Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The following is an annotated dump of the MCS Connect Initial PDU with GCC Conference Create Request (section 2.2.1.3).
-
00000000 03 00 01 a0 02 f0 80 7f 65 82 01 94 04 01 01 04 ........e....... 00000010 01 01 01 01 ff 30 19 02 01 22 02 01 02 02 01 00 .....0..."...... 00000020 02 01 01 02 01 00 02 01 01 02 02 ff ff 02 01 02 ................ 00000030 30 19 02 01 01 02 01 01 02 01 01 02 01 01 02 01 0............... 00000040 00 02 01 01 02 02 04 20 02 01 02 30 1c 02 02 ff ....... ...0.... 00000050 ff 02 02 fc 17 02 02 ff ff 02 01 01 02 01 00 02 ................ 00000060 01 01 02 02 ff ff 02 01 02 04 82 01 33 00 05 00 ............3... 00000070 14 7c 00 01 81 2a 00 08 00 10 00 01 c0 00 44 75 .|...*........Du 00000080 63 61 81 1c 01 c0 d8 00 04 00 08 00 00 05 00 04 ca.............. 00000090 01 ca 03 aa 09 04 00 00 ce 0e 00 00 45 00 4c 00 ............E.L. 000000a0 54 00 4f 00 4e 00 53 00 2d 00 44 00 45 00 56 00 T.O.N.S.-.D.E.V. 000000b0 32 00 00 00 00 00 00 00 00 00 00 00 04 00 00 00 2............... 000000c0 00 00 00 00 0c 00 00 00 00 00 00 00 00 00 00 00 ................ 000000d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 000000e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 000000f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00000100 00 00 00 00 00 00 00 00 01 ca 01 00 00 00 00 00 ................ 00000110 18 00 07 00 01 00 36 00 39 00 37 00 31 00 32 00 ......6.9.7.1.2. 00000120 2d 00 37 00 38 00 33 00 2d 00 30 00 33 00 35 00 -.7.8.3.-.0.3.5. 00000130 37 00 39 00 37 00 34 00 2d 00 34 00 32 00 37 00 7.9.7.4.-.4.2.7. 00000140 31 00 34 00 00 00 00 00 00 00 00 00 00 00 00 00 1.4............. 00000150 00 00 00 00 00 00 00 00 00 00 00 00 04 c0 0c 00 ................ 00000160 0d 00 00 00 00 00 00 00 02 c0 0c 00 1b 00 00 00 ................ 00000170 00 00 00 00 03 c0 2c 00 03 00 00 00 72 64 70 64 ......,.....rdpd 00000180 72 00 00 00 00 00 80 80 63 6c 69 70 72 64 72 00 r.......cliprdr. 00000190 00 00 a0 c0 72 64 70 73 6e 64 00 00 00 00 00 c0 ....rdpsnd...... 03 -> TPKT: TPKT version = 3 00 -> TPKT: Reserved = 0 01 -> TPKT: Packet length - high part a0 -> TPKT: Packet length - low part (total = 416 bytes) 02 -> X.224: Length indicator = 2 f0 -> X.224: Type = 0xf0 = Data TPDU 80 -> X.224: EOT 7f 65 -> BER: Application-Defined Type = APPLICATION 101 = Connect-Initial This is the BER encoded multiple octet variant of the ASN.1 type field. The multiple octet variant is used when the type can be greater than 30, and is constructed as follows: 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 +-----------------+ +-----------------+ +-----------------+ | C C F 1 1 1 1 1 | | 1 T T T T T T T | ... | 0 T T T T T T T | +-----------------+ +-----------------+ +-----------------+ 1 2 n In this case, CC = 01 which means the type is APPLICATION defined, and F = 1 to indicate that the type is constructed (as opposed to primitive). There is only one octet containing the type value (the second octet, which has the form 0TTTTTTT), and hence the type is 0x65 (MCS_TYPE_CONNECTINITIAL). 