, 0, 45, 0, 68, 0, 83, 0, 52, 0, 45, 0, 83, 0, 65, 0, 77, 0, 66, 0, 65, 0, 48, 0, 2, 0, 28, 0, 65, 0, 67, 0, 77, 0, 45, 0, 68, 0, 83, 0, 52, 0, 45, 0, 83, 0, 65, 0, 77, 0, 66, 0, 65, 0, 48, 0, 1, 0, 28, 0, 65, 0, 67, 0, 77, 0, 45, 0, 68, 0, 83, 0, 52, 0, 45, 0, 83, 0, 65, 0, 77, 0, 66, 0, 65, 0, 48, 0, 4, 0, 0, 0, 3, 0, 28, 0, 97, 0, 99, 0, 109, 0, 45, 0, 100, 0, 115, 0, 52, 0, 45, 0, 115, 0, 97, 0, 109, 0, 98, 0, 97, 0, 48, 0, 0, 0, 0, 0]] 01/31/2021 21:57:51.038 [http-nio-8080-exec-4 - ] DEBUG c.h.s.a.NtlmAuthenticator - Received NTLM challenge from: ACM-DS4-SAMBA0 01/31/2021 21:57:51.044 [http-nio-8080-exec-4 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 2 >> 01/31/2021 21:57:51.044 [http-nio-8080-exec-4 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_SESSION_SETUP with message id << 2 >> 01/31/2021 21:57:51.044 [http-nio-8080-exec-4 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 2 >> 01/31/2021 21:57:51.108 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@6295536f 01/31/2021 21:57:51.108 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 33 credits for com.hierynomus.mssmb2.SMB2PacketData@6295536f, now available: 33 credits 01/31/2021 21:57:51.108 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 2 >> to SMB2_SESSION_SETUP with message id << 2 >> 01/31/2021 21:57:51.108 [http-nio-8080-exec-4 - ] INFO c.h.s.c.Connection - Successfully authenticated USERNAME on 10.250.21.59, session is 973258164 Auth:com.hierynomus.smbj.session.Session@133d52d3 01/31/2021 21:57:51.108 [http-nio-8080-exec-4 - ] INFO c.h.s.s.Session - Connecting to \10.250.21.59\archive on session 973258164 01/31/2021 21:57:51.108 [http-nio-8080-exec-4 - ] DEBUG c.h.s.s.PacketSignatory - Not wrapping SMB2_TREE_CONNECT as signed, as no key is set. 01/31/2021 21:57:51.108 [http-nio-8080-exec-4 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 33) credits to SMB2_TREE_CONNECT with message id << 3 >> 01/31/2021 21:57:51.108 [http-nio-8080-exec-4 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_TREE_CONNECT with message id << 3 >> 01/31/2021 21:57:51.109 [http-nio-8080-exec-4 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 3 >> 01/31/2021 21:57:51.165 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@2797d159 01/31/2021 21:57:51.165 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 33 credits for com.hierynomus.mssmb2.SMB2PacketData@2797d159, now available: 65 credits 01/31/2021 21:57:51.165 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 3 >> to SMB2_TREE_CONNECT with message id << 3 >> 01/31/2021 21:57:51.166 [http-nio-8080-exec-4 - ] DEBUG c.h.s.s.Session - dialect=null, creditCharge=1, creditRequest=0, creditResponse=33, message=SMB2_TREE_CONNECT, messageId=3, asyncId=0, sessionId=973258164, treeId=0, status=0xc00000cc, flags=1, nextCommandOffset=0 01/31/2021 21:57:51.175 [http-nio-8080-exec-4 - ] ERROR o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is com.hierynomus.mssmb2.SMBApiException: STATUS_BAD_NETWORK_NAME (0xc00000cc): Could not connect to \10.250.21.59\archive] with root cause com.hierynomus.mssmb2.SMBApiException: STATUS_BAD_NETWORK_NAME (0xc00000cc): Could not connect to \10.250.21.59\archive

hierynomus commented 3 years ago

What are you using as share name?

gvj414 commented 3 years ago

Hey @hierynomus, DiskShare share = (DiskShare) session.connectShare("greatplainsfast");

