追加函数

AxibugInject/Main.cs

@@ -6,6 +6,8 @@ using System.Threading;
 using System.Windows.Forms;
 using ClassLibrary1;
 using System.Collections.Generic;
+using System.Xml.Linq;
+using static AxibugInject.ws2_32;
 
 namespace AxibugInject
 {
@@ -22,6 +24,9 @@ namespace AxibugInject
     public class Main : IEntryPoint
     {
         public LocalHook GetHostByNameHook = null;
+        public LocalHook GetHostByAddrHook = null;
+        public LocalHook gethostnameHook = null;
+        public LocalHook connectHook = null;
 
         public static Dictionary<string, string> mDictHostToIP = new Dictionary<string, string>();
         public Main(
@@ -62,11 +67,33 @@ namespace AxibugInject
         {
             try
             {
+                ConsoleShow.Log($"Hook函数ws2_32.dll->gethostbyname");
                 GetHostByNameHook = LocalHook.Create(
                     LocalHook.GetProcAddress("ws2_32.dll", "gethostbyname"),
                     new DGetHostByName(GetHostByName_Hooked),
                     this);
                 GetHostByNameHook.ThreadACL.SetExclusiveACL(new int[1]);
+
+                ConsoleShow.Log($"Hook函数ws2_32.dll->gethostbyaddr");
+                GetHostByAddrHook = LocalHook.Create(
+                    LocalHook.GetProcAddress("ws2_32.dll", "gethostbyaddr"),
+                    new Dgethostbyaddr(gethostbyaddr_Hooked),
+                    this);
+                GetHostByAddrHook.ThreadACL.SetExclusiveACL(new int[1]);
+
+                ConsoleShow.Log($"Hook函数ws2_32.dll->gethostname");
+                gethostnameHook = LocalHook.Create(
+                    LocalHook.GetProcAddress("ws2_32.dll", "gethostname"),
+                    new Dgethostname(gethostname_Hooked),
+                    this);
+                gethostnameHook.ThreadACL.SetExclusiveACL(new int[1]);
+
+                ConsoleShow.Log($"Hook函数ws2_32.dll->connect");
+                connectHook = LocalHook.Create(
+                    LocalHook.GetProcAddress("ws2_32.dll", "connect"),
+                    new Dconnect(connect_Hooked),
+                    this);
+                connectHook.ThreadACL.SetExclusiveACL(new int[1]);
             }
             catch (Exception ex)
             {
@@ -87,7 +114,7 @@ namespace AxibugInject
             }
         }
 
-        #region gethostname
+        #region gethostbyname
 
         [DllImport("ws2_32.dll", EntryPoint = "gethostbyname", CharSet = CharSet.Ansi)]
         public static extern IntPtr gethostbyname(String name);
@@ -99,15 +126,16 @@ namespace AxibugInject
         {
             try
             {
+                ConsoleShow.Log($"gethostbyname[调用]name->{name}");
                 Main This = (Main)HookRuntimeInfo.Callback;
                 if (mDictHostToIP.ContainsKey(name.ToLower()))
                 {
-                    ConsoleShow.Log($"[访问并重定向]{name}->{mDictHostToIP[name]}");
+                    ConsoleShow.Log($"gethostbyname[访问并重定向]{name}->{mDictHostToIP[name]}");
                     name = mDictHostToIP[name.ToLower()];
                 }
                 else
                 {
-                    ConsoleShow.Log("[访问]：" + name);
+                    ConsoleShow.Log("gethostbyname[访问]：" + name);
                 }
             }
             catch
@@ -119,5 +147,82 @@ namespace AxibugInject
                 name);
         }
         #endregion
+
+        #region gethostname
+
+        [DllImport("ws2_32.dll", SetLastError = true)]
+        static extern int gethostname(StringBuilder name, int length);
+
+        [UnmanagedFunctionPointer(CallingConvention.StdCall, CharSet = CharSet.Ansi)]
+        delegate int Dgethostname(StringBuilder name, int length);
+        static int gethostname_Hooked(StringBuilder name, int length)
+        {
+            ConsoleShow.Log($"gethostname[调用]name->{name} length->{length}");
+            // call original API...
+            return gethostname(name, length);
+        }
+        #endregion
+
+        #region gethostbyaddr
+
+        [DllImport("ws2_32.dll", EntryPoint = "gethostbyaddr", CharSet = CharSet.Ansi)]
+        public static extern IntPtr gethostbyaddr(String addr, int len,int type);
+
+        [UnmanagedFunctionPointer(CallingConvention.StdCall, CharSet = CharSet.Ansi)]
+        delegate IntPtr Dgethostbyaddr(String addr, int len, int type);
+        static IntPtr gethostbyaddr_Hooked(String addr, int len,int type)
+        {
+            ConsoleShow.Log($"gethostbyaddr[调用]addr->{addr} len->{len} type->{type}");
+            try
+            {
+                Main This = (Main)HookRuntimeInfo.Callback;
+                if (mDictHostToIP.ContainsKey(addr.ToLower()))
+                {
+                    ConsoleShow.Log($"gethostbyaddr[访问并重定向]{addr}->{mDictHostToIP[addr]}");
+                    addr = mDictHostToIP[addr.ToLower()];
+                }
+                else
+                {
+                    ConsoleShow.Log("gethostbyaddr[访问]：" + addr);
+                }
+            }
+            catch
+            {
+            }
+
+            // call original API...
+            return gethostbyaddr(addr, len, type);
+        }
+        #endregion
+
+
+        #region connect
+
+        //[StructLayout(LayoutKind.Sequential)]
+        //public struct sockaddr_in6
+        //{
+        //    public short sin6_family;
+        //    public ushort sin6_port;
+        //    public uint sin6_flowinfo;
+        //    [MarshalAs(UnmanagedType.ByValArray, SizeConst = 16)]
+        //    public byte[] sin6_addr;
+        //    public uint sin6_scope_id;
+        //}
+        [DllImport("Ws2_32.dll")]
+        public static extern int connect(IntPtr SocketHandle, ref sockaddr_in addr, int addrsize);
+
+        [UnmanagedFunctionPointer(CallingConvention.StdCall, CharSet = CharSet.Ansi)]
+        delegate int Dconnect(IntPtr SocketHandle, ref sockaddr_in addr, int addrsize);
+        static int connect_Hooked(IntPtr SocketHandle, ref sockaddr_in addr, int addrsize)
+        {
+            ConsoleShow.Log($"connect[调用]SocketHandle->{SocketHandle} addr->{addr} addrsize->{addrsize}");
+            ConsoleShow.Log($"connect sockaddr_in 详情 :sin_family->{addr.sin_family} sin_addr->{addr.sin_addr} sin_port->{addr.sin_port}");
+            // call original API...
+            return connect(SocketHandle, ref addr, addrsize);
+        }
+
+        #endregion
+
+
     }
 }