82 01 94 -> BER: Type Length = 404 bytes This is the BER encoded definite long variant of the ASN.1 length field. The long variant layout is constructed as follows: 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 +-----------------+ +-----------------+ +-----------------+ | 1 (0 < n < 127) | | L L L L L L L L | ... | L L L L L L L L | +-----------------+ +-----------------+ +-----------------+ 1 2 n + 1 Since the most significant bit of the first byte (0x82) is set, the low seven bits contain the number of length bytes, which means that the number of length bytes is 2. Hence 0x01 and 0x94 are length bytes, which indicates that the length is greater than 256 bytes and less than 65536 bytes, specifically 0x194 (404) bytes. 04 01 01 -> Connect-Initial::callingDomainSelector The first byte (0x04) is the ASN.1 BER encoded OctetString type. The length of the data is given by the second byte (1 byte), which is encoded using the BER definite short variant of the ASN.1 length field. The third byte contains the value, which is 0x01. 04 01 01 -> Connect-Initial::calledDomainSelector 01 01 ff -> Connect-Initial::upwardFlag = TRUE The first byte (0x01) is the ASN.1 BER encoded Boolean type. The length of the data is given by the second byte (0x01, so the length is 1 byte). The third byte contains the value, which is 0xff (TRUE). 30 19 -> Connect-Initial::targetParameters (25 bytes) The first byte (0x30) is the ASN.1 BER encoded SequenceOf type. The length of the sequence data is given by the second byte (0x19, so the length is 25 bytes). 02 01 22 -> DomainParameters::maxChannelIds = 34 The first byte (0x02) is the ASN.1 BER encoded Integer type. The length of the integer is given by the second byte (1 byte), and the actual value is 34 (0x22). 02 01 02 -> DomainParameters::maxUserIds = 2 02 01 00 -> DomainParameters::maxTokenIds = 0 02 01 01 -> DomainParameters::numPriorities = 1 02 01 00 -> DomainParameters::minThroughput = 0 02 01 01 -> DomainParameters::maxHeight = 1 02 02 ff ff -> DomainParameters::maxMCSPDUsize = 65535 02 01 02 -> DomainParameters::protocolVersion = 2 30 19 -> Connect-Initial::minimumParameters (25 bytes) 02 01 01 -> DomainParameters::maxChannelIds = 1 02 01 01 -> DomainParameters::maxUserIds = 1 02 01 01 -> DomainParameters::maxTokenIds = 1 02 01 01 -> DomainParameters::numPriorities = 1 02 01 00 -> DomainParameters::minThroughput = 0 02 01 01 -> DomainParameters::maxHeight = 1 02 02 04 20 -> DomainParameters::maxMCSPDUsize = 1056 02 01 02 -> DomainParameters::protocolVersion = 2 30 1c -> Connect-Initial::maximumParameters (28 bytes) 0x02 0x02 0xff 0xff -> DomainParameters::maxChannelIds = 65535 0x02 0x02 0xfc 0x17 -> DomainParameters::maxUserIds = 64535 0x02 0x02 0xff 0xff -> DomainParameters::maxTokenIds = 65535 0x02 0x01 0x01 -> DomainParameters::numPriorities = 1 0x02 0x01 0x00 -> DomainParameters::minThroughput = 0 0x02 0x01 0x01 -> DomainParameters::maxHeight = 1 0x02 0x02 0xff 0xff -> DomainParameters::maxMCSPDUsize = 65535 0x02 0x01 0x02 -> DomainParameters::protocolVersion = 2 04 82 01 33 -> Connect-Initial::userData (307 bytes) The first byte (0x04) is the ASN.1 OctetString type. The length is encoded using the BER definite long variant format. Hence, since the most