Share name = greatplainsfast

hierynomus commented 3 years ago

Your server complains that that name is not valid, i.e. did you make a typo?

gvj414 commented 3 years ago

No Sir @hierynomus. I have double checked the Share name.

hierynomus commented 3 years ago

Can you grab a pcap file from the traffic? Maybe we can see from there what's going wrong then? Also are there any logs on the server?

nddipiazza commented 3 years ago

Add this module:

<dependency>
  <groupId>com.rapid7.client</groupId>
  <artifactId>dcerpc</artifactId>
  <version>0.10.0</version>
</dependency>

Use this to enumerate your shares:

final SMBClient smbClient = new SMBClient();
try (final Connection smbConnection = smbClient.connect("10.250.21.59")) {
    final AuthenticationContext smbAuthenticationContext = new AuthenticationContext("username", "password".toCharArray(), "");
    final Session session = smbConnection.authenticate(smbAuthenticationContext);

    final RPCTransport transport = SMBTransportFactories.SRVSVC.getTransport(session);
    final ServerService serverService = new ServerService(transport);
    final List<NetShareInfo0> shares = serverService.getShares();
    for (final NetShareInfo0 share : shares) {
        System.out.println(share);
    }
}

My guess is this does not show your share name, and you were instead using a folder within a share thinking it was a share.

gvj414 commented 3 years ago

Add this module:

<dependency>
  <groupId>com.rapid7.client</groupId>
  <artifactId>dcerpc</artifactId>
  <version>0.10.0</version>
</dependency>

Use this to enumerate your shares:

final SMBClient smbClient = new SMBClient();
try (final Connection smbConnection = smbClient.connect("10.250.21.59")) {
    final AuthenticationContext smbAuthenticationContext = new AuthenticationContext("username", "password".toCharArray(), "");
    final Session session = smbConnection.authenticate(smbAuthenticationContext);

    final RPCTransport transport = SMBTransportFactories.SRVSVC.getTransport(session);
    final ServerService serverService = new ServerService(transport);
    final List<NetShareInfo0> shares = serverService.getShares();
    for (final NetShareInfo0 share : shares) {
        System.out.println(share);
    }
}

My guess is this does not show your share name, and you were instead using a folder within a share thinking it was a share.

