Actions
Bug #3856
closeddcerpc: last response packet not logged
Affected Versions:
Effort:
Difficulty:
Label:
Description
For the pcap https://github.com/OISF/suricata-verify/blob/master/tests/dcerpc-dce-iface-01/20171220_smb_psexec_mimikatz_ticket_dump-s2.pcap, last response was never logged. I tried looking up what I did wrong but the response handler is never called for the last response (call ID: 20), I also cannot see the C code for response handling called for this packet.
Updated by Victor Julien about 4 years ago
- Status changed from New to Assigned
- Assignee set to Shivani Bhardwaj
- Target version set to 7.0.0-beta1
- Label Needs backport to 6.0 added
Shivani can you create a SV test for this? Then I'll have a look, or you can first take another stab at the issue if you want.
Updated by Victor Julien about 4 years ago
- Assignee changed from Shivani Bhardwaj to Victor Julien
Updated by Victor Julien about 4 years ago
- Target version changed from 7.0.0-beta1 to 6.0.1
Updated by Victor Julien about 4 years ago
- Affected Versions 6.0.0 added
- Label deleted (
Needs backport to 6.0)
Updated by Shivani Bhardwaj almost 4 years ago
- Status changed from Assigned to Closed
Updated by Victor Julien almost 4 years ago
- Subject changed from DCERPC last response packet not logged to dcerpc: last response packet not logged
Actions