archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/base/fs/rdr2/rdbss/smb.mrx/umt_stff/good.txt

302 lines
18 KiB
Raw Normal View History

commiting as it is
4 years ago
  2. E:\nt\private\ntos\rdr2\rdbss\smb.mrx\umt_stff>if x86 == x86 obj\i386\umt_stff
  3. Calling stufferdebug
  4. Here in stuffer debug
  5. Initial SMB Current size = 20 (32)
  6. 000 424d53ff 000000ff 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  7. First readcommand status = 0
  8. SMB w/ NTREAD&X before stuffing Current size = 20 (32)
  9. 000 424d53ff 0000002e 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  10. StufferAC = XwdwWdW
  11. StufferFloop 'X'
  12. StufferFloop 'w' arg=25670
  13. StufferFloop 'd' arg=1953719887
  14. StufferFloop 'w' arg=30797
  15. StufferFloop 'w' arg=28237
  16. StufferFloop 'd' arg=1953853268
  17. StufferFloop 'w' arg=29763
  18. StufferCloop NewStufferControl=1
  19. StufferAC = d
  20. StufferFloop 'd' arg=1751607624
  21. StufferCloop NewStufferControl=1
  22. StufferAC = B!
  23. StufferFloop 'b' Wct=12
  24. StufferFloop '!' arg=0
  25. SMB w/ NTREAD&X after stuffing Current size = 3b (59)
  26. 000 424d53ff 0000002e 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  27. 020 de00ff0c 4f6446de 4d747366 546e4d78 4374756f 67694874 00000068 .... .FdO fstM xMnT outC tHig h..
  28. Second readcommand status = 0
  29. SMB w/ notNTREAD&X before stuffing Current size = 3b (59)
  30. 000 424d53ff 0000002e 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  31. 020 3b002e0c 4f644600 4d747366 546e4d78 4374756f 67694874 00000068 ...; .FdO fstM xMnT outC tHig h..
  32. StufferAC = XwdwWdW
  33. StufferFloop 'X'
  34. StufferFloop 'w' arg=25670
  35. StufferFloop 'd' arg=1953719887
  36. StufferFloop 'w' arg=30797
  37. StufferFloop 'w' arg=28237
  38. StufferFloop 'd' arg=1953853268
  39. StufferFloop 'w' arg=29763
  40. StufferCloop NewStufferControl=2
  41. StufferAC = d
  42. StufferCloop NewStufferControl=1
  43. StufferAC = B!
  44. StufferFloop 'b' Wct=10
  45. StufferFloop '!' arg=0
  46. SMB w/ notNTREAD&X after stuffing Current size = 52 (82)
  47. 000 424d53ff 0000002e 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  48. 020 3b002e0c 4f644600 4d747366 546e4d78 4374756f 67694874 0a000068 dede00ff ...; .FdO fstM xMnT outC tHig h... ....
  49. 040 664f6446 784d7473 6f546e4d 74437475 00000000 FdOf stMx MnTo utCt ..
  50. Third readcommand status = 0
  51. SMB w/ NTWRITE&X before stuffing Current size = 52 (82)
  52. 000 424d53ff 0000002e 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  53. 020 3b002e0c 4f644600 4d747366 546e4d78 4374756f 67694874 0a000068 0052002f ...; .FdO fstM xMnT outC tHig h... /.R.
  54. 040 664f6446 784d7473 6f546e4d 74437475 00000000 FdOf stMx MnTo utCt ..
  55. StufferAC = XwddwWwwq
  56. StufferFloop 'X'
  57. StufferFloop 'w' arg=25670
  58. StufferFloop 'd' arg=1953719887
  59. StufferFloop 'd' arg=1953853268
  60. StufferFloop 'w' arg=25677
  61. StufferFloop 'w' arg=29763
  62. StufferFloop 'w' arg=11565
  63. StufferFloop 'w' arg=33
  64. StufferFloop 'q'
  65. StufferCloop NewStufferControl=1
  66. StufferAC = d
  67. StufferFloop 'd' arg=1751607624
  68. StufferCloop NewStufferControl=1
  69. StufferAC = BSc5!
  70. StufferFloop 'b' Wct=14
  71. StufferFloop 'S'
  72. StufferFloop 'c' copycount = 33
  73. StufferFloop '5' offset=149
  74. StufferFloop '!' arg=36
  75. SMB w/ NTWRITE&X after stuffing Current size = 95 (149)
  76. 000 424d53ff 0000002e 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  77. 020 3b002e0c 4f644600 4d747366 546e4d78 4374756f 67694874 0a000068 0052002f ...; .FdO fstM xMnT outC tHig h... /.R.