significant bit of the second byte (0x82) is set, the low seven bits contain the number of length bytes, which means that the number of length bytes is 2. Hence 0x01 and 0x33 are length bytes, which indicates that the length is greater than 256 bytes and less than 65536 bytes, specifically 0x133 (307) bytes. PER encoded (ALIGNED variant of BASIC-PER) GCC Connection Data (ConnectData): 00 05 00 14 7c 00 01 81 2a 00 08 00 10 00 01 c0 00 44 75 63 61 81 1c 0 - CHOICE: From Key select object (0) of type OBJECT IDENTIFIER 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 05 -> object length = 5 bytes 00 14 7c 00 01 -> object The first byte gives the first two values in the sextuple (m and n), as it is encoded as 40m + n. Hence, decoding the remaining data yields the correct results: OID = { 0 0 20 124 0 1 } = {itu-t(0) recommendation(0) t(20) t124(124) version(0) 1} Description = v.1 of ITU-T Recommendation T.124 (Feb 1998): "Generic Conference Control" 81 2a -> ConnectData::connectPDU length = 298 bytes Since the most significant bit of the first byte (0x81) is set to 1 and the following bit is set to 0, the length is given by the low six bits of the first byte and the second byte. Hence, the value is 0x12a, which is 298 bytes. PER encoded (ALIGNED variant of BASIC-PER) GCC Conference Create Request PDU: 00 08 00 10 00 01 c0 00 44 75 63 61 81 1c 0x00: 0 - extension bit (ConnectGCCPDU) 0 - --\ 0 - | CHOICE: From ConnectGCCPDU select conferenceCreateRequest (0) 0 - --/ of type ConferenceCreateRequest 0 - extension bit (ConferenceCreateRequest) 0 - ConferenceCreateRequest::convenerPassword present 0 - ConferenceCreateRequest::password present 0 - ConferenceCreateRequest::conductorPrivileges present 0x08: 0 - ConferenceCreateRequest::conductedPrivileges present 0 - ConferenceCreateRequest::nonConductedPrivileges present 0 - ConferenceCreateRequest::conferenceDescription present 0 - ConferenceCreateRequest::callerIdentifier present 1 - ConferenceCreateRequest::userData present 0 - extension bit (ConferenceName) 0 - ConferenceName::text present 0 - padding 0x00: 0 - --\ 0 - | 0 - | 0 - | ConferenceName::numeric length = 0 + 1 = 1 character 0 - | (minimum for SimpleNumericString is 1) 0 - | 0 - | 0 - --/ 0x10: 0 - --\ 0 - | ConferenceName::numeric = "1" 0 - | 1 - --/ 0 - ConferenceCreateRequest::lockedConference 0 - ConferenceCreateRequest::listedConference 0 - ConferenceCreateRequest::conducibleConference 0 - extension bit (TerminationMethod) 0x00: 0 - TerminationMethod::automatic 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 0x01: 0 - --\ 0 - | 0 - | 0 - | number of UserData sets = 1 0 - | 0 - | 0 - | 1 - --/ 0xc0: 1 - UserData::value present 1 - CHOICE: From Key select h221NonStandard (1) of type H221NonStandardIdentifier 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 0 - padding 0x00: 0 - --\ 0 - | 0 - | 0 - | h221NonStandard length = 0 + 4 = 4 octets 0 - | (minimum for H221NonStandardIdentifier is 4) 0 - | 0 - | 0 - --/ 44 75 63 61 -> h221NonStandard (client-to-server H.221 key) = "Duca" 81 1c -> UserData::value length = 284 bytes Since the most significant bit of the first byte (0x81) is set to 1 and the following bit is set to 0, the length is given by the low six bits of the first byte and the second byte. Hence, the value is 0x11c, which is 284 bytes. 