AxibugInject/obj/Debug/.NETFramework,Version=v4.0.AssemblyAttributes.cs

@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.0", FrameworkDisplayName = ".NET Framework 4")]

AxibugInject/obj/Debug/.NETFramework,Version=v4.8.AssemblyAttributes.cs

@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = ".NET Framework 4.8")]

AxibugInject/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs

@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = ".NET Framework 4.8")]

AxibugInject/ws2_32.cs

@@ -0,0 +1,167 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using System.Runtime.InteropServices;
+using System.Net.Sockets;
+
+namespace AxibugInject
+{
+    public class ws2_32
+    {
+        /*
+        public const int SOCKET_ERROR = -1;
+        public const int INVALID_SOCKET = ~0;
+        
+        [DllImport("ws2_32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+        public static extern Int32 WSACleanup();
+        [DllImport("Ws2_32.dll")]
+        public static extern int WSAStartup(ushort Version, out WSAData Data);
+        [DllImport("Ws2_32.dll")]
+        public static extern SocketError WSAGetLastError();
+        [DllImport("Ws2_32.dll")]
+        public static extern IntPtr socket(AddressFamily af, SocketType type, ProtocolType protocol);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern int send(IntPtr SocketHandle, byte[] buf, int len, int flags);
+        [DllImport("Ws2_32.dll")]
+        public static extern int recv(IntPtr SocketHandle, byte[] buf, int len, int flags);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern int send([In] IntPtr s, [In] byte* buf, [In] int len, [In] int flags);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern int recv([In] IntPtr s, [Out] byte* buf, [In] int len, [In] int flags);
+        [DllImport("ws2_32.dll", CharSet = CharSet.Auto, SetLastError = true)]
+        public static extern IntPtr accept(IntPtr socketHandle, ref sockaddr_in socketAddress, ref int addressLength);
+        [DllImport("Ws2_32.dll")]
+        public static extern int listen(IntPtr s, int backlog);
+        [DllImport("Ws2_32.dll", CharSet = CharSet.Ansi)]
+        public static extern uint inet_addr(string cp);
+        [DllImport("Ws2_32.dll")]
+        public static extern ushort htons(ushort hostshort);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern int connect(IntPtr SocketHandle, ref sockaddr_in addr, int addrsize);
+        [DllImport("Ws2_32.dll")]
+        public static extern int closesocket(IntPtr SocketHandle);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern int getpeername(IntPtr SocketHandle, sockaddr_in* addr, int* addrsize);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern int bind(IntPtr SocketHandle, ref sockaddr_in addr, int namelen);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern sbyte* inet_ntoa(int _in);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern ulong htonl(ulong hostlong);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern ulong ntohl(ulong netlong);
+        [DllImport("Ws2_32.dll")]
+        public static unsafe extern ushort ntohs(ushort netshort);
+        [DllImport("ws2_32.dll", SetLastError = true)]
+        public static extern SocketError setsockopt([In] IntPtr socketHandle, [In] SocketOptionLevel optionLevel, [In] SocketOptionName optionName, [In] ref int optionValue, [In] int optionLength);
+
+        [DllImport("ws2_32.dll", CharSet = CharSet.Unicode, SetLastError = true, CallingConvention = CallingConvention.StdCall)]
+        public static extern IntPtr WSASocket(AddressFamily af, SocketType socket_type, ProtocolType protocol,
+                                              IntPtr lpProtocolInfo, Int32 group, SocketConstructorFlags dwFlags);
+
+        [DllImport("ws2_32.dll", SetLastError = true)]
+        public static unsafe extern int sendto(IntPtr Socket, byte* buff, int len, SocketFlags flags, sockaddr_in To, int tolen);
+        [DllImport("ws2_32.dll", SetLastError = true)]
+        public static unsafe extern int recvfrom(IntPtr Socket, byte* buff, int len, SocketFlags flags, ref sockaddr_in To, int tolen);
+        
+
+        [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
+        public unsafe struct WSAData
+        {
+            public ushort Version;
+            public ushort HighVersion;
+            [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 257)]
