Wireshark mailing list archives
How is this DCERPC packet content interpreted?
From: rahul sharma <rahulatgslab () gmail com>
Date: Thu, 23 Feb 2012 18:42:25 +0530
Hi All, I have attached an image file and a pcap file with the packets captured. You can see the packets by applying the filter "dcerpc" and see for packet no. 1610. I am unable to get how to see the payload of MSRPC and get the port_no and IP_Address exchanged in that packet. I need to write a code which will work for all DCERPC packets. Do help me in understanding the basic protocol format of DCERPC. Thanks and Regards Rahul Sharma
Attachment:
dcerpc.pcap
Description:
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- How is this DCERPC packet content interpreted? rahul sharma (Feb 23)
- Re: How is this DCERPC packet content interpreted? Unuetzer, Christian (AMOS SE) (Feb 23)
- Re: How is this DCERPC packet content interpreted? rahul sharma (Feb 23)
- Re: How is this DCERPC packet content interpreted? rahul sharma (Feb 24)
- Re: How is this DCERPC packet content interpreted? ronnie sahlberg (Feb 24)
- Re: How is this DCERPC packet content interpreted? rahul sharma (Feb 23)
- Re: How is this DCERPC packet content interpreted? Unuetzer, Christian (AMOS SE) (Feb 23)
- Re: How is this DCERPC packet content interpreted? ronnie sahlberg (Feb 24)