forked from pool/wireshark
475c86ebc3
Add detection for an important flag in NetrServerAutiticate call for MSRPC Netlogon. OBS-URL: https://build.opensuse.org/request/show/107780 OBS-URL: https://build.opensuse.org/package/show/network:utilities/wireshark?expand=0&rev=50
30 lines
1.8 KiB
Diff
30 lines
1.8 KiB
Diff
Index: wireshark-1.6.5/epan/dissectors/packet-dcerpc-netlogon.c
|
|
===================================================================
|
|
--- wireshark-1.6.5.orig/epan/dissectors/packet-dcerpc-netlogon.c 2012-01-10 20:08:57.000000000 +0100
|
|
+++ wireshark-1.6.5/epan/dissectors/packet-dcerpc-netlogon.c 2012-03-02 14:28:11.415607283 +0100
|
|
@@ -6669,12 +6669,12 @@ static int netlogon_dissect_neg_options(
|
|
hf_netlogon_neg_flags_2000000,
|
|
tvb, offset, 4, flags);
|
|
proto_tree_add_boolean (negotiate_flags_tree,
|
|
- hf_netlogon_neg_flags_1000000,
|
|
- tvb, offset, 4, flags);
|
|
- proto_tree_add_boolean (negotiate_flags_tree,
|
|
hf_netlogon_neg_flags_800000,
|
|
tvb, offset, 4, flags);*/
|
|
proto_tree_add_boolean (negotiate_flags_tree,
|
|
+ hf_netlogon_neg_flags_1000000,
|
|
+ tvb, offset, 4, flags);
|
|
+ proto_tree_add_boolean (negotiate_flags_tree,
|
|
hf_netlogon_neg_flags_400000,
|
|
tvb, offset, 4, flags);
|
|
proto_tree_add_boolean (negotiate_flags_tree,
|
|
@@ -8807,7 +8807,7 @@ proto_register_dcerpc_netlogon(void)
|
|
{ "Not used 2000000", "ntlmssp.neg_flags.na200000", FT_BOOLEAN, 32, TFS(&tfs_set_notset), NETLOGON_FLAG_2000000, "Not used", HFILL }},
|
|
|
|
{ &hf_netlogon_neg_flags_1000000,
|
|
- { "Not used 1000000", "ntlmssp.neg_flags.na100000", FT_BOOLEAN, 32, TFS(&tfs_set_notset), NETLOGON_FLAG_1000000, "Not used", HFILL }},
|
|
+ { "AES supported", "ntlmssp.neg_flags.na100000", FT_BOOLEAN, 32, TFS(&tfs_set_notset), NETLOGON_FLAG_1000000, "AES", HFILL }},
|
|
|
|
{ &hf_netlogon_neg_flags_800000,
|
|
{ "Not used 800000", "ntlmssp.neg_flags.na8000000", FT_BOOLEAN, 32, TFS(&tfs_set_notset), NETLOGON_FLAG_800000, "Not used", HFILL }},
|