  78. 040 664f6446 784d7473 6f546e4d 74437475 ff0e0000 46dede00 73664f64 756f5474 FdOf stMx MnTo utCt .... ...F dOfs tTou
  79. 060 43644d74 212d2d74 48009500 24686769 eeeeee00 33323130 37363534 33323130 tMdC t--! ...H igh$ .... 0123 4567 0123
  80. 080 37363534 33323130 37363534 33323130 37363534 00000000 4567 0123 4567 0123 4567 .
  81. Initial SMB Current size = 20 (32)
  82. 000 424d53ff 000000ff 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  83. First SS&X command status = 0
  84. SMB w/ NTSESSSS&X before stuffing Current size = 20 (32)
  85. 000 424d53ff 00000073 80000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB s... .... .... .... .... .... jj..
  86. APsize=e, UPsize=10
  87. StufferAC = XwwwDw
  88. StufferFloop 'X'
  89. StufferFloop 'w' arg=26178
  90. StufferFloop 'w' arg=30797
  91. StufferFloop 'w' arg=25430
  92. StufferFloop 'd' arg=1936942419
  93. StufferFloop 'w' arg=14
  94. StufferCloop NewStufferControl=1
  95. StufferAC = wddBcczzzz
  96. StufferFloop 'w' arg=16
  97. StufferFloop 'd' arg=1685484370
  98. StufferFloop 'd' arg=1936744771
  99. StufferFloop 'b' Wct=13
  100. StufferFloop 'c' copycount = 14
  101. StufferFloop 'c' copycount = 16
  102. StufferFloop '4/z/>' stringing = AccountName, cp=
  103. StufferFloop '4/z/>' aligning
  104. StufferFloop '4/z/>' stringing = PrimaryDomain, cp=
  105. StufferFloop '4/z/>' stringing = NativeOS, cp=
  106. StufferFloop '4/z/>' stringing = NativeLanMan, cp=
  107. StufferCloop NewStufferControl=1
  108. StufferAC = !
  109. StufferFloop '!' arg=127
  110. SMB w/ NTSESSSS&X after stuffing Current size = bc (188)
  111. 000 424d53ff 00000073 80000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB s... .... .... .... .... .... jj..
  112. 020 de00ff0d 4d6642de 53635678 0e737365 52001000 43647673 7f737061 63734100 .... .BfM xVcS ess. ...R svdC aps. .Asc
  113. 040 61506969 6f777373 50006472 73006100 77007300 72006f00 00006400 00630041 iiPa sswo rd.P .a.s .s.w .o.r .d.. A.c.
  114. 060 006f0063 006e0075 004e0074 006d0061 00000065 00720050 006d0069 00720061 c.o. u.n. t.N. a.m. e... P.r. i.m. a.r.
  115. 080 00440079 006d006f 00690061 0000006e 0061004e 00690074 00650076 0053004f y.D. o.m. a.i. n... N.a. t.i. v.e. O.S.
  116. 0a0 004e0000 00740061 00760069 004c0065 006e0061 0061004d 0000006e ..N. a.t. i.v. e.L. a.n. M.a. n...
  117. TC&X command status = 0
  118. SMB w/ TREECON&X before stuffing Current size = bc (188)
  119. 000 424d53ff 00000073 80000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB s... .... .... .... .... .... jj..
  120. 020 bc00750d 4d664200 53635678 0e737365 52001000 43647673 7f737061 63734100 .u.. .BfM xVcS ess. ...R svdC aps. .Asc
  121. 040 61506969 6f777373 50006472 73006100 77007300 72006f00 00006400 00630041 iiPa sswo rd.P .a.s .s.w .o.r .d.. A.c.
