This is a preview. You must login to view/edit this pcap.

O 1. 10.0.2.15 » 10.0.2.15 dcerpc Bind: call_id: 1 WINREG V1.0
O 2. 10.0.2.15 » 10.0.2.15 smb Write AndX Response, 72 bytes
O 3. 10.0.2.15 » 10.0.2.15 smb Read AndX Request, FID: 0x800d, 1024 bytes at offset 0
O 4. 10.0.2.15 » 10.0.2.15 dcerpc Bind_ack: call_id: 1 accept max_xmit: 4280 max_recv: 4280
O 5. 10.0.2.15 » 10.0.2.15 winreg OpenHKLM request

Here are some of things that registered users can do with this pcap:

  • Reorder packets
  • Fragment packets
  • Reassemble TCP streams
  • Rewrite TCP streams (over IPv4 and IPv6)
  • Extract embedded HTTP content
  • Convert any packet into a DoS generator