When I did try this

02/08/2021 19:09:33.806 [restartedMain - ] INFO c.c.a.AdminApplication - Started AdminApplication in 35.294 seconds (JVM running for 441.128)
02/08/2021 19:09:33.833 [restartedMain - ] INFO o.s.b.d.a.ConditionEvaluationDeltaLoggingListener - Condition evaluation unchanged
02/08/2021 19:53:04.059 [http-nio-8080-exec-2 - ] INFO o.a.c.c.C.[.[.[/] - Initializing Spring DispatcherServlet 'dispatcherServlet'
02/08/2021 19:53:04.067 [http-nio-8080-exec-2 - ] INFO o.s.w.s.DispatcherServlet - Initializing Servlet 'dispatcherServlet'
02/08/2021 19:53:04.158 [http-nio-8080-exec-2 - ] INFO o.s.w.s.DispatcherServlet - Completed initialization in 91 ms
02/08/2021 19:53:07.226 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.s.ProxySocketFactory - Connecting to /10.250.21.59:445
02/08/2021 19:53:07.277 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.PacketReader - Starting PacketReader on thread: Packet Reader for 10.250.21.59
02/08/2021 19:53:07.278 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Negotiating dialects [SMB_2_0_2, SMB_2_1] with server 10.250.21.59
02/08/2021 19:53:07.279 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 1) credits to SMB2_NEGOTIATE with message id << 0 >>
02/08/2021 19:53:07.279 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_NEGOTIATE with message id << 0 >>
02/08/2021 19:53:07.280 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 0 >>
02/08/2021 19:53:07.333 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@3a69a73a
02/08/2021 19:53:07.334 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 1 credits for com.hierynomus.mssmb2.SMB2PacketData@3a69a73a, now available: 1 credits
02/08/2021 19:53:07.334 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 0 >> to `SMB2_NEGOTIATE with message id << 0 >>`
02/08/2021 19:53:07.334 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Negotiated the following connection settings: ConnectionInfo{
  serverGuid=2d6d6361-7364-2d34-7361-6d6261300000,
  serverName='10.250.21.59',
  negotiatedProtocol=NegotiatedProtocol{dialect=SMB_2_1, maxTransactSize=1048576, maxReadSize=1048576, maxWriteSize=1048576},
  clientGuid=51325a4c-e434-4387-a01c-7bef83e68c3d,
  clientCapabilities=[SMB2_GLOBAL_CAP_DFS],
  serverCapabilities=[SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_LARGE_MTU],
  clientSecurityMode=0,
  serverSecurityMode=1,
  server='null'
}
02/08/2021 19:53:07.334 [http-nio-8080-exec-2 - ] INFO c.h.s.c.Connection - Successfully connected to: 10.250.21.59
02/08/2021 19:53:07.336 [http-nio-8080-exec-2 - ] DEBUG c.h.s.a.NtlmAuthenticator - Initialized Authentication of greatplains using NTLM
02/08/2021 19:53:07.336 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 1 >>
02/08/2021 19:53:07.336 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_SESSION_SETUP with message id << 1 >>
02/08/2021 19:53:07.336 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 1 >>
02/08/2021 19:53:07.375 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@34ae5e07
02/08/2021 19:53:07.376 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 1 credits for com.hierynomus.mssmb2.SMB2PacketData@34ae5e07, now available: 1 credits
02/08/2021 19:53:07.376 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 1 >> to `SMB2_SESSION_SETUP with message id << 1 >>`
02/08/2021 19:53:07.376 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - More processing required for authentication of greatplains using com.hierynomus.smbj.auth.NtlmAuthenticator@cd39bd1
02/08/2021 19:53:07.376 [http-nio-8080-exec-2 - ] DEBUG c.h.s.a.NtlmAuthenticator - Received token: a1 81 d0 30 81 cd a0 03 0a 01 01 a1 0c 06 0a 2b 06 01 04 01 82 37 02 02 0a a2 81 b7 04 81 b4 4e 54 4c 4d 53 53 50 00 02 00 00 00 1c 00 1c 00 30 00 00 00 15 82 8a e0 da c7 a2 9a 28 90 3e 89 00 00 00 00 00 00 00 00 68 00 68 00 4c 00 00 00 41 00 43 00 4d 00 2d 00 44 00 53 00 34 00 2d 00 53 00 41 00 4d 00 42 00 41 00 30 00 02 00 1c 00 41 00 43 00 4d 00 2d 00 44 00 53 00 34 00 2d 00 53 00 41 00 4d 00 42 00 41 00 30 00 01 00 1c 00 41 00 43 00 4d 00 2d 00 44 00 53 00 34 00 2d 00 53 00 41 00 4d 00 42 00 41 00 30 00 04 00 00 00 03 00 1c 00 61 00 63 00 6d 00 2d 00 64 00 73 00 34 00 2d 00 73 00 61 00 6d 00 62 00 61 00 30 00 00 00 00 00
02/08/2021 19:53:07.376 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>]
02/08/2021 19:53:07.376 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],<unknown>]
