|
|
转->SocksGun源码(类SocksCap) 2007-08-22 20:51:02| 分类: HOOK高技术类 | 标签: |字号大
中
小 订阅
//
//利用HOOK API技术替换wsock32.dll中的connect函数,达到类似sockscap的功能
//本程序支持socks5.0中的tcp及明文密码认证方式
//
#include "string.h"
#include "Winsock.h"
#include "Dbghelp.h"
#include "tlhelp32.h"
#pragma comment ( lib, "wsock32.lib" )
#pragma comment ( lib, "Dbghelp.lib" )
///////////////////////////////////////////////////////
// //
// 定义函数原型 //
// //
///////////////////////////////////////////////////////
//定义LoadLibraryA()函数原型
typedef HMODULE (WINAPI * LOADLIBRARYA_PROC) ( LPCSTR lpFileName );
//定义LoadLibraryW()函数原型
typedef HMODULE (WINAPI * LOADLIBRARYW_PROC) ( LPCWSTR lpFileName );
//定义LoadLibraryExA()函数原型
typedef HMODULE (WINAPI * LOADLIBRARYEXA_PROC)( LPCTSTR lpFileName,
HANDLE hFile,
DWORD dwFlags );
//定义LoadLibraryExW()函数原型
typedef HMODULE (WINAPI * LOADLIBRARYEXW_PROC)( LPCWSTR lpFileName,
HANDLE hFile,
DWORD dwFlags );
//定义GetProcAddress()函数原型
typedef FARPROC (WINAPI * GETPROCADDRESS_PROC) (HMODULE hModule,
LPCSTR lpProcName );
//定义connect()函数原型
typedef int (WINAPI * CONNECT_PROC)(SOCKET s,
const struct sockaddr FAR *name,
int namelen );
///////////////////////////////////////////////////////
// //
// 定义全局变量 //
// //
///////////////////////////////////////////////////////
LOADLIBRARYA_PROC OriginalLoadLibraryA; // 保存LoadLibraryA()函数地址
LOADLIBRARYW_PROC OriginalLoadLibraryW; // 保存LoadLibraryW()函数地址
LOADLIBRARYEXA_PROC OriginalLoadLibraryExA; // 保存LoadLibraryExA()函数地址
LOADLIBRARYEXW_PROC OriginalLoadLibraryExW; // 保存LoadLibraryExW()函数地址
GETPROCADDRESS_PROC OriginalGetProcAddress; // 保存GetProcAddress()函数地址
CONNECT_PROC OriginalConnect; // 保存WSOCK32.dll中的connect()函数地址
HANDLE hCurrentProcess; // 当前进程句柄
HANDLE hLogFile; // 日志文件句柄
char strMcastIp[128]=""; // 模拟广播的多播服务器地址
char strGameRoomIp[20] = ""; // 作为游戏房间的用户地址
unsigned short GameRoomPort = 0; // 作为游戏房间的用户端口
unsigned short RealBindPort = 0;
unsigned short GameServerPort = 0; // 游戏服务器的端口
SOCKET sockThread; // 传递给保活线程的SOCKET变量
bool MyIpIsTrue = false; // 用来标识本机IP是否为真实IP的参数
bool RedirectPacket = true; // 用来标识是否需要服务器做包转发
sockaddr_in connectAddr = {0}; // 用来存放connect的socket地址
struct hostent FAR * pHostent; // 本机IP地址
//定义协议族
static char afString[30][20] = {{"NULL"},{"AF_UNIX"}, {"AF_INET"}, {"AF_IMPLINK"},
{"AF_PUP"}, {"AF_CHAOS"}, {"AF_IPX"}, {"AF_ISO"},
{"AF_ECMA"}, {"AF_DATAKIT"}, {"AF_CCITT"}, {"AF_SNA"},
{"AF_DECnet"}, {"AF_DLI"}, {"AF_LAT"}, {"AF_HYLINK"},
{"AF_APPLETALK"}, {"AF_NETBIOS"}, {"AF_VOICEVIEW"},
{"AF_FIREFOX"}, {"AF_UNKNOWN1"}, {"AF_BAN"}, {"AF_ATM"},
{"AF_INET6"}, {"AF_CLUSTER"}, {"AF_12844"}, {"AF_IRDA"},
{"NULL"}, {"AF_NETDES" } };
///////////////////////////////////////////////////////
// //
// 声明子函数 //
// //
///////////////////////////////////////////////////////
//错误代码判断函数
void CheckError( int, int, char * );
