2.2.5.5.1 Request
SMB_Parameters: The SMB_Parameters section contains the relevant fields for the TRANS_RAW_READ_NMPIPE subcommand of the SMB_COM_TRANSACTION request.
-
-
WordCount (1 byte): This field MUST be set to 0x10.
-
Words (32 bytes):
-
-
TotalParameterCount (2 bytes): This field MUST be set to 0x0000.
-
TotalDataCount (2 bytes): This field MUST be set to 0x0000.
-
MaxParameterCount (2 bytes): This field SHOULD be set to 0x0006.
-
MaxDataCount (2 bytes): This field SHOULD be set to the number of bytes that the client attempts to peek from the named pipe.
-
MaxSetupCount (1 byte): This field SHOULD be 0x00.
-
Flags (2 bytes): This field SHOULD be set to 0x0000 for this request.
-
Timeout (4 bytes): This field SHOULD be set to 0x00000000 for this request.
-
ParameterCount (2 bytes): This field MUST be set to 0x0000.
-
DataCount (2 bytes): This field MUST be set to 0x0000.
-
SetupCount (1 byte): This field MUST be set to 0x02.
-
Setup (4 bytes):
-
-
Subcommand (2 bytes): This field MUST be set to the transaction subcommand of TRANS_PEEK_NMPIPE (0x0023).
-
FID (2 bytes): This field is the FID for the named pipe to read. This field MUST be set to a valid FID from a server response for a previous SMB command to open or create a named pipe. These commands include SMB_COM_OPEN, SMB_COM_CREATE, SMB_COM_CREATE_TEMPORARY, SMB_COM_CREATE_NEW, SMB_COM_OPEN_ANDX, SMB_COM_NT_CREATE_ANDX, and SMB_COM_NT_TRANSACT with subcommand NT_TRANSACT_CREATE.
-
-
-
-
-