Wireshark-bugs: [Wireshark-bugs] [Bug 2111] New: Packet incorrectly detected as SMPP
Date: Mon, 17 Dec 2007 13:53:38 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2111 Summary: Packet incorrectly detected as SMPP Product: Wireshark Version: 0.99.6 Platform: PC OS/Version: Windows XP Status: NEW Severity: Major Priority: Low Component: Wireshark AssignedTo: wireshark-bugs@xxxxxxxxxxxxx ReportedBy: oder@xxxxxxxxxxxxx Build Information: Version 0.99.6a (SVN Rev 22276) -- These are two similar packets. First one was decoded correctly, however SMPP content has been detected in second one for some reason. =========1========= No. Time Source Destination Protocol Info 115273 530.470590 172.25.31.241 172.25.31.249 TCP [TCP segment of a reassembled PDU] Frame 115273 (82 bytes on wire, 82 bytes captured) Arrival Time: Dec 12, 2007 14:51:19.841715000 [Time delta from previous captured frame: 0.000673000 seconds] [Time delta from previous displayed frame: 0.000673000 seconds] [Time since reference or first frame: 530.470590000 seconds] Frame Number: 115273 Frame Length: 82 bytes Capture Length: 82 bytes [Frame is marked: False] [Protocols in frame: eth:ip:tcp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: Intel_b9:5d:30 (00:0e:0c:b9:5d:30), Dst: AsustekC_5c:57:23 (00:15:f2:5c:57:23) Destination: AsustekC_5c:57:23 (00:15:f2:5c:57:23) Address: AsustekC_5c:57:23 (00:15:f2:5c:57:23) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: Intel_b9:5d:30 (00:0e:0c:b9:5d:30) Address: Intel_b9:5d:30 (00:0e:0c:b9:5d:30) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: IP (0x0800) Internet Protocol, Src: 172.25.31.241 (172.25.31.241), Dst: 172.25.31.249 (172.25.31.249) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 68 Identification: 0x868a (34442) Flags: 0x00 0... = Reserved bit: Not set .0.. = Don't fragment: Not set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0x5c0d [correct] [Good: True] [Bad : False] Source: 172.25.31.241 (172.25.31.241) Destination: 172.25.31.249 (172.25.31.249) Transmission Control Protocol, Src Port: 16015 (16015), Dst Port: 2789 (2789), Seq: 4198257, Ack: 71145, Len: 28 Source port: 16015 (16015) Destination port: 2789 (2789) Sequence number: 4198257 (relative sequence number) [Next sequence number: 4198285 (relative sequence number)] Acknowledgement number: 71145 (relative ack number) Header length: 20 bytes Flags: 0x18 (PSH, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 1... = Push: Set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 17520 Checksum: 0x9d5c [correct] [Good Checksum: True] [Bad Checksum: False] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 115272] [The RTT to ACK the segment was: 0.000673000 seconds] [Reassembled PDU in frame: 115314] TCP segment data (28 bytes) 0000 00 15 f2 5c 57 23 00 0e 0c b9 5d 30 08 00 45 00 ...\W#....]0..E. 0010 00 44 86 8a 00 00 40 06 5c 0d ac 19 1f f1 ac 19 .D....@.\....... 0020 1f f9 3e 8f 0a e5 5e 2f 09 57 b4 a4 cf a4 50 18 ..>...^/.W....P. 0030 44 70 9d 5c 00 00 00 00 00 00 00 00 00 03 00 00 Dp.\............ 0040 00 00 00 00 00 0c 00 00 00 04 00 00 00 70 00 00 .............p.. 0050 00 00 .. =========1========= =========2========= No. Time Source Destination Protocol Info 117052 535.502844 172.25.31.241 172.25.31.249 TCP 16015 > 2789 [PSH, ACK] Seq=5136073 Ack=95061 Win=17520 Len=28[Malformed Packet] Frame 117052 (82 bytes on wire, 82 bytes captured) Arrival Time: Dec 12, 2007 14:51:24.873969000 [Time delta from previous captured frame: 0.000812000 seconds] [Time delta from previous displayed frame: 0.000812000 seconds] [Time since reference