+            public string Description;
+            [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 129)]
+            public string SystemStatus;
+            public ushort MaxSockets;
+            public ushort MaxUdpDg;
+            sbyte* lpVendorInfo;
+        }
+
+        public enum AddressFamily : int
+        {
+            Unknown = 0,
+            InterNetworkv4 = 2,
+            Ipx = 4,
+            AppleTalk = 17,
+            NetBios = 17,
+            InterNetworkv6 = 23,
+            Irda = 26,
+            BlueTooth = 32
+        }
+        public enum SocketType : int
+        {
+            Unknown = 0,
+            Stream = 1,
+            DGram = 2,
+            Raw = 3,
+            Rdm = 4,
+            SeqPacket = 5
+        }
+        public enum ProtocolType : int
+        {
+            BlueTooth = 3,
+            Tcp = 6,
+            Udp = 17,
+            ReliableMulticast = 113
+        }
+
+        public unsafe struct fd_set
+        {
+            public const int FD_SETSIZE = 64;
+            public uint fd_count;
+            public fixed uint fd_array[FD_SETSIZE];
+        }
+
+        [Flags]
+        public enum SocketConstructorFlags
+        {
+            WSA_FLAG_MULTIPOINT_C_LEAF = 4,
+            WSA_FLAG_MULTIPOINT_C_ROOT = 2,
+            WSA_FLAG_MULTIPOINT_D_LEAF = 0x10,
+            WSA_FLAG_MULTIPOINT_D_ROOT = 8,
+            WSA_FLAG_OVERLAPPED = 1
+        }
+
+        */
+        /// <summary>
+        /// Internet socket address structure.
+        /// </summary>
+        public struct sockaddr_in
+        {
+            /// <summary>
+            /// Protocol family indicator.
+            /// </summary>
+            public ushort sin_family;
+            /// <summary>
+            /// Protocol port.
+            /// </summary>
+            public ushort sin_port;
+            /// <summary>
+            /// Actual address value.
+            /// </summary>
+            public uint sin_addr;
+            /// <summary>
+            /// Address content list.
+            /// </summary>
+            //[MarshalAs(UnmanagedType.LPStr, SizeConst=8)]
+            //public string sin_zero;
+            public long sin_zero;
+        }
+        /*
+        public enum SocketFlags
+        {
+            Broadcast = 0x400,
+            ControlDataTruncated = 0x200,
+            DontRoute = 4,
+            MaxIOVectorLength = 0x10,
+            Multicast = 0x800,
+            None = 0,
+            OutOfBand = 1,
+            Partial = 0x8000,
+            Peek = 2,
+            Truncated = 0x100
+        }*/
+    }
+}

AxibugRedirector/Program.cs

@@ -94,8 +94,22 @@ namespace AxibugRedirector
             }
 
             Console.WriteLine("已就绪");
-            while(true)
-                Console.ReadLine();
+            while (true)
+            {
+                string str = Console.ReadLine();
+                if (int.TryParse(str, out int cmd))
+                {
+                    if (cmd == 4)
+                    {
+                        Console.WriteLine($"再次注入PID{CurrPid}");
+                        if (DoInjectByPid(cmd))
+                        {
+                            bflag = true;
+                            Console.WriteLine($"再次注入PID{CurrPid}成功！");
+                        }
+                    }
+                }
+            }
         }
 
         [DllImport("kernel32.dll", SetLastError = true, CallingConvention = CallingConvention.Winapi)]
@@ -207,6 +221,7 @@ namespace AxibugRedirector
         }
 
         #region 运行时处理
+        static int CurrPid;
         public static bool StartProcessWithHook(string path)
         {
             var pro = new Process();
@@ -230,7 +245,7 @@ namespace AxibugRedirector
                 Console.WriteLine("失败："+ex.ToString());
                 return false;
             }
-
+            CurrPid = pro.Id;
             return DoInjectByPid(pro.Id);
         }
         #endregion

AxibugRedirector/obj/Debug/.NETFramework,Version=v4.8.AssemblyAttributes.cs

@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = ".NET Framework 4.8")]

AxibugRedirector/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs

@@ -0,0 +1,4 @@
+// <autogenerated />
+using System;
+using System.Reflection;
+[assembly: global::System.Runtime.Versioning.TargetFrameworkAttribute(".NETFramework,Version=v4.8", FrameworkDisplayName = ".NET Framework 4.8")]