ndrdump (1) - Linux Manuals

ndrdump: DCE/RPC Packet Parser and Dumper

NAME

ndrdump - DCE/RPC Packet Parser and Dumper

SYNOPSIS

ndrdump [-c context] {pipe} {function} {in|out} {filename}
ndrdump [pipe]
ndrdump

DESCRIPTION

ndrdump tries to parse the specified filename using Samba's parser for the specified pipe and function. The third argument should be either in or out, depending on whether the data should be parsed as a request or a reply.

Running ndrdump without arguments will list the pipes for which parsers are available.

Running ndrdump with one argument will list the functions that Samba can parse for the specified pipe.

The primary function of ndrdump is debugging Samba's internal DCE/RPC parsing functions. The file being parsed is usually one exported by wiresharks "Export selected packet bytes" function.

The context argument can be used to load context data from the request packet when parsing reply packets (such as array lengths).

VERSION

This man page is correct for version 4.0 of the Samba suite.

AUTHOR

This utility is part of the m[blue]Sambam[][1] suite, which is developed by the global m[blue]Samba Teamm[][2].

ndrdump was written by Andrew Tridgell.

This manpage was written by Jelmer Vernooij.

NOTES

1.
Samba
http://www.samba.org/
2.
Samba Team
http://www.samba.org/samba/team/

SEE ALSO

wireshark, pidl