The SMB 2 Protocol uses either TCP or NetBIOS over TCP as underlying transports. The SMB 3.x dialect family also supports the use of RDMA as a transport.
The Remote Procedure Call Protocol Extensions, as specified in [MS-RPCE], define an RPC over SMB Protocol or SMB 2 Protocol sequence that can use SMB 2 Protocol named pipes as its underlying transport.
The SMB 2 Protocol is applicable for all scenarios that involve transferring files between client and server. The SMB 2 Protocol is also applicable for inter-process communication between client and server using named pipes.
The SMB 2 Protocol is composed of, and driven by, message exchanges between the client and the server in the following categories:
1. Protocol negotiation (NEGOTIATE)
2. User authentication (SESSION_SETUP, LOGOFF)
3. Share access (TREE_CONNECT, TREE_DISCONNECT)
4. File access (CREATE CLOSE READ WRITE LOCK IOCTL QUERY_INFO SET_INFO FLUSH CANCEL)
5. Directory access (QUERY_DIRECTORY CHANGE_NOTIFY)
6. Volumn access (QUERY_INFO SET_INFO)
7. Cache coherency (OPLOCK_BREAK)
8. Simple messaging (ECHO)
The SMB2 Packet Header is the header of all SMB 2 Protocol requests and response.
There are two variants of this header: ASYNC, SYNC
在 Tree Connect Response中,Share Type指定了共享类型:DISK,PIPE,PRINT
The SMB2 CREATE Request packet is sent by a client to request either creation of or access to a file. In case of a named pipe or printer, the server MUST create a new file.
知名的命名管道:
atsvc
samr
srvsvc
svcctl
weinreg
netlogon
lsarpc
eventlog
The Remote Procedure Call Protocol Extensions, as specified in [MS-RPCE], define an RPC over SMB Protocol or SMB 2 Protocol sequence that can use SMB 2 Protocol named pipes as its underlying transport.
The SMB 2 Protocol is applicable for all scenarios that involve transferring files between client and server. The SMB 2 Protocol is also applicable for inter-process communication between client and server using named pipes.
The SMB 2 Protocol is composed of, and driven by, message exchanges between the client and the server in the following categories:
1. Protocol negotiation (NEGOTIATE)
2. User authentication (SESSION_SETUP, LOGOFF)
3. Share access (TREE_CONNECT, TREE_DISCONNECT)
4. File access (CREATE CLOSE READ WRITE LOCK IOCTL QUERY_INFO SET_INFO FLUSH CANCEL)
5. Directory access (QUERY_DIRECTORY CHANGE_NOTIFY)
6. Volumn access (QUERY_INFO SET_INFO)
7. Cache coherency (OPLOCK_BREAK)
8. Simple messaging (ECHO)
The SMB2 Packet Header is the header of all SMB 2 Protocol requests and response.
There are two variants of this header: ASYNC, SYNC
在 Tree Connect Response中,Share Type指定了共享类型:DISK,PIPE,PRINT
The SMB2 CREATE Request packet is sent by a client to request either creation of or access to a file. In case of a named pipe or printer, the server MUST create a new file.
知名的命名管道:
atsvc
samr
srvsvc
svcctl
weinreg
netlogon
lsarpc
eventlog
版权声明:本文为sumaoqing123原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。