diff options
Diffstat (limited to 'data/pmap-dump.d')
-rw-r--r-- | data/pmap-dump.d | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/data/pmap-dump.d b/data/pmap-dump.d new file mode 100644 index 0000000..bc6b632 --- /dev/null +++ b/data/pmap-dump.d @@ -0,0 +1,60 @@ +# portmap dump request: like "rpcinfo -p" but via UDP instead +# send to UDP 111 and hope it's not a logging portmapper! +# split into longwords, since rpc apparently only deals with them + +001 # 0x01 # . # XID: 4 trash bytes +002 # 0x02 # . +003 # 0x03 # . +004 # 0x04 # . + +000 # 0x00 # . # MSG: int 0=call, 1=reply +000 # 0x00 # . +000 # 0x00 # . +000 # 0x00 # . + +000 # 0x00 # . # pmap call body: rpc version=2 +000 # 0x00 # . +000 # 0x00 # . +002 # 0x02 # . + +000 # 0x00 # . # pmap call body: prog=PMAP, 100000 +001 # 0x01 # . +134 # 0x86 # . +160 # 0xa0 # . + +000 # 0x00 # . # pmap call body: progversion=2 +000 # 0x00 # . +000 # 0x00 # . +002 # 0x02 # . + +000 # 0x00 # . # pmap call body: proc=DUMP, 4 +000 # 0x00 # . +000 # 0x00 # . +004 # 0x04 # . + +# with AUTH_NONE, there are 4 zero integers [16 bytes] here + +000 # 0x00 # . # auth junk: cb_cred: auth_unix = 1; NONE = 0 +000 # 0x00 # . +000 # 0x00 # . +000 # 0x00 # . + +000 # 0x00 # . # auth junk +000 # 0x00 # . +000 # 0x00 # . +000 # 0x00 # . + +000 # 0x00 # . # auth junk +000 # 0x00 # . +000 # 0x00 # . +000 # 0x00 # . + +000 # 0x00 # . # auth junk +000 # 0x00 # . +000 # 0x00 # . +000 # 0x00 # . + +# The reply you get back contains your XID, int 1 if "accepted", and +# a whole mess of gobbledygook containing program numbers, versions, +# and ports that rpcinfo knows how to decode. For the moment, you get +# to wade through it yourself... |