Partager via


4.1.10 Client Info PDU

The following is an annotated dump of the Client Info PDU (section 2.2.1.11).

 00000000 03 00 01 ab 02 f0 80 64 00 06 03 eb 70 81 9c 48 .......d....p..H
 00000010 00 00 00 45 ca 46 fa 5e a7 be bc 74 21 d3 65 e9 ...E.F.^...t!.e.
 00000020 ba 76 12 7c 55 4b 9d 84 3b 3e 07 29 20 73 25 7b .v.|UK..;>.) s%{
 00000030 e6 9a bb e8 41 8a a0 69 3f 26 9a cd bc a6 03 27 ....A..i?&.....'
 00000040 f5 ce bb a8 c2 ff 0f 38 a3 bf 74 81 ac cb c9 08 .......8..t.....
 00000050 49 0a 43 cf 91 31 36 cd ba 3d 16 4f 11 d7 69 12 I.C..16..=.O..i.
 00000060 c8 e9 57 c0 b8 0f c4 72 66 79 bd 86 ba 30 60 76 ..W....rfy...0`v
 00000070 b4 cd 52 5e 79 8e 88 95 f0 9a 43 20 d9 96 74 1d ..R^y.....C ..t.
 00000080 5c 8a 9a e3 8a 5d d2 55 17 8c f2 66 6b 3f 3d 3a \....].U...fk?=:
 00000090 e3 2a d4 ff d5 11 30 30 e2 ff e2 e4 11 0c 7f 6a .*....00.......j
 000000a0 1e a3 f4 2f dd 4f 89 8c c0 ca d3 8a 49 d7 00 d9 .../.O......I...
 000000b0 09 40 ab 79 1a 72 f9 89 42 af 20 aa 50 c7 cd d0 .@.y.r..B. .P...
 000000c0 b8 1e ab d3 eb 10 01 82 68 9f f5 c9 05 fe 20 bb ........h..... .
 000000d0 7c 68 b4 72 cd 37 53 df 43 0a 6d de cb be 5f 80 |h.r.7S.C.m..._.
 000000e0 05 1e b8 f3 5d 04 0c c6 66 3b 39 5f 5d a2 da b9 ....]...f;9_]...
 000000f0 ea c9 da ba 7c 9d 4e 4a 4f 4a 16 04 ea 4e 23 d3 ....|.NJOJ...N#.
 00000100 6d 2c 2b 42 58 19 69 10 23 d4 e1 af 46 34 fc 23 m,+BX.i.#...F4.#
 00000110 81 59 54 65 5f 6c 67 57 14 62 57 94 f1 81 86 00 .YTe_lgW.bW.....
 00000120 fe 1c 27 f6 76 e2 00 ea c5 f7 b5 e9 b2 ad ef 7f ..'.v...........
 00000130 87 8b 8a b0 d3 1e 43 54 4b ab f6 ba 7f 5a b9 e5 ......CTK....Z..
 00000140 2d 5f 81 ab 2a 15 c4 97 bc d3 92 9a da be 8a b0 -_..*...........
 00000150 fb a4 1a a0 96 26 86 23 10 1b 21 0a 91 05 22 4d .....&.#..!..."M
 00000160 6c 4d 01 4c 84 f3 50 56 4f 3a e4 c0 24 bf 35 f6 lM.L..PVO:..$.5.
 00000170 f5 8b 3f 20 55 98 91 05 4d ee 46 95 44 6d 06 33 ..? U...M.F.Dm.3
 00000180 42 1f 9f 84 91 e7 c5 9f 04 11 de cf a5 07 5f 27 B............._'
 00000190 dd c0 ac b1 a7 98 9d 6d 79 00 70 33 bf 4e 16 23 .......my.p3.N.#
 000001a0 57 f5 c7 88 82 d1 c6 a3 b4 0b 29                W.........)
  
