This commit is contained in:
sin365 2024-06-18 22:46:22 +08:00
parent d1954b7da6
commit 402691a14d
3 changed files with 107 additions and 204 deletions

View File

@ -8,7 +8,7 @@
<ProjectGuid>{95E6AA00-47C3-4B1F-9F18-21164573D89C}</ProjectGuid>
<OutputType>Library</OutputType>
<AppDesignerFolder>Properties</AppDesignerFolder>
<RootNamespace>ClassLibrary1</RootNamespace>
<RootNamespace>AxibugInject</RootNamespace>
<AssemblyName>AxibugInject</AssemblyName>
<TargetFrameworkVersion>v4.8</TargetFrameworkVersion>
<FileAlignment>512</FileAlignment>
@ -24,7 +24,7 @@
<WarningLevel>4</WarningLevel>
<PlatformTarget>x86</PlatformTarget>
<Prefer32Bit>false</Prefer32Bit>
<AllowUnsafeBlocks>false</AllowUnsafeBlocks>
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
</PropertyGroup>
<PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
<DebugType>pdbonly</DebugType>
@ -48,6 +48,7 @@
</Reference>
<Reference Include="System" />
<Reference Include="System.Core" />
<Reference Include="System.Numerics" />
<Reference Include="System.Windows.Forms" />
<Reference Include="System.Xml.Linq" />
<Reference Include="System.Data.DataSetExtensions" />