  122. 060 006f0063 006e0075 004e0074 006d0061 00000065 00720050 006d0069 00720061 c.o. u.n. t.N. a.m. e... P.r. i.m. a.r.
  123. 080 00440079 006d006f 00690061 0000006e 0061004e 00690074 00650076 0053004f y.D. o.m. a.i. n... N.a. t.i. v.e. O.S.
  124. 0a0 004e0000 00740061 00760069 004c0065 006e0061 0061004d 0000006e ..N. a.t. i.v. e.L. a.n. M.a. n...
  125. StufferAC = XwwBana!
  126. StufferFloop 'X'
  127. StufferFloop 'w' arg=26438
  128. StufferFloop 'w' arg=1
  129. StufferFloop 'b' Wct=4
  130. StufferFloop 'a' stringing =
  131. StufferFloop 'n' stringing = \SERver\SHare
  132. StufferFloop 'a' stringing = A:
  133. StufferFloop '!' arg=34
  134. SMB w/ TREECON&X after stuffing Current size = e9 (233)
  135. 000 424d53ff 00000073 80000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB s... .... .... .... .... .... jj..
  136. 020 bc00750d 4d664200 53635678 0e737365 52001000 43647673 7f737061 63734100 .u.. .BfM xVcS ess. ...R svdC aps. .Asc
  137. 040 61506969 6f777373 50006472 73006100 77007300 72006f00 00006400 00630041 iiPa sswo rd.P .a.s .s.w .o.r .d.. A.c.
  138. 060 006f0063 006e0075 004e0074 006d0061 00000065 00720050 006d0069 00720061 c.o. u.n. t.N. a.m. e... P.r. i.m. a.r.
  139. 080 00440079 006d006f 00690061 0000006e 0061004e 00690074 00650076 0053004f y.D. o.m. a.i. n... N.a. t.i. v.e. O.S.
  140. 0a0 004e0000 00740061 00760069 004c0065 006e0061 0061004d 0000006e de00ff04 ..N. a.t. i.v. e.L. a.n. M.a. n... ....
  141. 0c0 016746de 00002200 005c005c 00450053 00760052 00720065 0053005c 00610048 .Fg. .".. \.\. S.E. R.v. e.r. \.S. H.a.
  142. 0e0 00650072 3a410000 00000000 r.e. ..A: .
  143. Aligning start of smb cp&m,m,r=00000001 00000003 00000000
  144. Third readcommand status = 0
  145. SMB w/ NTOPEN&X before stuffing Current size = ec (236)
  146. 000 424d53ff 00000073 80000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB s... .... .... .... .... .... jj..
  147. 020 bc00750d 4d664200 53635678 0e737365 52001000 43647673 7f737061 63734100 .u.. .BfM xVcS ess. ...R svdC aps. .Asc
  148. 040 61506969 6f777373 50006472 73006100 77007300 72006f00 00006400 00630041 iiPa sswo rd.P .a.s .s.w .o.r .d.. A.c.
  149. 060 006f0063 006e0075 004e0074 006d0061 00000065 00720050 006d0069 00720061 c.o. u.n. t.N. a.m. e... P.r. i.m. a.r.
  150. 080 00440079 006d006f 00690061 0000006e 0061004e 00690074 00650076 0053004f y.D. o.m. a.i. n... N.a. t.i. v.e. O.S.
  151. 0a0 004e0000 00740061 00760069 004c0065 006e0061 0061004d 0000006e ec00a204 ..N. a.t. i.v. e.L. a.n. M.a. n... ....
  152. 0c0 01674600 00002200 005c005c 00450053 00760052 00720065 0053005c 00610048 .Fg. .".. \.\. S.E. R.v. e.r. \.S. H.a.