 03 00 01 ab -> TPKT Header (length = 427 bytes)
 02 f0 80 -> X.224 Data TPDU
  
 64 00 06 03 eb 70 81 9c -> PER encoded (ALIGNED variant of BASIC-PER) SendDataRequest
 initiator = 1007 (0x03ef)
 channelId = 1003 (0x03eb)
 dataPriority = high
 segmentation = begin | end
 userData length = 0x19c = 412 bytes
  
 48 00 -> TS_SECURITY_HEADER::flags = 0x0048 
 0x0048
 = 0x0040 | 0x0008 
 = SEC_INFO_PKT | SEC_ENCRYPT
  
 00 00 -> TS_SECURITY_HEADER::flagsHi - ignored as flags field does 
 not contain SEC_FLAGSHI_VALID (0x8000)
 45 ca 46 fa 5e a7 be bc -> TS_SECURITY_HEADER1::dataSignature
  
 74 21 d3 65 e9 ba 76 12 7c 55 4b 9d 84 3b 3e 07 
 29 20 73 25 7b e6 9a bb e8 41 8a a0 69 3f 26 9a 
 cd bc a6 03 27 f5 ce bb a8 c2 ff 0f 38 a3 bf 74 
 81 ac cb c9 08 49 0a 43 cf 91 31 36 cd ba 3d 16 
 4f 11 d7 69 12 c8 e9 57 c0 b8 0f c4 72 66 79 bd 
 86 ba 30 60 76 b4 cd 52 5e 79 8e 88 95 f0 9a 43 
 20 d9 96 74 1d 5c 8a 9a e3 8a 5d d2 55 17 8c f2 
 66 6b 3f 3d 3a e3 2a d4 ff d5 11 30 30 e2 ff e2 
 e4 11 0c 7f 6a 1e a3 f4 2f dd 4f 89 8c c0 ca d3 
 8a 49 d7 00 d9 09 40 ab 79 1a 72 f9 89 42 af 20 
 aa 50 c7 cd d0 b8 1e ab d3 eb 10 01 82 68 9f f5 
 c9 05 fe 20 bb 7c 68 b4 72 cd 37 53 df 43 0a 6d 
 de cb be 5f 80 05 1e b8 f3 5d 04 0c c6 66 3b 39 
 5f 5d a2 da b9 ea c9 da ba 7c 9d 4e 4a 4f 4a 16 
 04 ea 4e 23 d3 6d 2c 2b 42 58 19 69 10 23 d4 e1 
 af 46 34 fc 23 81 59 54 65 5f 6c 67 57 14 62 57 
 94 f1 81 86 00 fe 1c 27 f6 76 e2 00 ea c5 f7 b5 
 e9 b2 ad ef 7f 87 8b 8a b0 d3 1e 43 54 4b ab f6 
 ba 7f 5a b9 e5 2d 5f 81 ab 2a 15 c4 97 bc d3 92 
 9a da be 8a b0 fb a4 1a a0 96 26 86 23 10 1b 21 
 0a 91 05 22 4d 6c 4d 01 4c 84 f3 50 56 4f 3a e4 
 c0 24 bf 35 f6 f5 8b 3f 20 55 98 91 05 4d ee 46 
 95 44 6d 06 33 42 1f 9f 84 91 e7 c5 9f 04 11 de 
 cf a5 07 5f 27 dd c0 ac b1 a7 98 9d 6d 79 00 70 
 33 bf 4e 16 23 57 f5 c7 88 82 d1 c6 a3 b4 0b 29 -> Encrypted 
 TS_INFO_PACKET
  