//替换IMPORT ADDRESS TABLE的函数
int ReplaceIATEntryInOneMod( PCSTR, PROC, PROC, HMODULE );
//替换系统LoadLibraryA()的函数
HMODULE WINAPI __stdcall MyLoadLibraryA( LPCSTR );
//替换系统LoadLibraryW()的函数
HMODULE WINAPI __stdcall MyLoadLibraryW( LPCWSTR );
//替换系统LoadLibraryExA()的函数
HMODULE WINAPI __stdcall MyLoadLibraryExA( LPCSTR, HANDLE, DWORD );
//替换系统LoadLibraryExW()的函数
HMODULE WINAPI __stdcall MyLoadLibraryExW( LPCWSTR, HANDLE, DWORD );
//替换系统GetProcAddress()函数
FARPROC WINAPI __stdcall MyGetProcAddress( HMODULE, LPCSTR );
int WINAPI __stdcall MyConnect( SOCKET,
const struct sockaddr FAR *,
int );
//记录日志的函数
void WriteLogFile( char * );
//保存原有的API函数地址的子程序
int SaveProcAddress();
//遍历并替换进程内所有模块API函数的子程序
int ReplaceAllMod( bool );
//替换系统函数的函数
void ReplaceFunctions( HMODULE );
///////////////////////////////////////////////////////
// //
// 主函数 //
// //
///////////////////////////////////////////////////////
BOOL WINAPI __stdcall DllMain( HINSTANCE hinstDLL,
DWORD fdwReason,
LPVOID lpvReserved )
{
char chrRead[2]={ 0, 0 };
char strFile[255] = { 0 };
switch ( fdwReason )
{
case DLL_PROCESS_ATTACH:
//初始化SOCKET
WSADATA wsa;
WSAStartup( MAKEWORD(2, 1), &wsa );
//打开日志文件
hLogFile = CreateFile( "HookApi.log", GENERIC_WRITE, FILE_SHARE_READ,
NULL, CREATE_ALWAYS, NULL, NULL );
//获取当前进程句柄
hCurrentProcess = GetCurrentProcess();
SaveProcAddress();
//遍历并替换进程内所有模块API函数
ReplaceAllMod( 1 );
break;
// End of DLL_PROCESS_ATTACH
case DLL_THREAD_ATTACH: break;
case DLL_THREAD_DETACH: break;
case DLL_PROCESS_DETACH:
//当DLL卸载的时候,进行收尾工作
//关闭日志文件
CloseHandle( hLogFile );
Sleep( 200 );
break;
default:
break;
} // End of switch
return TRUE;
UNREFERENCED_PARAMETER( hinstDLL );
UNREFERENCED_PARAMETER( lpvReserved );
}
//End of DllMain
///////////////////////////////////////////////////////
// //
// 获取并保存API函数地址的函数 //
// //
///////////////////////////////////////////////////////
int SaveProcAddress()
{
//获取KERNEL32.DLL中的LoadLibraryA()函数地址并保存
OriginalLoadLibraryA = (LOADLIBRARYA_PROC)
GetProcAddress( GetModuleHandle("kernel32"), "LoadLibraryA" );
CheckError( (int)OriginalLoadLibraryA, NULL, "GetProcAddress LoadLibraryA" );
//获取KERNEL32.DLL中的LoadLibraryW()函数地址并保存
OriginalLoadLibraryW = (LOADLIBRARYW_PROC)
GetProcAddress( GetModuleHandle("kernel32"), "LoadLibraryW" );
CheckError( (int)OriginalLoadLibraryW, NULL, "GetProcAddress LoadLibraryW" );
//获取KERNEL32.DLL中的LoadLibraryExA()函数地址并保存
OriginalLoadLibraryExA = (LOADLIBRARYEXA_PROC)
GetProcAddress( GetModuleHandle("kernel32"), "LoadLibraryExA" );
CheckError( (int)OriginalLoadLibraryExA, NULL, "GetProcAddress LoadLibraryExA" );
//获取KERNEL32.DLL中的LoadLibraryExW()函数地址并保存
OriginalLoadLibraryExW = (LOADLIBRARYEXW_PROC)
GetProcAddress( GetModuleHandle("kernel32"), "LoadLibraryExW" );
CheckError( (int)OriginalLoadLibraryExW, NULL, "GetProcAddress LoadLibraryExW" );