or first frame: 535.502844000 seconds] Frame Number: 117052 Frame Length: 82 bytes Capture Length: 82 bytes [Frame is marked: False] [Protocols in frame: eth:ip:tcp:smpp] [Coloring Rule Name: TCP] [Coloring Rule String: tcp] Ethernet II, Src: Intel_b9:5d:30 (00:0e:0c:b9:5d:30), Dst: AsustekC_5c:57:23 (00:15:f2:5c:57:23) Destination: AsustekC_5c:57:23 (00:15:f2:5c:57:23) Address: AsustekC_5c:57:23 (00:15:f2:5c:57:23) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Source: Intel_b9:5d:30 (00:0e:0c:b9:5d:30) Address: Intel_b9:5d:30 (00:0e:0c:b9:5d:30) .... ...0 .... .... .... .... = IG bit: Individual address (unicast) .... ..0. .... .... .... .... = LG bit: Globally unique address (factory default) Type: IP (0x0800) Internet Protocol, Src: 172.25.31.241 (172.25.31.241), Dst: 172.25.31.249 (172.25.31.249) Version: 4 Header length: 20 bytes Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00) 0000 00.. = Differentiated Services Codepoint: Default (0x00) .... ..0. = ECN-Capable Transport (ECT): 0 .... ...0 = ECN-CE: 0 Total Length: 68 Identification: 0x8a9c (35484) Flags: 0x00 0... = Reserved bit: Not set .0.. = Don't fragment: Not set ..0. = More fragments: Not set Fragment offset: 0 Time to live: 64 Protocol: TCP (0x06) Header checksum: 0x57fb [correct] [Good: True] [Bad : False] Source: 172.25.31.241 (172.25.31.241) Destination: 172.25.31.249 (172.25.31.249) Transmission Control Protocol, Src Port: 16015 (16015), Dst Port: 2789 (2789), Seq: 5136073, Ack: 95061, Len: 28 Source port: 16015 (16015) Destination port: 2789 (2789) Sequence number: 5136073 (relative sequence number) [Next sequence number: 5136101 (relative sequence number)] Acknowledgement number: 95061 (relative ack number) Header length: 20 bytes Flags: 0x18 (PSH, ACK) 0... .... = Congestion Window Reduced (CWR): Not set .0.. .... = ECN-Echo: Not set ..0. .... = Urgent: Not set ...1 .... = Acknowledgment: Set .... 1... = Push: Set .... .0.. = Reset: Not set .... ..0. = Syn: Not set .... ...0 = Fin: Not set Window size: 17520 Checksum: 0xf02b [correct] [Good Checksum: True] [Bad Checksum: False] [SEQ/ACK analysis] [This is an ACK to the segment in frame: 117051] [The RTT to ACK the segment was: 0.000812000 seconds] [Malformed Packet: SMPP] 0000 00 15 f2 5c 57 23 00 0e 0c b9 5d 30 08 00 45 00 ...\W#....]0..E. 0010 00 44 8a 9c 00 00 40 06 57 fb ac 19 1f f1 ac 19 .D....@.W....... 0020 1f f9 3e 8f 0a e5 5e 3d 58 af b4 a5 2d 10 50 18 ..>...^=X...-.P. 0030 44 70 f0 2b 00 00 00 00 00 00 00 00 00 03 00 00 Dp.+............ 0040 00 00 00 00 00 0c 00 00 00 04 00 00 00 ce 00 00 ................ 0050 00 00 .. =========2========= -- Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
- Follow-Ups:
- [Wireshark-bugs] [Bug 2111] Packet incorrectly detected as SMPP
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2111] Packet incorrectly detected as SMPP
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2111] Packet incorrectly detected as SMPP
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2111] Packet incorrectly detected as SMPP
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2111] Packet incorrectly detected as SMPP
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2111] Packet incorrectly detected as SMPP
- Prev by Date: [Wireshark-bugs] [Bug 2110] Can't add byte array to disected tree
- Next by Date: [Wireshark-bugs] [Bug 2112] New: Buildbot crash output: fuzz-2007-12-17-25605.pcap
- Previous by thread: [Wireshark-bugs] [Bug 2110] Can't add byte array to disected tree
- Next by thread: [Wireshark-bugs] [Bug 2111] Packet incorrectly detected as SMPP
- Index(es):