View File

@ -10,10 +10,10 @@ using System.Threading;
using System.Windows.Forms;
using static AxibugInject.ws2_32;
namespace AxibugInject
{
[Serializable]
public class HookParameter
{
@ -208,93 +208,93 @@ namespace AxibugInject
#region connect
//[StructLayout(LayoutKind.Sequential)]
//public struct sockaddr_in6
//{
// public short sin6_family;
// public ushort sin6_port;
// public uint sin6_flowinfo;
// [MarshalAs(UnmanagedType.ByValArray, SizeConst = 16)]
// public byte[] sin6_addr;
// public uint sin6_scope_id;
//}
[DllImport("Ws2_32.dll")]
public static extern int connect(IntPtr SocketHandle, ref sockaddr_in_old addr, int addrsize);
[DllImport("ws2_32.dll")]
public static extern int connect(IntPtr SocketHandle, ref sockaddr_in addr, int addrsize);
[UnmanagedFunctionPointer(CallingConvention.StdCall, CharSet = CharSet.Ansi)]
delegate int Dconnect(IntPtr SocketHandle, ref sockaddr_in_old addr, int addrsize);
static int connect_Hooked(IntPtr SocketHandle, ref sockaddr_in_old addr, int addrsize)
{
ConsoleShow.Log($"connect[调用]SocketHandle->{SocketHandle} addr->{addr} addrsize->{addrsize}");
ConsoleShow.Log($"connect sockaddr_in 详情 :sin_family->{addr.sin_family} sin_addr->{addr.sin_addr}" +
$" sin_port->{GetPort(addr.sin_port)}");
/*ConsoleShow.Log($"connect sockaddr_in 详情 :sin_family->{addr.sin_family} sin_addr->{addr.sin_addr.s_b1}.{addr.sin_addr.s_b2}.{addr.sin_addr.s_b3}.{addr.sin_addr.s_b4}" +
$" sin_port->{GetPort(addr.sin_port)}");*/
// call original API...
return connect(SocketHandle, ref addr, addrsize);
delegate int Dconnect(IntPtr SocketHandle, ref sockaddr_in addr, int addrsize);
static int connect_Hooked(IntPtr SocketHandle, ref sockaddr_in addr, int addrsize)
{
ConsoleShow.Log($"connect[调用]SocketHandle->{SocketHandle} addr->{addr} addrsize->{addrsize}");
ConsoleShow.Log($"connect sockaddr_in 详情 :sin_family->{addr.sin_family} sin_addr->{SwapToIP(addr.sin_addr)} sin_port->{GetPort(addr.sin_port)}");
// call original API...
return connect(SocketHandle, ref addr, addrsize);
}
static int GetPort(ushort Tbed)
{
if (Tbed < 256)
return Tbed;
byte gao = (byte)(Tbed >> 8);
byte di = (byte)(Tbed & 0xff);
ushort a = (ushort)(gao << 8);
ushort b = (ushort)di;
//ushort newBed = (ushort)(a | di);
ushort newT = (ushort)(gao | di << 8);
return newT;
}
#endregion
#region WSAConnect
[DllImport("ws2_32.dll", SetLastError = true)]
internal static extern SocketError WSAConnect(
[In] IntPtr socketHandle,
[In] byte[] socketAddress,
[In] int socketAddressSize,
[In] IntPtr inBuffer,
[In] IntPtr outBuffer,
[In] IntPtr sQOS,
[In] IntPtr gQOS);
IntPtr SocketHandle, ref sockaddr_in addr, int addrsize,
[In] IntPtr lpCallerData,
[Out] IntPtr lpCalleeData,
[In] IntPtr lpSQOS,
[In] IntPtr lpGQOS);
[UnmanagedFunctionPointer(CallingConvention.StdCall, CharSet = CharSet.Ansi)]
delegate SocketError DWSAConnect([In] IntPtr socketHandle,
[In] byte[] socketAddress,
[In] int socketAddressSize,
[In] IntPtr inBuffer,
[In] IntPtr outBuffer,
[In] IntPtr sQOS,
[In] IntPtr gQOS);
static SocketError WSAConnect_Hooked(
[In] IntPtr socketHandle,
[In] byte[] socketAddress,
[In] int socketAddressSize,
[In] IntPtr inBuffer,
[In] IntPtr outBuffer,
[In] IntPtr sQOS,
[In] IntPtr gQOS)
{
StringBuilder hex = new StringBuilder(ba.Length * 2);
//猜测
for (int i = 0; i < socketAddress.Length; i++)
{
hex.AppendFormat("{0:x2}", socketAddress[i]);
}
delegate SocketError DWSAConnect(
IntPtr SocketHandle, ref sockaddr_in addr, int addrsize,
[In] IntPtr lpCallerData,
[Out] IntPtr lpCalleeData,
[In] IntPtr lpSQOS,
[In] IntPtr lpGQOS);
ConsoleShow.Log($"WSAConnect[调用]socketAddress.lenght->{socketAddress.Length} byteHex->[{hex}] socketAddressSize->{socketAddressSize} inBuffer->{inBuffer}" +
$" outBuffer->{outBuffer} sQOS->{sQOS} ->{gQOS}");
return WSAConnect(socketHandle,socketAddress,socketAddressSize,inBuffer,outBuffer,sQOS,gQOS);
static SocketError WSAConnect_Hooked(
IntPtr SocketHandle, ref sockaddr_in addr, int addrsize,
[In] IntPtr lpCallerData,
[Out] IntPtr lpCalleeData,
[In] IntPtr lpSQOS,
[In] IntPtr lpGQOS)
{
ConsoleShow.Log($"connect[调用]SocketHandle->{SocketHandle} addr->{addr} addrsize->{addrsize}");
ConsoleShow.Log($"connect sockaddr_in 详情 :sin_family->{addr.sin_family} sin_addr->{SwapToIP(addr.sin_addr)} sin_port->{GetPort(addr.sin_port)}");
return WSAConnect(SocketHandle, ref addr, addrsize, lpCallerData, lpCalleeData, lpSQOS, lpGQOS);
}
#endregion
}
#endregion
#region
static int GetPort(ushort Tbed)
{
if (Tbed < 256)
return Tbed;
byte gao = (byte)(Tbed >> 8);
byte di = (byte)(Tbed & 0xff);
ushort a = (ushort)(gao << 8);
ushort b = (ushort)di;
//ushort newBed = (ushort)(a | di);
ushort newT = (ushort)(gao | di << 8);
return newT;
}
public static string SwapToIP(uint value)
{
byte[] data = BitConverter.GetBytes(value);
string result = "";
//猜测
for (int i = 0; i < data.Length; i++)
{
if (!string.IsNullOrEmpty(result))
result += ".";
result += data[i];
}
return result;
}
#endregion
}
}