//获取KERNEL32.DLL中的GetProcAddress()函数地址并保存
OriginalGetProcAddress = (GETPROCADDRESS_PROC)
GetProcAddress( GetModuleHandle("kernel32"), "GetProcAddress" );
CheckError( (int)OriginalGetProcAddress, NULL, "GetProcAddress GetProcAddress" );
//获取WSOCK32.dll中的connect()函数地址并保存
OriginalConnect = (CONNECT_PROC)
GetProcAddress( GetModuleHandle("wsock32"), "connect" );
CheckError( (int)OriginalConnect, NULL, "GetProcAddress WSOCK32:connect" );
return 0;
}
///////////////////////////////////////////////////////////
// //
// 替换指定内存模块系统函数的子程序 //
// //
// //
// 参数:HMODULE hModCaller 需要被替换的模块的句柄 //
// //
// 返回:本函数没有返回值 //
// //
///////////////////////////////////////////////////////////
void ReplaceFunctions( HMODULE hModCaller )
{
int iRetCode;
char * strBuf = (char *)malloc( 256 );
GetModuleFileName( hModCaller, strBuf, 255 );
WriteLogFile( "Replace Functions in " );
WriteLogFile( strBuf );
WriteLogFile( ":\r\n" );
free( strBuf );
if (( !strstr( strBuf, "VERSION.DLL" ) ) &&
( !strstr( strBuf, "COMCTL32.DLL" ) ) &&
( !strstr( strBuf, "opengl32.dll" ) ) )
{
//替换KERNEL32.dll中的LoadLibraryA()函数
iRetCode = ReplaceIATEntryInOneMod( "KERNEL32.dll",
(PROC)OriginalLoadLibraryA,
(PROC)MyLoadLibraryA,
hModCaller );
if ( iRetCode == 0 ) WriteLogFile( "\t KERNEL32:LoadLibraryA \r\n" );
//替换KERNEL32.dll中的LoadLibraryW()函数
iRetCode = ReplaceIATEntryInOneMod( "KERNEL32.dll",
(PROC)OriginalLoadLibraryW,
(PROC)MyLoadLibraryW,
hModCaller );
if ( iRetCode == 0 ) WriteLogFile( "\t KERNEL32:LoadLibraryW \r\n" );
//替换KERNEL32.dll中的LoadLibraryExA()函数
iRetCode = ReplaceIATEntryInOneMod( "KERNEL32.dll",
(PROC)OriginalLoadLibraryExA,
(PROC)MyLoadLibraryExA,
hModCaller );
if ( iRetCode == 0 ) WriteLogFile( "\t KERNEL32:LoadLibraryExA \r\n" );
//替换KERNEL32.dll中的LoadLibraryExW()函数
iRetCode = ReplaceIATEntryInOneMod( "KERNEL32.dll",
(PROC)OriginalLoadLibraryExW,
(PROC)MyLoadLibraryExW,
hModCaller );
if ( iRetCode == 0 ) WriteLogFile( "\t KERNEL32:LoadLibraryExW \r\n" );
//替换KERNEL32.dll中的GetProcAddress()函数
iRetCode = ReplaceIATEntryInOneMod( "KERNEL32.dll", (PROC)OriginalGetProcAddress,
(PROC)MyGetProcAddress, hModCaller );
if ( iRetCode == 0 ) WriteLogFile( "\t KERNEL32:GetProcAddress \r\n" );
}
//替换WSOCK32.dll中的connect()函数
iRetCode = ReplaceIATEntryInOneMod( "WSOCK32.dll",
(PROC)OriginalConnect,
(PROC)MyConnect,
hModCaller );
if ( iRetCode == 0 ) WriteLogFile( "\t WSOCK32:connect \r\n" );
}
//End of ReplaceFunctions()
//
// 遍历进程中所有的模块并替换API函数
// 如果 falg = 0 则进行替换,否则进行恢复
//
int ReplaceAllMod( bool flag )
{
//遍历本进程的所有模块,替换需要替换的函数
static char strTmp[10];
HANDLE hSnapshotMod;
hSnapshotMod = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, NULL );
if ( hSnapshotMod == INVALID_HANDLE_VALUE )
{
itoa( GetLastError(), strTmp, 10 );
WriteLogFile( "CreateToolhelp32Snapshot Error:" );