 Decrypted TS_INFO_PACKET:
 00000000 09 04 09 04 b3 43 00 00 0a 00 0c 00 00 00 00 00 .....C..........
 00000010 00 00 4e 00 54 00 44 00 45 00 56 00 00 00 65 00 ..N.T.D.E.V...e.
 00000020 6c 00 74 00 6f 00 6e 00 73 00 00 00 00 00 00 00 l.t.o.n.s.......
 00000030 00 00 02 00 1e 00 31 00 35 00 37 00 2e 00 35 00 ......1.5.7...5.
 00000040 39 00 2e 00 32 00 34 00 32 00 2e 00 31 00 35 00 9...2.4.2...1.5.
 00000050 36 00 00 00 84 00 43 00 3a 00 5c 00 64 00 65 00 6.....C.:.\.d.e.
 00000060 70 00 6f 00 74 00 73 00 5c 00 77 00 32 00 6b 00 p.o.t.s.\.w.2.k.
 00000070 33 00 5f 00 31 00 5c 00 74 00 65 00 72 00 6d 00 3._.1.\.t.e.r.m.
 00000080 73 00 72 00 76 00 5c 00 6e 00 65 00 77 00 63 00 s.r.v.\.n.e.w.c.
 00000090 6c 00 69 00 65 00 6e 00 74 00 5c 00 6c 00 69 00 l.i.e.n.t.\.l.i.
 000000a0 62 00 5c 00 77 00 69 00 6e 00 33 00 32 00 5c 00 b.\.w.i.n.3.2.\.
 000000b0 6f 00 62 00 6a 00 5c 00 69 00 33 00 38 00 36 00 o.b.j.\.i.3.8.6.
 000000c0 5c 00 6d 00 73 00 74 00 73 00 63 00 61 00 78 00 \.m.s.t.s.c.a.x.
 000000d0 2e 00 64 00 6c 00 6c 00 00 00 e0 01 00 00 50 00 ..d.l.l.......P.
 000000e0 61 00 63 00 69 00 66 00 69 00 63 00 20 00 53 00 a.c.i.f.i.c. .S.
 000000f0 74 00 61 00 6e 00 64 00 61 00 72 00 64 00 20 00 t.a.n.d.a.r.d. .
 00000100 54 00 69 00 6d 00 65 00 00 00 00 00 00 00 00 00 T.i.m.e.........
 00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
 00000120 0a 00 00 00 05 00 02 00 00 00 00 00 00 00 00 00 ................
 00000130 00 00 50 00 61 00 63 00 69 00 66 00 69 00 63 00 ..P.a.c.i.f.i.c.
 00000140 20 00 44 00 61 00 79 00 6c 00 69 00 67 00 68 00  .D.a.y.l.i.g.h.
 00000150 74 00 20 00 54 00 69 00 6d 00 65 00 00 00 00 00 t. .T.i.m.e.....
 00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
 00000170 00 00 00 00 04 00 00 00 01 00 02 00 00 00 00 00 ................
 00000180 00 00 c4 ff ff ff 00 00 00 00 01 00 00 00 00 00 ................
  
 09 04 09 04 -> TS_INFO_PACKET::CodePage = 0x04090409
 Low word = 0x0409 = 1033 = English (US)
 Since the INFO_UNICODE flag is set, this is the active language identifier.
  
 b3 43 00 00 -> TS_INFO_PACKET::flags = 0x000043b3
 0x000043b3
 = 0x00000001 | 
   0x00000002 | 
   0x00000010 |
   0x00000020 |
   0x00000080 |
   0x00000100 | 
   0x00000200 |
   0x00004000
 = INFO_MOUSE |
   INFO_DISABLECTRLALTDEL |
   INFO_UNICODE |
   INFO_MAXIMIZESHELL |
   INFO_COMPRESSION |
   INFO_ENABLEWINDOWSKEY |
   PACKET_COMPR_TYPE_64K << 9 |
   INFO_FORCE_ENCRYPTED_CS_PDU
   
 0a 00 -> TS_INFO_PACKET::cbDomain = 0x0a = 10 bytes (not including 
 the size of the mandatory NULL terminator)
 0c 00 -> TS_INFO_PACKET::cbUserName = 0x0c = 12 bytes (not including 
 the size of the mandatory NULL terminator)
 00 00 -> TS_INFO_PACKET::cbPassword = 0 bytes
 00 00 -> TS_INFO_PACKET::cbAlternateShell = 0 bytes
 00 00 -> TS_INFO_PACKET::cbWorkingDir = 0 bytes
  
 4e 00 54 00 44 00 45 00 56 00 00 00 -> TS_INFO_PACKET::Domain = "NTDEV"
 65 00 6c 00 74 00 6f 00 6e 00 73 00 00 00 -> 
 TS_INFO_PACKET::UserName = "eltons"
 00 00 -> TS_INFO_PACKET::Password = ""
 00 00 -> TS_INFO_PACKET::AlternateShell = ""
 00 00 -> TS_INFO_PACKET::WorkingDir = ""
  
