Differences between revisions 7 and 8
Revision 7 as of 2006-06-05 03:19:26
Size: 2955
Editor: localhost
Comment:
Revision 8 as of 2008-04-12 17:51:40
Size: 2961
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
This is a 4 byte field in the ["SMB2/Ioctl"] command that describes what kind of ioctl or fsctl is being used. This is a 4 byte field in the [[SMB2/Ioctl]] command that describes what kind of ioctl or fsctl is being used.
Line 21: Line 21:
 * 0x0009 [http://wiki.wireshark.org/SMB2/Ioctl/Function/FILE_DEVICE_FILE_SYSTEM FILE_DEVICE_FILE_SYSTEM]  * 0x0009 [[http://wiki.wireshark.org/SMB2/Ioctl/Function/FILE_DEVICE_FILE_SYSTEM|FILE_DEVICE_FILE_SYSTEM]]
Line 29: Line 29:
 * 0x0011 [http://wiki.wireshark.org/SMB2/Ioctl/Function/FILE_DEVICE_NAMED_PIPE FILE_DEVICE_NAMED_PIPE]  * 0x0011 [[http://wiki.wireshark.org/SMB2/Ioctl/Function/FILE_DEVICE_NAMED_PIPE|FILE_DEVICE_NAMED_PIPE]]
Line 32: Line 32:
 * 0x0014 [http://wiki.wireshark.org/SMB2/Ioctl/Function/FILE_DEVICE_NETWORK_FILE_SYSTEM FILE_DEVICE_NETWORK_FILE_SYSTEM]  * 0x0014 [[http://wiki.wireshark.org/SMB2/Ioctl/Function/FILE_DEVICE_NETWORK_FILE_SYSTEM|FILE_DEVICE_NETWORK_FILE_SYSTEM]]

SMB2/Ioctl/Function

This is a 4 byte field in the SMB2/Ioctl command that describes what kind of ioctl or fsctl is being used.

Structure

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|            Device             | A :       Function        : M |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Device

  • 0x0001 FILE_DEVICE_BEEP
  • 0x0002 FILE_DEVICE_CD_ROM
  • 0x0003 FILE_DEVICE_CD_ROM_FILE_SYSTEM
  • 0x0004 FILE_DEVICE_CONTROLLER
  • 0x0005 FILE_DEVICE_DATALINK
  • 0x0006 FILE_DEVICE_DFS
  • 0x0007 FILE_DEVICE_DISK
  • 0x0008 FILE_DEVICE_DISK_FILE_SYSTEM
  • 0x0009 FILE_DEVICE_FILE_SYSTEM

  • 0x000a FILE_DEVICE_INPORT_PORT
  • 0x000b FILE_DEVICE_KEYBOARD
  • 0x000c FILE_DEVICE_MAILSLOT
  • 0x000d FILE_DEVICE_MIDI_IN
  • 0x000e FILE_DEVICE_MIDI_OUT
  • 0x000f FILE_DEVICE_MOUSE
  • 0x0010 FILE_DEVICE_MULTI_UNC_PROVIDER
  • 0x0011 FILE_DEVICE_NAMED_PIPE

  • 0x0012 FILE_DEVICE_NETWORK
  • 0x0013 FILE_DEVICE_NETWORK_BROWSER
  • 0x0014 FILE_DEVICE_NETWORK_FILE_SYSTEM

  • 0x0015 FILE_DEVICE_NULL
  • 0x0016 FILE_DEVICE_PARALLEL_PORT
  • 0x0017 FILE_DEVICE_PHYSICAL_NETCARD
  • 0x0018 FILE_DEVICE_PRINTER
  • 0x0019 FILE_DEVICE_SCANNER
  • 0x001a FILE_DEVICE_SERIAL_MOUSE_PORT
  • 0x001b FILE_DEVICE_SERIAL_PORT
  • 0x001c FILE_DEVICE_SCREEN
  • 0x001d FILE_DEVICE_SOUND
  • 0x001e FILE_DEVICE_STREAMS
  • 0x001f FILE_DEVICE_TAPE
  • 0x0020 FILE_DEVICE_TAPE_FILE_SYSTEM
  • 0x0021 FILE_DEVICE_TRANSPORT
  • 0x0022 FILE_DEVICE_UNKNOWN
  • 0x0023 FILE_DEVICE_VIDEO
  • 0x0024 FILE_DEVICE_VIRTUAL_DISK
  • 0x0025 FILE_DEVICE_WAVE_IN
  • 0x0026 FILE_DEVICE_WAVE_OUT
  • 0x0027 FILE_DEVICE_8042_PORT
  • 0x0028 FILE_DEVICE_NETWORK_REDIRECTOR
  • 0x0029 FILE_DEVICE_BATTERY
  • 0x002a FILE_DEVICE_BUS_EXTENDER
  • 0x002b FILE_DEVICE_MODEM
  • 0x002c FILE_DEVICE_VDM
  • 0x002d FILE_DEVICE_MASS_STORAGE
  • 0x002e FILE_DEVICE_SMB
  • 0x002f FILE_DEVICE_KS
  • 0x0030 FILE_DEVICE_CHANGER
  • 0x0031 FILE_DEVICE_SMARTCARD
  • 0x0032 FILE_DEVICE_ACPI
  • 0x0033 FILE_DEVICE_DVD
  • 0x0034 FILE_DEVICE_FULLSCREEN_VIDEO
  • 0x0035 FILE_DEVICE_DFS_FILE_SYSTEM
  • 0x0036 FILE_DEVICE_DFS_VOLUME
  • 0x0037 FILE_DEVICE_SERENUM
  • 0x0038 FILE_DEVICE_TERMSRV
  • 0x0039 FILE_DEVICE_KSEC

A

 0x00  FILE_ANY_ACCESS
 0x01  FILE_READ_ACCESS
 0x02  FILE_WRITE_ACCESS
 0x03  FILE_READ_WRITE_ACCESS

Method

 0x00  METHOD_BUFFERED
 0x01  METHOD_IN_DIRECT
 0x02  METHOD_OUT_DIRECT
 0x03  METHOD_NEITHER

Function

Function depends on the device used.

Discussion

http://www.osronline.com/article.cfm?article=229 contains an online conversion tool.

SMB2/Ioctl/Function (last edited 2008-04-12 17:51:40 by localhost)