Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- smbd version 4.7.1 started.
- Copyright Andrew Tridgell and the Samba Team 1992-2017
- Registered MSG_REQ_POOL_USAGE
- Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
- lp_load_ex: refreshing parameters
- Initialising global parameters
- rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
- Processing section "[global]"
- Processing section "[AWSVFS]"
- adding IPC service
- added interface docker0 ip=172.17.0.1 bcast=172.17.255.255 netmask=255.255.0.0
- added interface eth0 ip=192.168.10.94 bcast=192.168.10.255 netmask=255.255.255.0
- loaded services
- INFO: Profiling support unavailable in this build.
- Stopped due to shared library event (no libraries added or removed)
- Stopped due to shared library event:
- Inferior loaded /lib/x86_64-linux-gnu/libnss_compat.so.2
- Loaded '/lib/x86_64-linux-gnu/libnss_compat.so.2'. Symbols loaded.
- Stopped due to shared library event (no libraries added or removed)
- Stopped due to shared library event:
- Inferior loaded /lib/x86_64-linux-gnu/libnss_nis.so.2
- /lib/x86_64-linux-gnu/libnss_files.so.2
- Loaded '/lib/x86_64-linux-gnu/libnss_nis.so.2'. Symbols loaded.
- Loaded '/lib/x86_64-linux-gnu/libnss_files.so.2'. Symbols loaded.
- Failed to fetch domain sid for WORKGROUP
- Failed to fetch domain sid for WORKGROUP
- Initialise the svcctl registry keys if needed.
- Initialise the eventlog registry keys if needed.
- reloading printcap cache
- reload status: ok
- reloading printcap cache
- reload status: ok
- waiting for connections
- Allowed connection from 192.168.10.71 (192.168.10.71)
- init_oplocks: initializing messages.
- Transaction 0 of length 159 (0 toread)
- switch message SMBnegprot (pid 26793) conn 0x0
- Stopped due to shared library event (no libraries added or removed)
- Stopped due to shared library event:
- Inferior loaded /usr/lib/x86_64-linux-gnu/gconv/IBM850.so
- Loaded '/usr/lib/x86_64-linux-gnu/gconv/IBM850.so'. Symbols loaded.
- Stopped due to shared library event (no libraries added or removed)
- Stopped due to shared library event:
- Inferior loaded /usr/lib/x86_64-linux-gnu/gconv/UTF-16.so
- Loaded '/usr/lib/x86_64-linux-gnu/gconv/UTF-16.so'. Symbols loaded.
- Requested protocol [PC NETWORK PROGRAM 1.0]
- Requested protocol [LANMAN1.0]
- Requested protocol [Windows for Workgroups 3.1a]
- Requested protocol [LM1.2X002]
- Requested protocol [LANMAN2.1]
- Requested protocol [NT LM 0.12]
- Requested protocol [SMB 2.002]
- Requested protocol [SMB 2.???]
- Selected protocol SMB2_FF
- Stopped due to shared library event (no libraries added or removed)
- Stopped due to shared library event:
- Inferior loaded /usr/local/samba/lib/gensec/krb5.so
- Loaded '/usr/local/samba/lib/gensec/krb5.so'. Symbols loaded.
- GENSEC backend 'gssapi_spnego' registered
- GENSEC backend 'gssapi_krb5' registered
- GENSEC backend 'gssapi_krb5_sasl' registered
- GENSEC backend 'spnego' registered
- GENSEC backend 'schannel' registered
- GENSEC backend 'naclrpc_as_system' registered
- GENSEC backend 'sasl-EXTERNAL' registered
- GENSEC backend 'ntlmssp' registered
- GENSEC backend 'ntlmssp_resume_ccache' registered
- GENSEC backend 'http_basic' registered
- GENSEC backend 'http_ntlm' registered
- GENSEC backend 'krb5' registered
- GENSEC backend 'fake_gssapi_krb5' registered
- Selected protocol SMB 2.???
- Selected protocol SMB3_11
- Got NTLMSSP neg_flags=0xe2088297
- Got user=[noone] domain=[NRUBIN0470-CPC] workstation=[NRUBIN0470-CPC] len1=24 len2=260
- lp_load_ex: refreshing parameters
- Initialising global parameters
- Processing section "[global]"
- Processing section "[AWSVFS]"
- adding IPC service
- check_ntlm_password: Checking password for unmapped user [NRUBIN0470-CPC][noone]@[NRUBIN0470-CPC] with the new password interface
- check_ntlm_password: mapped user is: [NRUBIN0470-CPC][noone]@[NRUBIN0470-CPC]
- check_sam_security: Couldn't find user 'noone' in passdb.