 02 00 -> TS_EXTENDED_INFO_PACKET::clientAddressFamily = AF_INET (2)
 1e 00 -> TS_EXTENDED_INFO_PACKET::cbClientAddress = 0x1e = 30 bytes 
 (including the size of the mandatory NULL terminator)
  
 31 00 35 00 37 00 2e 00 35 00 39 00 2e 00 32 00 
 34 00 32 00 2e 00 31 00 35 00 36 00 00 00 -> 
 TS_EXTENDED_INFO_PACKET::clientAddress = "157.59.242.156"
  
 84 00 -> TS_EXTENDED_INFO_PACKET::cbClientDir = 0x84 = 132 bytes (including the size of the mandatory NULL terminator)
  
 43 00 3a 00 5c 00 64 00 65 00 70 00 6f 00 74 00 
 73 00 5c 00 77 00 32 00 6b 00 33 00 5f 00 31 00 
 5c 00 74 00 65 00 72 00 6d 00 73 00 72 00 76 00 
 5c 00 6e 00 65 00 77 00 63 00 6c 00 69 00 65 00 
 6e 00 74 00 5c 00 6c 00 69 00 62 00 5c 00 77 00 
 69 00 6e 00 33 00 32 00 5c 00 6f 00 62 00 6a 00 
 5c 00 69 00 33 00 38 00 36 00 5c 00 6d 00 73 00 
 74 00 73 00 63 00 61 00 78 00 2e 00 64 00 6c 00 
 6c 00 00 00 -> TS_EXTENDED_INFO_PACKET::clientDir = 
 "C:\depots\w2k3_1\termsrv\newclient\lib\win32\obj\i386\mstscax.dll"
  
 e0 01 00 00 -> TS_TIME_ZONE_INFORMATION::Bias = 0x01e0 = 480 mins = 8 hrs
  
 50 00 61 00 63 00 69 00 66 00 69 00 63 00 20 00 
 53 00 74 00 61 00 6e 00 64 00 61 00 72 00 64 00 
 20 00 54 00 69 00 6d 00 65 00 00 00 00 00 00 00 
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -> 
 TS_TIME_ZONE_INFORMATION::StandardName = "Pacific Standard Time"
  
 00 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wYear = 0
 0a 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wMonth = 0x0a = 
 October (10)
 00 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wDayOfWeek = Sunday (0)
 05 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wDay = 5 (last Sunday)
 02 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wHour = 2am
 00 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wMinute = 0
 00 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wSecond = 0
 00 00 -> TS_TIME_ZONE_INFORMATION::StandardDate::wMilliseconds = 0
  
 00 00 00 00 -> TS_TIME_ZONE_INFORMATION::StandardBias = 0
  
 50 00 61 00 63 00 69 00 66 00 69 00 63 00 20 00 
 44 00 61 00 79 00 6c 00 69 00 67 00 68 00 74 00 
 20 00 54 00 69 00 6d 00 65 00 00 00 00 00 00 00 
 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -> 
 TS_TIME_ZONE_INFORMATION::DaylightName = "Pacific Daylight Time"
  
 00 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wYear = 0
 04 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wMonth = April (4)
 00 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wDayOfWeek = Sunday (0)
 01 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wDay = 1 (first Sunday)
 02 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wHour = 2am
 00 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wMinute = 0
 00 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wSecond = 0
 00 00 -> TS_TIME_ZONE_INFORMATION::DaylightDate::wMilliseconds = 0
  
 c4 ff ff ff -> TS_TIME_ZONE_INFORMATION::DaylightBias = 0xffffffc4 = 
 -60 (two's complement)
  
 00 00 00 00 -> TS_EXTENDED_INFO_PACKET::clientSessionId = 0
 01 00 00 00 -> TS_EXTENDED_INFO_PACKET::performanceFlags = 0x01 = 
 TS_PERF_DISABLE_WALLPAPER
 00 00 -> TS_EXTENDED_INFO_PACKET:: cbAutoReconnectCookie = 0