SMB2/SessionSetup
Opcode 0x01
This SMB2 command is to authenticate a user and get a UserID assigned. This command is often the very first command issued from a client after the SMB2/NegotiateProtocol phase has completed.
SMB2/SessionSetup Request
SMB2/SessionSetup Request Packet Format
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Buffer Code | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sec Blob Offset | Sec Blob Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sec Blob +-+-+-+-+...
Buffer Code
Sec Blob Offset
This is the offset in bytes of the security blob, starting from the start of the SMB2/Header.
Sec Blob Length
This is the number of bytes for the security blob.
Sec Blob
This is the ASN.1/DER encoded security blob.
SMB2/SessionSetup Response
SMB2/SessionSetup Response Packet Format
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Buffer Code | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sec Blob Offset | Sec Blob Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sec Blob +-+-+-+-+...
Buffer Code
Sec Blob Offset
This is the offset in bytes of the security blob, starting from the start of the SMB2/Header.
Sec Blob Length
This is the number of bytes for the security blob.
Sec Blob
This is the ASN.1/DER encoded security blob.
NT Status Codes