WriteLogFile( strTmp );
WriteLogFile( "\r\n" );
}
MODULEENTRY32 ModuleEntry;
ModuleEntry.dwSize = sizeof( MODULEENTRY32 );
int iRet = Module32First( hSnapshotMod, &ModuleEntry );
if ( iRet == FALSE )
{
itoa( GetLastError(), strTmp, 10 );
WriteLogFile( "Module32First Error:" );
WriteLogFile( strTmp );
WriteLogFile( "\r\n" );
}
while ( iRet )
{
ReplaceFunctions( ModuleEntry.hModule );
iRet = Module32Next( hSnapshotMod, &ModuleEntry );
}
iRet = GetLastError();
if ( iRet != ERROR_NO_MORE_FILES )
{
WriteLogFile( "Module32Next Error:" );
itoa( iRet, strTmp, 10 );
WriteLogFile( strTmp );
WriteLogFile( "\r\n" );
}
return 0;
}
///////////////////////////////////////////////////////////
// //
// 替换一个进程中函数地址的子程序 //
// //
// 返回值:0成功,-1没找到,1没有符号的引用,2没有输入节 //
// //
///////////////////////////////////////////////////////////
int ReplaceIATEntryInOneMod( PCSTR pszCalleeModName,
PROC pfnCurrent, PROC pfnNew, HMODULE hModCaller )
{
ULONG ulSize;
PIMAGE_IMPORT_DESCRIPTOR pImportDesc;
pImportDesc = (PIMAGE_IMPORT_DESCRIPTOR)
ImageDirectoryEntryToData( hModCaller, TRUE,
IMAGE_DIRECTORY_ENTRY_IMPORT, &ulSize );
if (pImportDesc == NULL) return 2; //没有输入节
//循环查找模块名是否存在
for(; pImportDesc->Name; pImportDesc++)
{
PSTR pszModName;
pszModName = (PSTR)((PBYTE)hModCaller + pImportDesc->Name );
if ( lstrcmpiA( pszModName, pszCalleeModName ) == 0 ) break;
}
if ( pImportDesc->Name == 0 ) return 1;//没有符号的引用
//获取输入节地址表IAT
PIMAGE_THUNK_DATA pThunk;
pThunk = (PIMAGE_THUNK_DATA)((PBYTE)hModCaller + pImportDesc->FirstThunk );
//替换函数地址
for (; pThunk->u1.Function; pThunk++)
{
//获得函数地址
PROC* ppfn = (PROC*)&pThunk->u1.Function;
//判断是否我们需要找的函数
if (*ppfn == pfnCurrent)
{
//地址符合,更改输入节的地址
DWORD dwDummy;
VirtualProtect( ppfn, sizeof(PROC), PAGE_EXECUTE_READWRITE, &dwDummy );
WriteProcessMemory( hCurrentProcess, ppfn, &pfnNew, sizeof(PROC), NULL );
return 0;//成功返回
}
}
return -1;//没找到
}
//End of ReplaceIATEntryInOneMod()
///////////////////////////////////////////////////////////
// //
// 以下为替换系统SOCKET函数的子程序 //
// //
// 参数与返回值与相应的系统函数完全相同 //
// // //
///////////////////////////////////////////////////////////
//
//用来替换LoadLibraryA()的函数
//
HMODULE WINAPI __stdcall MyLoadLibraryA( LPCTSTR lpFileName )
{
static int counter = 0;
counter ++;
//记录调用LoadLibraryA()时的参数
WriteLogFile( "LoadLibraryA( " );
if ( !IsBadStringPtr( lpFileName, 255 ) )
WriteLogFile( (char*)lpFileName );
else WriteLogFile( "_BadFileName" );
WriteLogFile( " )\r\n\r\n" );
//调用真正的LoadLibraryA()函数
HMODULE hMod = OriginalLoadLibraryA( lpFileName );
char * strExeName = (char*)malloc( 256 );
char * strModName = (char*)malloc( 256 );
GetModuleFileName( NULL, strExeName, 255 );
GetModuleFileName( hMod, strModName, 255 );
//对新加载的模块进行API函数替换
if ( stricmp( strExeName, strModName ) && ( !strstr(strModName, "opengl32") ) )
{