View File

@ -3,12 +3,13 @@ using System.Collections.Generic;
using System.Text;
using System.Runtime.InteropServices;
using System.Net.Sockets;
using System.Net;
namespace AxibugInject
{
public class ws2_32
{
/*
public class ws2_32
{
/*
public const int SOCKET_ERROR = -1;
public const int INVALID_SOCKET = ~0;
@ -125,130 +126,31 @@ namespace AxibugInject
}
*/
/*
* struct sockaddr_in {
short sin_family;
u_short sin_port;
struct in_addr sin_addr;
char sin_zero[8];
};
*/
/// <summary>
/// Internet socket address structure.
/// </summary>
public struct sockaddr_in_old
{
/// <summary>
/// Protocol family indicator.
/// </summary>
public ushort sin_family;
/// <summary>
/// Protocol port.
/// </summary>
public ushort sin_port;
/// <summary>
/// Actual address value.
/// </summary>
public uint sin_addr;
/// <summary>
/// Address content list.
/// </summary>
//[MarshalAs(UnmanagedType.LPStr, SizeConst=8)]
//public string sin_zero;
public long sin_zero;
}
/// <summary>
/// Internet socket address structure.
/// </summary>
public struct sockaddr_in
{
/// <summary>
/// Protocol family indicator.
/// </summary>
public short sin_family;
/// <summary>
/// Protocol port.
/// </summary>
public ushort sin_port;
/// <summary>
/// Actual address value.
/// </summary>
public in_addr sin_addr;
/// <summary>
/// Address content list.
/// </summary>
[MarshalAs(UnmanagedType.LPStr, SizeConst=8)]
public string sin_zero;
//public long sin_zero;
}
[StructLayout(LayoutKind.Explicit, Size = 4)]
public struct in_addr
{
[FieldOffset(0)] internal byte s_b1;
[FieldOffset(1)] internal byte s_b2;
[FieldOffset(2)] internal byte s_b3;
[FieldOffset(3)] internal byte s_b4;
[FieldOffset(0)] internal ushort s_w1;
[FieldOffset(2)] internal ushort s_w2;
[FieldOffset(0)] internal uint S_addr;
/// <summary>
/// can be used for most tcp & ip code
/// </summary>
internal uint s_addr
{
get { return S_addr; }
}
/// <summary>
/// host on imp
/// </summary>
internal byte s_host
{
get { return s_b2; }
}
/// <summary>
/// network
/// </summary>
internal byte s_net
{
get { return s_b1; }
}
/// <summary>
/// imp
/// </summary>
internal ushort s_imp
{
get { return s_w2; }
}
/// <summary>
/// imp #
/// </summary>
internal byte s_impno
{
get { return s_b4; }
}
/// <summary>
/// logical host
/// </summary>
internal byte s_lh
{
get { return s_b3; }
}
}
/*
/// <summary>
/// Internet socket address structure.
/// </summary>
public struct sockaddr_in
{
/// <summary>
/// Protocol family indicator.
/// </summary>
public ushort sin_family;
/// <summary>
/// Protocol port.
/// </summary>
public ushort sin_port;
/// <summary>
/// Actual address value.
/// </summary>
public uint sin_addr;
/// <summary>
/// Address content list.
/// </summary>
//[MarshalAs(UnmanagedType.LPStr, SizeConst=8)]
//public string sin_zero;
public long sin_zero;
}
/*
public enum SocketFlags
{
Broadcast = 0x400,
@ -262,5 +164,5 @@ namespace AxibugInject
Peek = 2,
Truncated = 0x100
}*/
}
}
}