  153. 0e0 00650072 3a410000 2c2c2c00 r.e. ..A: .,,,
  154. StufferAC = XmwdddDdddDddyB
  155. StufferFloop 'X'
  156. StufferFloop 'm'
  157. StufferFloop 'w' arg=20
  158. StufferFloop 'd' arg=1936157766
  159. StufferFloop 'd' arg=1684629060
  160. StufferFloop 'd' arg=1802723661
  161. StufferFloop 'd' arg=544698188
  162. StufferFloop 'd' arg=1751607624
  163. StufferFloop 'd' arg=1651668033
  164. StufferFloop 'd' arg=1667449171
  165. StufferFloop 'd' arg=1886611780
  166. StufferFloop 'd' arg=1853124687
  167. StufferFloop 'd' arg=1819700297
  168. StufferFloop 'y' arg=221
  169. StufferFloop 'b' Wct=24
  170. StufferCloop NewStufferControl=0
  171. SMB w/ NTOPEN&X midway into stuffing Current size = 11f (287)
  172. 000 424d53ff 00000073 80000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB s... .... .... .... .... .... jj..
  173. 020 bc00750d 4d664200 53635678 0e737365 52001000 43647673 7f737061 63734100 .u.. .BfM xVcS ess. ...R svdC aps. .Asc
  174. 040 61506969 6f777373 50006472 73006100 77007300 72006f00 00006400 00630041 iiPa sswo rd.P .a.s .s.w .o.r .d.. A.c.
  175. 060 006f0063 006e0075 004e0074 006d0061 00000065 00720050 006d0069 00720061 c.o. u.n. t.N. a.m. e... P.r. i.m. a.r.
  176. 080 00440079 006d006f 00690061 0000006e 0061004e 00690074 00650076 0053004f y.D. o.m. a.i. n... N.a. t.i. v.e. O.S.
  177. 0a0 004e0000 00740061 00760069 004c0065 006e0061 0061004d 0000006e ec00a204 ..N. a.t. i.v. e.L. a.n. M.a. n... ....
  178. 0c0 01674600 00002200 005c005c 00450053 00760052 00720065 0053005c 00610048 .Fg. .".. \.\. S.E. R.v. e.r. \.S. H.a.
  179. 0e0 00650072 3a410000 2c2c2c00 de00ff18 001400de 73676c46 64696644 6b73614d r.e. ..A: .,,, .... .... Flgs Dfid Mask
  180. 100 20776f4c 68676948 62727441 63634153 70736944 6e74704f 6c766c49 00facedd Low. High Atrb SAcc Disp Optn Ilvl ...
  181. Testing for fit: 0 Fits
  182. Testing for fit: 128 Fits
  183. Testing for fit: 256 Doesn't Fit
  184. Testing for fit: 384 Doesn't Fit
  185. Testing for fit: 512 Doesn't Fit
  186. Testing for fit: 640 Doesn't Fit
  187. Testing for fit: 768 Doesn't Fit
  188. Testing for fit: 896 Doesn't Fit
  189. Testing for fit: 1024 Doesn't Fit
  190. StufferAC = v!
  191. StufferFloop 'v' stringing = FileToOpen
  192. StufferFloop 'v' aligning
  193. StufferFloop '!' arg=21
  194. SMB w/ NTOPEN&X after stuffing Current size = 134 (308)
  195. 000 424d53ff 00000073 80000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB s... .... .... .... .... .... jj..
  196. 020 bc00750d 4d664200 53635678 0e737365 52001000 43647673 7f737061 63734100 .u.. .BfM xVcS ess. ...R svdC aps. .Asc
  197. 040 61506969 6f777373 50006472 73006100 77007300 72006f00 00006400 00630041 iiPa sswo rd.P .a.s .s.w .o.r .d.. A.c.
  198. 060 006f0063 006e0075 004e0074 006d0061 00000065 00720050 006d0069 00720061 c.o. u.n. t.N. a.m. e... P.r. i.m. a.r.
  199. 080 00440079 006d006f 00690061 0000006e 0061004e 00690074 00650076 0053004f y.D. o.m. a.i. n... N.a. t.i. v.e. O.S.
  200. 0a0 004e0000 00740061 00760069 004c0065 006e0061 0061004d 0000006e ec00a204 ..N. a.t. i.v. e.L. a.n. M.a. n... ....
  201. 0c0 01674600 00002200 005c005c 00450053 00760052 00720065 0053005c 00610048 .Fg. .".. \.\. S.E. R.v. e.r. \.S. H.a.