02/08/2021 19:53:07.376 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>]
02/08/2021 19:53:07.376 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],<unknown>]
02/08/2021 19:53:07.376 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1Sequence[[ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,0],<unknown>], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,1],<unknown>], ASN1TaggedObject[ASN1Tag[CONTEXT_SPECIFIC,CONSTRUCTED,2],<unknown>]]]
02/08/2021 19:53:07.377 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1Enumerated[1]
02/08/2021 19:53:07.377 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1ObjectIdentifier[1.3.6.1.4.1.311.2.2.10]
02/08/2021 19:53:07.377 [http-nio-8080-exec-2 - ] DEBUG c.h.a.ASN1InputStream - Read ASN.1 object: ASN1OctetString[[78, 84, 76, 77, 83, 83, 80, 0, 2, 0, 0, 0, 28, 0, 28, 0, 48, 0, 0, 0, 21, -126, -118, -32, -38, -57, -94, -102, 40, -112, 62, -119, 0, 0, 0, 0, 0, 0, 0, 0, 104, 0, 104, 0, 76, 0, 0, 0, 65, 0, 67, 0, 77, 0, 45, 0, 68, 0, 83, 0, 52, 0, 45, 0, 83, 0, 65, 0, 77, 0, 66, 0, 65, 0, 48, 0, 2, 0, 28, 0, 65, 0, 67, 0, 77, 0, 45, 0, 68, 0, 83, 0, 52, 0, 45, 0, 83, 0, 65, 0, 77, 0, 66, 0, 65, 0, 48, 0, 1, 0, 28, 0, 65, 0, 67, 0, 77, 0, 45, 0, 68, 0, 83, 0, 52, 0, 45, 0, 83, 0, 65, 0, 77, 0, 66, 0, 65, 0, 48, 0, 4, 0, 0, 0, 3, 0, 28, 0, 97, 0, 99, 0, 109, 0, 45, 0, 100, 0, 115, 0, 52, 0, 45, 0, 115, 0, 97, 0, 109, 0, 98, 0, 97, 0, 48, 0, 0, 0, 0, 0]]
02/08/2021 19:53:07.378 [http-nio-8080-exec-2 - ] DEBUG c.h.s.a.NtlmAuthenticator - Received NTLM challenge from: ACM-DS4-SAMBA0
02/08/2021 19:53:07.386 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 1) credits to SMB2_SESSION_SETUP with message id << 2 >>
02/08/2021 19:53:07.386 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_SESSION_SETUP with message id << 2 >>
02/08/2021 19:53:07.387 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 2 >>
02/08/2021 19:53:07.428 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@3091cc4a
02/08/2021 19:53:07.428 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 33 credits for com.hierynomus.mssmb2.SMB2PacketData@3091cc4a, now available: 33 credits
02/08/2021 19:53:07.429 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 2 >> to `SMB2_SESSION_SETUP with message id << 2 >>`
02/08/2021 19:53:07.429 [http-nio-8080-exec-2 - ] INFO c.h.s.c.Connection - Successfully authenticated greatplains on 10.250.21.59, session is 1889740520
02/08/2021 19:53:07.491 [http-nio-8080-exec-2 - ] INFO c.h.s.s.Session - Connecting to \\10.250.21.59\IPC$ on session 1889740520
02/08/2021 19:53:07.492 [http-nio-8080-exec-2 - ] DEBUG c.h.s.s.PacketSignatory - Not wrapping SMB2_TREE_CONNECT as signed, as no key is set.
02/08/2021 19:53:07.492 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 33) credits to SMB2_TREE_CONNECT with message id << 3 >>
02/08/2021 19:53:07.492 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_TREE_CONNECT with message id << 3 >>
02/08/2021 19:53:07.493 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 3 >>
02/08/2021 19:53:07.533 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@7593543c
02/08/2021 19:53:07.533 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 33 credits for com.hierynomus.mssmb2.SMB2PacketData@7593543c, now available: 65 credits
02/08/2021 19:53:07.538 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 3 >> to `SMB2_TREE_CONNECT with message id << 3 >>`
02/08/2021 19:53:07.592 [http-nio-8080-exec-2 - ] DEBUG c.h.s.s.PacketSignatory - Not wrapping SMB2_CREATE as signed, as no key is set.
02/08/2021 19:53:07.592 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 65) credits to SMB2_CREATE with message id << 4 >>
02/08/2021 19:53:07.592 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_CREATE with message id << 4 >>
02/08/2021 19:53:07.596 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 4 >>
02/08/2021 19:53:07.671 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@61e50a1a
02/08/2021 19:53:07.672 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 33 credits for com.hierynomus.mssmb2.SMB2PacketData@61e50a1a, now available: 97 credits
02/08/2021 19:53:07.675 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 4 >> to `SMB2_CREATE with message id << 4 >>`
02/08/2021 19:53:07.780 [http-nio-8080-exec-2 - ] DEBUG c.h.s.s.PacketSignatory - Not wrapping SMB2_IOCTL as signed, as no key is set.