01 c0 d8 00 -> TS_UD_HEADER::type = CS_CORE (0xc001), length = 216 bytes 04 00 08 00 -> TS_UD_CS_CORE::version = 0x00080004 00 05 -> TS_UD_CS_CORE::desktopWidth = 1280 00 04 -> TS_UD_CS_CORE::desktopHeight = 1024 01 ca -> TS_UD_CS_CORE::colorDepth = RNS_UD_COLOR_8BPP (0xca01) 03 aa -> TS_UD_CS_CORE::SASSequence 09 04 00 00 -> TS_UD_CS_CORE::keyboardLayout = 0x409 = 1033 = English (US) ce 0e 00 00 -> TS_UD_CS_CORE::clientBuild = 3790 45 00 4c 00 54 00 4f 00 4e 00 53 00 2d 00 44 00 45 00 56 00 32 00 00 00 00 00 00 00 00 00 00 00 -> TS_UD_CS_CORE::clientName = ELTONS-TEST2 04 00 00 00 -> TS_UD_CS_CORE::keyboardType 00 00 00 00 -> TS_UD_CS_CORE::keyboardSubType 0c 00 00 00 -> TS_UD_CS_CORE::keyboardFunctionKey 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -> TS_UD_CS_CORE::imeFileName = "" 01 ca -> TS_UD_CS_CORE::postBeta2ColorDepth = RNS_UD_COLOR_8BPP (0xca01) 01 00 -> TS_UD_CS_CORE::clientProductId 00 00 00 00 -> TS_UD_CS_CORE::serialNumber 18 00 -> TS_UD_CS_CORE::highColorDepth = 24 bpp 07 00 -> TS_UD_CS_CORE::supportedColorDepths 0x07 = 0x01 | 0x02 | 0x04 = RNS_UD_24BPP_SUPPORT | RNS_UD_16BPP_SUPPORT | RNS_UD_15BPP_SUPPORT 01 00 -> TS_UD_CS_CORE::earlyCapabilityFlags 0x01 = RNS_UD_CS_SUPPORT_ERRINFO_PDU 36 00 39 00 37 00 31 00 32 00 2d 00 37 00 38 00 33 00 2d 00 30 00 33 00 35 00 37 00 39 00 37 00 34 00 2d 00 34 00 32 00 37 00 31 00 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -> TS_UD_CS_CORE::clientDigProductId = "69712-783-0357974-42714" 00 -> TS_UD_CS_CORE::connectionType = 0 (ignored as RNS_UD_CS_VALID_CONNECTION_TYPE not set) 00 -> TS_UD_CS_CORE::pad1octet 00 00 00 00 -> TS_UD_CS_CORE::serverSelectedProtocol 04 c0 0c 00 -> TS_UD_HEADER::type = CS_CLUSTER (0xc004), length = 12 bytes 0d 00 00 00 -> TS_UD_CS_CLUSTER::Flags = 0x0d 0x0d = 0x03 << 2 | 0x01 = REDIRECTION_VERSION4 << 2 | REDIRECTION_SUPPORTED 00 00 00 00 -> TS_UD_CS_CLUSTER::RedirectedSessionID 02 c0 0c 00 -> TS_UD_HEADER::type = CS_SECURITY (0xc002), length = 12 bytes 1b 00 00 00 -> TS_UD_CS_SEC::encryptionMethods 0x1b = 0x01 | 0x02 | 0x08 | 0x10 = 40BIT_ENCRYPTION_FLAG | 128BIT_ENCRYPTION_FLAG | 56BIT_ENCRYPTION_FLAG | FIPS_ENCRYPTION_FLAG 00 00 00 00 -> TS_UD_CS_SEC::extEncryptionMethods 03 c0 2c 00 -> TS_UD_HEADER::type = CS_NET (0xc003), length = 44 bytes 03 00 00 00 -> TS_UD_CS_NET::channelCount = 3 72 64 70 64 72 00 00 00 -> CHANNEL_DEF::name = "rdpdr" 00 00 80 80 -> CHANNEL_DEF::options = 0x80800000 0x80800000 = 0x80000000 | 0x00800000 = CHANNEL_OPTION_INITIALIZED | CHANNEL_OPTION_COMPRESS_RDP 63 6c 69 70 72 64 72 00 -> CHANNEL_DEF::name = "cliprdr" 00 00 a0 c0 -> CHANNEL_DEF::options = 0xc0a00000 0xc0a00000 = 0x80000000 | 0x40000000 | 0x00800000 | 0x00200000 = CHANNEL_OPTION_INITIALIZED | CHANNEL_OPTION_ENCRYPT_RDP | CHANNEL_OPTION_COMPRESS_RDP | CHANNEL_OPTION_SHOW_PROTOCOL 72 64 70 73 6e 64 00 00 -> CHANNEL_DEF::name = "rdpsnd" 00 00 00 c0 -> CHANNEL_DEF::options = 0xc0000000 0xc0000000 = 0x80000000 | 0x40000000 = CHANNEL_OPTION_INITIALIZED | CHANNEL_OPTION_ENCRYPT_RDP