  202. 0e0 00650072 3a410000 2c2c2c00 de00ff18 001400de 73676c46 64696644 6b73614d r.e. ..A: .,,, .... .... Flgs Dfid Mask
  203. 100 20776f4c 68676948 62727441 63634153 70736944 6e74704f 6c766c49 000015dd Low. High Atrb SAcc Disp Optn Ilvl ....
  204. 120 00690046 0065006c 006f0054 0070004f 006e0065 F.i. l.e. T.o. O.p. e.n.
  205. Initial SMB Current size = 20 (32)
  206. 000 424d53ff 000000ff 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  207. Initial NTCREATE&X status = 0
  208. SMB w/ NTOPEN&X before stuffing Current size = 20 (32)
  209. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  210. StufferAC = XmwdddDdddDddyB
  211. StufferFloop 'X'
  212. StufferFloop 'm'
  213. StufferFloop 'w' arg=22
  214. StufferFloop 'd' arg=1936157766
  215. StufferFloop 'd' arg=1684629060
  216. StufferFloop 'd' arg=1802723661
  217. StufferFloop 'd' arg=544698188
  218. StufferFloop 'd' arg=1751607624
  219. StufferFloop 'd' arg=1651668033
  220. StufferFloop 'd' arg=1667449171
  221. StufferFloop 'd' arg=1886611780
  222. StufferFloop 'd' arg=1853124687
  223. StufferFloop 'd' arg=1819700297
  224. StufferFloop 'y' arg=221
  225. StufferFloop 'b' Wct=24
  226. StufferCloop NewStufferControl=0
  227. SMB w/ NTOPEN&X midway into stuffing Current size = 53 (83)
  228. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  229. 020 de00ff18 001600de 73676c46 64696644 6b73614d 20776f4c 68676948 62727441 .... .... Flgs Dfid Mask Low. High Atrb
  230. 040 63634153 70736944 6e74704f 6c766c49 00facedd SAcc Disp Optn Ilvl ...
  231. Testing for fit: 0 Fits
  232. Testing for fit: 128 Fits
  233. Testing for fit: 256 Fits
  234. Testing for fit: 384 Fits
  235. Testing for fit: 512 Doesn't Fit
  236. Testing for fit: 640 Doesn't Fit
  237. Testing for fit: 768 Doesn't Fit
  238. Testing for fit: 896 Doesn't Fit
  239. Testing for fit: 1024 Doesn't Fit
  240. StufferAC = rv!
  241. StufferFloop 'r' regionsize = 0
  242. StufferFloop 'v' stringing = FileToOpen2
  243. StufferFloop 'v' aligning
  244. StufferFloop '!' arg=23
  245. SMB w/ NTOPEN&X after stuffing Current size = 6a (106)
  246. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  247. 020 de00ff18 001600de 73676c46 64696644 6b73614d 20776f4c 68676948 62727441 .... .... Flgs Dfid Mask Low. High Atrb
  248. 040 63634153 70736944 6e74704f 6c766c49 000017dd 00690046 0065006c 006f0054 SAcc Disp Optn Ilvl .... F.i. l.e. T.o.
  249. 060 0070004f 006e0065 00000032 O.p. e.n. 2.
  250. SMB w/ NTOPEN&X after filename replacement Current size = 6a (106)
  251. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  252. 020 de00ff18 001600de 73676c46 64696644 6b73614d 20776f4c 68676948 62727441 .... .... Flgs Dfid Mask Low. High Atrb
  253. 040 63634153 70736944 6e74704f 6c766c49 000017dd 00460046 00460046 006f0054 SAcc Disp Optn Ilvl .... F.F. F.F. T.o.
  254. 060 0070004f 006e0065 00000033 O.p. e.n. 3.
  255. Aligning start of smb cp&m,m,r=00000002 00000003 00000000
  256. Another NTCREATE&X status = 0
  257. SMB w/ NTOPEN&X before stuffing Current size = 6c (108)
  258. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  259. 020 6c00a218 00160000 73676c46 64696644 6b73614d 20776f4c 68676948 62727441 ...l .... Flgs Dfid Mask Low. High Atrb
  260. 040 63634153 70736944 6e74704f 6c766c49 000017dd 00460046 00460046 006f0054 SAcc Disp Optn Ilvl .... F.F. F.F. T.o.