02/08/2021 19:53:07.781 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 16 (out of 97) credits to SMB2_IOCTL with message id << 5 >>
02/08/2021 19:53:07.781 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_IOCTL with message id << 5 >>
02/08/2021 19:53:07.782 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 5 >>
02/08/2021 19:53:07.834 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@5126a683
02/08/2021 19:53:07.834 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 48 credits for com.hierynomus.mssmb2.SMB2PacketData@5126a683, now available: 129 credits
02/08/2021 19:53:07.835 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 5 >> to `SMB2_IOCTL with message id << 5 >>`
02/08/2021 19:53:08.045 [http-nio-8080-exec-2 - ] DEBUG c.h.s.s.PacketSignatory - Not wrapping SMB2_IOCTL as signed, as no key is set.
02/08/2021 19:53:08.047 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 16 (out of 129) credits to SMB2_IOCTL with message id << 21 >>
02/08/2021 19:53:08.047 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_IOCTL with message id << 21 >>
02/08/2021 19:53:08.048 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 21 >>
02/08/2021 19:53:08.109 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@56403f23
02/08/2021 19:53:08.109 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 48 credits for com.hierynomus.mssmb2.SMB2PacketData@56403f23, now available: 161 credits
02/08/2021 19:53:08.110 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 21 >> to `SMB2_IOCTL with message id << 21 >>`
NetShareInfo0{netName: "IPC$"}
02/08/2021 19:53:08.120 [http-nio-8080-exec-2 - ] INFO c.h.s.s.Session - Logging off session 1889740520 from host 10.250.21.59
02/08/2021 19:53:08.121 [http-nio-8080-exec-2 - ] DEBUG c.h.s.s.PacketSignatory - Not wrapping SMB2_TREE_DISCONNECT as signed, as no key is set.
02/08/2021 19:53:08.121 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 161) credits to SMB2_TREE_DISCONNECT with message id << 37 >>
02/08/2021 19:53:08.121 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_TREE_DISCONNECT with message id << 37 >>
02/08/2021 19:53:08.121 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 37 >>
02/08/2021 19:53:08.180 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@1a137895
02/08/2021 19:53:08.180 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 33 credits for com.hierynomus.mssmb2.SMB2PacketData@1a137895, now available: 193 credits
02/08/2021 19:53:08.181 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 37 >> to `SMB2_TREE_DISCONNECT with message id << 37 >>`
02/08/2021 19:53:08.181 [http-nio-8080-exec-2 - ] DEBUG c.h.s.s.Session - Notified of TreeDisconnected <<307484568>>
02/08/2021 19:53:08.182 [http-nio-8080-exec-2 - ] DEBUG c.h.s.s.PacketSignatory - Not wrapping SMB2_LOGOFF as signed, as no key is set.
02/08/2021 19:53:08.182 [http-nio-8080-exec-2 - ] DEBUG c.h.s.c.Connection - Granted 1 (out of 193) credits to SMB2_LOGOFF with message id << 38 >>
02/08/2021 19:53:08.182 [http-nio-8080-exec-2 - ] DEBUG c.h.s.t.t.d.DirectTcpTransport - Writing packet SMB2_LOGOFF with message id << 38 >>
02/08/2021 19:53:08.182 [http-nio-8080-exec-2 - ] DEBUG c.h.p.c.c.Promise - Awaiting << 38 >>
02/08/2021 19:53:08.503 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.t.PacketReader - Received packet com.hierynomus.mssmb2.SMB2PacketData@54556995
02/08/2021 19:53:08.503 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.s.c.Connection - Server granted us 33 credits for com.hierynomus.mssmb2.SMB2PacketData@54556995, now available: 225 credits
02/08/2021 19:53:08.503 [Packet Reader for 10.250.21.59 - ] DEBUG c.h.p.c.c.Promise - Setting << 38 >> to `SMB2_LOGOFF with message id << 38 >>`
gvj414 commented 3 years ago

Can you grab a pcap file from the traffic? Maybe we can see from there what's going wrong then? Also are there any logs on the server?

@hierynomus
Can you please let me know what Can I do to get pcap file from traffic ? I have logs on the Server

BR-Nicholas-Prado commented 3 years ago

I think he means use some software like wireshark to create a pcap file (packet capture) to get a lower level view of the message traffic between you and whatever should resolve the hostname.

gvj414 commented 7 months ago

ended up rewriting the app based on new requirements.

gvj414 commented 7 months ago

closing.