- check_ntlm_password: Authentication for user [noone] -> [noone] FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
- Auth: [SMB2,(null)] user [NRUBIN0470-CPC][noone] at [ב', 22 ×™× ×• 2018 08:10:03.076238 GMT] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [NRUBIN0470-CPC] remote host [ipv4:192.168.10.71:52554] mapped to [NRUBIN0470-CPC][noone]. local host [ipv4:192.168.10.94:445]
- log_no_json: JSON auth logs not available unless compiled with jansson
- No such user noone [NRUBIN0470-CPC] - using guest account
- Allowed connection from 192.168.10.71 (192.168.10.71)
- Connect path is '/tmp' for service [IPC$]
- Initialising default vfs hooks
- Initialising custom vfs hooks from [/[Default VFS]/]
- nrubin0470-cpc (ipv4:192.168.10.71:52554) connect to service IPC$ initially as user nobody (uid=65534, gid=65534) (pid 26793)
- api_pipe_bind_req: wkssvc -> wkssvc rpc service
- check_bind_req for wkssvc context_id=0
- check_bind_req: wkssvc -> wkssvc rpc service
- api_rpcTNP: rpc command: WKSSVC_NETWKSTAGETINFO
- api_pipe_bind_req: srvsvc -> srvsvc rpc service
- check_bind_req for srvsvc context_id=0
- check_bind_req: srvsvc -> srvsvc rpc service
- api_rpcTNP: rpc command: SRVSVC_NETSRVGETINFO
- api_pipe_bind_req: wkssvc -> wkssvc rpc service
- check_bind_req for wkssvc context_id=0
- check_bind_req: wkssvc -> wkssvc rpc service
- api_rpcTNP: rpc command: WKSSVC_NETWKSTAGETINFO
- api_pipe_bind_req: srvsvc -> srvsvc rpc service
- check_bind_req for srvsvc context_id=0
- check_bind_req: srvsvc -> srvsvc rpc service
- api_rpcTNP: rpc command: SRVSVC_NETSRVGETINFO
- api_pipe_bind_req: srvsvc -> srvsvc rpc service
- check_bind_req for srvsvc context_id=0
- check_bind_req: srvsvc -> srvsvc rpc service
- api_rpcTNP: rpc command: SRVSVC_NETSHAREENUMALL
- nrubin0470-cpc (ipv4:192.168.10.71:52554) closed connection to service IPC$
- [global]
- map to guest = Bad User
- guest account = nobody
- guest only = yes
- log file = /var/log/samba/%m
- log level = 3
- [AWSVFS]
- comment = AWS VFS module
- path = /home/noone/share
- guest ok = yes
- read only = no
- 3.8737777 192.168.10.94 192.168.10.71 WKST WKST:NetrWkstaGetInfo Response, ReturnValue=0 {MSRPC:21, SMB2:20, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8738624 192.168.10.71 192.168.10.94 SMB2 SMB2:C CLOSE (0x6), FID=0xA3ABB877(wkssvc@#669) {SMB2:20, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8740914 192.168.10.94 192.168.10.71 SMB2 SMB2:R CLOSE (0x6), File=wkssvc@#669 {SMB2:20, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8743103 192.168.10.71 192.168.10.94 SMB2 SMB2:C CREATE (0x5), Sh(RWD), File=srvsvc@#685 {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8746416 192.168.10.94 192.168.10.71 SMB2 SMB2:R CREATE (0x5), FID=0xAF9A7796(srvsvc@#685) {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8747049 192.168.10.71 192.168.10.94 SMB2 SMB2:C QUERY INFORMATION (0x10), Class=FileStandardInformation (5), FID=0xAF9A7796(srvsvc@#685) {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8749316 192.168.10.94 192.168.10.71 SMB2 SMB2:R QUERY INFORMATION (0x10), File=srvsvc@#685 {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8750026 192.168.10.71 192.168.10.94 MSRPC MSRPC:c/o Bind: srvs(SRVS) UUID{4B324FC8-1670-01D3-1278-5A47BF6EE188} Call=0x2 Assoc Grp=0x0 Xmit=0x10B8 Recv=0x10B8 {MSRPC:23, SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8752435 192.168.10.94 192.168.10.71 SMB2 SMB2:R WRITE (0x9), File=srvsvc@#685 {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8752999 192.168.10.71 192.168.10.94 SMB2 SMB2:C READ (0x8), FID=0xAF9A7796 (srvsvc@#685) , 0x400 bytes from offset 0 (0x0) {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8756303 192.168.10.94 192.168.10.71 MSRPC MSRPC:c/o Bind Ack: Call=0x2 Assoc Grp=0x53F0 Xmit=0x10B8 Recv=0x10B8 {MSRPC:23, SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8756988 192.168.10.71 192.168.10.94 SRVS SRVS:NetrServerGetInfo Request, ServerName=\192.168.10.94 Level=101 {MSRPC:23, SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8760791 192.168.10.94 192.168.10.71 SRVS SRVS:NetrServerGetInfo Response, Status=ERROR_SUCCESS {MSRPC:23, SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8761586 192.168.10.71 192.168.10.94 SMB2 SMB2:C CLOSE (0x6), FID=0xAF9A7796(srvsvc@#685) {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.8764261 192.168.10.94 192.168.10.71 SMB2 SMB2:R CLOSE (0x6), File=srvsvc@#685 {SMB2:22, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9533802 192.168.10.71 192.168.10.94 SMB2 SMB2:C CREATE (0x5), Sh(RWD), File=srvsvc@#701 {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9537679 192.168.10.94 192.168.10.71 SMB2 SMB2:R CREATE (0x5), FID=0x4FB4666E(srvsvc@#701) {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9538780 192.168.10.71 192.168.10.94 SMB2 SMB2:C QUERY INFORMATION (0x10), Class=FileStandardInformation (5), FID=0x4FB4666E(srvsvc@#701) {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9541882 192.168.10.94 192.168.10.71 SMB2 SMB2:R QUERY INFORMATION (0x10), File=srvsvc@#701 {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9542911 192.168.10.71 192.168.10.94 MSRPC MSRPC:c/o Bind: srvs(SRVS) UUID{4B324FC8-1670-01D3-1278-5A47BF6EE188} Call=0x2 Assoc Grp=0x0 Xmit=0x10B8 Recv=0x10B8 {MSRPC:25, SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9546555 192.168.10.94 192.168.10.71 SMB2 SMB2:R WRITE (0x9), File=srvsvc@#701 {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9547453 192.168.10.71 192.168.10.94 SMB2 SMB2:C READ (0x8), FID=0x4FB4666E (srvsvc@#701) , 0x400 bytes from offset 0 (0x0) {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9551359 192.168.10.94 192.168.10.71 MSRPC MSRPC:c/o Bind Ack: Call=0x2 Assoc Grp=0x53F0 Xmit=0x10B8 Recv=0x10B8 {MSRPC:25, SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9552194 192.168.10.71 192.168.10.94 SRVS SRVS:NetrShareEnum Request, ServerName=\192.168.10.94 PreferedMaximumLength=4294967295 ResumeHandle=NULL {MSRPC:25, SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9557021 192.168.10.94 192.168.10.71 SRVS SRVS:NetrShareEnum Response, TotalEntries=3 ResumeHandle=NULL Status=ERROR_SUCCESS {MSRPC:25, SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9558167 192.168.10.71 192.168.10.94 SMB2 SMB2:C CLOSE (0x6), FID=0x4FB4666E(srvsvc@#701) {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 3.9561380 192.168.10.94 192.168.10.71 SMB2 SMB2:R CLOSE (0x6), File=srvsvc@#701 {SMB2:24, SMBOverTCP:16, TCP:15, IPv4:35}
- 14.5760160 192.168.10.71 192.168.10.94 SMB2 SMB2:C TREE DISCONNECT (0x4), TID=0xe5211280 {SMBOverTCP:16, TCP:15, IPv4:35}
- 14.5765348 192.168.10.94 192.168.10.71 SMB2 SMB2:R TREE DISCONNECT (0x4) {SMBOverTCP:16, TCP:15, IPv4:35}
- 14.5766266 192.168.10.71 192.168.10.94 SMB2 SMB2:C LOGOFF (0x2) {SMBOverTCP:16, TCP:15, IPv4:35}
- 14.5771544 192.168.10.94 192.168.10.71 SMB2 SMB2:R LOGOFF (0x2) {SMBOverTCP:16, TCP:15, IPv4:35}
Add Comment
Please, Sign In to add comment