  261. 060 0070004f 006e0065 2c2c0033 O.p. e.n. 3.,,
  262. StufferAC = XmwdddDdddDddyB
  263. StufferFloop 'X'
  264. StufferFloop 'm'
  265. StufferFloop 'w' arg=22
  266. StufferFloop 'd' arg=1936157766
  267. StufferFloop 'd' arg=1684629060
  268. StufferFloop 'd' arg=1802723661
  269. StufferFloop 'd' arg=544698188
  270. StufferFloop 'd' arg=1751607624
  271. StufferFloop 'd' arg=1651668033
  272. StufferFloop 'd' arg=1667449171
  273. StufferFloop 'd' arg=1886611780
  274. StufferFloop 'd' arg=1853124687
  275. StufferFloop 'd' arg=1819700297
  276. StufferFloop 'y' arg=221
  277. StufferFloop 'b' Wct=24
  278. StufferCloop NewStufferControl=0
  279. SMB w/ NTOPEN&X midway into stuffing Current size = 9f (159)
  280. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  281. 020 6c00a218 00160000 73676c46 64696644 6b73614d 20776f4c 68676948 62727441 ...l .... Flgs Dfid Mask Low. High Atrb
  282. 040 63634153 70736944 6e74704f 6c766c49 000017dd 00460046 00460046 006f0054 SAcc Disp Optn Ilvl .... F.F. F.F. T.o.
  283. 060 0070004f 006e0065 2c2c0033 de00ff18 001600de 73676c46 64696644 6b73614d O.p. e.n. 3.,, .... .... Flgs Dfid Mask
  284. 080 20776f4c 68676948 62727441 63634153 70736944 6e74704f 6c766c49 00facedd Low. High Atrb SAcc Disp Optn Ilvl ...
  285. StufferAC = s?
  286. StufferFloop 's' arg=
  287. StufferFloop '?' out if 0==00000000
  288. SMB w/ NTOPEN&X after alignment Current size = a0 (160)
  289. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  290. 020 6c00a218 00160000 73676c46 64696644 6b73614d 20776f4c 68676948 62727441 ...l .... Flgs Dfid Mask Low. High Atrb
  291. 040 63634153 70736944 6e74704f 6c766c49 000017dd 00460046 00460046 006f0054 SAcc Disp Optn Ilvl .... F.F. F.F. T.o.
  292. 060 0070004f 006e0065 2c2c0033 de00ff18 001600de 73676c46 64696644 6b73614d O.p. e.n. 3.,, .... .... Flgs Dfid Mask
  293. 080 20776f4c 68676948 62727441 63634153 70736944 6e74704f 6c766c49 eefacedd Low. High Atrb SAcc Disp Optn Ilvl ....
  294. MRxSmbStuffSetByteCount ByteCount=23
  295. SMB w/ NTOPEN&X after filename replacement Current size = a0 (160)
  296. 000 424d53ff 000000a2 00000000 00000000 00000000 00000000 fefebaba dead6a6a .SMB .... .... .... .... .... .... jj..
  297. 020 6c00a218 00160000 73676c46 64696644 6b73614d 20776f4c 68676948 62727441 ...l .... Flgs Dfid Mask Low. High Atrb
  298. 040 63634153 70736944 6e74704f 6c766c49 000017dd 00460046 00460046 006f0054 SAcc Disp Optn Ilvl .... F.F. F.F. T.o.
  299. 060 0070004f 006e0065 2c2c0033 de00ff18 001600de 73676c46 64696644 6b73614d O.p. e.n. 3.,, .... .... Flgs Dfid Mask
  300. 080 20776f4c 68676948 62727441 63634153 70736944 6e74704f 6c766c49 ee0017dd Low. High Atrb SAcc Disp Optn Ilvl ....
  301. -----------Data size = 16 (22)
  302. 0a0 00690046 0065006c 006f0054 0070004f 006e0065 00000032 F.i. l.e. T.o. O.p. e.n. 2.