WriteLogFile( "ReplaceFunctions\r\n\r\n" );
ReplaceFunctions( hMod );
}
free( strExeName );
free( strModName );
counter --;
if ( ( counter == 0 ) && ( !strstr(strModName, "opengl32") ) )
{
WriteLogFile( "ReplaceAllMods\r\n\r\n" );
ReplaceAllMod( 1 );
}
return hMod;
}
//
//用来替换LoadLibraryW()的函数
//
HMODULE WINAPI __stdcall MyLoadLibraryW( LPCWSTR lpFileName )
{
static int counter = 0;
counter ++;
//记录调用LoadLibraryW()时的参数
char * strTmp = (char *)malloc( 256 );
WideCharToMultiByte( CP_UTF8,
0,
lpFileName,
-1,
strTmp,
255,
NULL,
NULL );
WriteLogFile( "LoadLibraryExW( " );
if ( !IsBadStringPtr( strTmp, 255 ) )
WriteLogFile( strTmp );
else WriteLogFile( "_BadFileName" );
WriteLogFile( " )\r\n\r\n" );
free( strTmp );
//调用真正的LoadLibraryW()函数
HMODULE hMod = OriginalLoadLibraryW( lpFileName );
char * strExeName = (char*)malloc( 256 );
char * strModName = (char*)malloc( 256 );
GetModuleFileName( NULL, strExeName, 255 );
GetModuleFileName( hMod, strModName, 255 );
//对新加载的模块进行API函数替换
if ( stricmp( strExeName, strModName ) )
{
WriteLogFile( "ReplaceFunctions\r\n\r\n" );
ReplaceFunctions( hMod );
}
free( strExeName );
free( strModName );
counter --;
if ( counter == 0 )
{
WriteLogFile( "ReplaceAllMods\r\n\r\n" );
ReplaceAllMod( 1 );
}
return hMod;
}
//
//用来替换LoadLibraryExA()的函数
//
HMODULE WINAPI __stdcall MyLoadLibraryExA(LPCTSTR lpFileName,
HANDLE hFile,
DWORD dwFlags )
{
static int counter = 0;
counter ++;
//记录调用LoadLibraryExA()时的参数
WriteLogFile( "LoadLibraryExA( " );
if ( !IsBadStringPtr( lpFileName, 255 ) )
WriteLogFile( (char*)lpFileName );
else WriteLogFile( "_BadFileName" );
WriteLogFile( " )\r\n\r\n" );
//调用真正的LoadLibraryExA()函数
HMODULE hMod = OriginalLoadLibraryExA( lpFileName,
hFile,
dwFlags );
char * strExeName = (char*)malloc( 256 );
char * strModName = (char*)malloc( 256 );
GetModuleFileName( NULL, strExeName, 255 );
GetModuleFileName( hMod, strModName, 255 );
//对新加载的模块进行API函数替换
if ( stricmp( strExeName, strModName ) )
{
WriteLogFile( "ReplaceFunctions\r\n\r\n" );
ReplaceFunctions( hMod );
}
free( strExeName );
free( strModName );
counter --;
if ( counter == 0 )
{
WriteLogFile( "ReplaceAllMods\r\n\r\n" );
ReplaceAllMod( 1 );
}
return hMod;
}
//
//用来替换LoadLibraryExW()的函数
//
HMODULE WINAPI __stdcall MyLoadLibraryExW( LPCWSTR lpFileName,
HANDLE hFile,
DWORD dwFlags )
{
static int counter = 0;
counter ++;
//记录调用LoadLibraryExW()时的参数
char * strTmp = (char *)malloc( 256 );
WideCharToMultiByte( CP_UTF8,
0,
lpFileName,
-1,
strTmp,
255,
NULL,
NULL );
WriteLogFile( "LoadLibraryExW( " );
if ( !IsBadStringPtr( strTmp, 255 ) )
WriteLogFile( strTmp );
else WriteLogFile( "_BadFileName" );
WriteLogFile( " )\r\n\r\n" );
//调用真正的LoadLibraryExW()函数
HMODULE hMod = OriginalLoadLibraryExW( lpFileName,
hFile,
dwFlags );
int lastError = GetLastError();
if ( hMod == NULL )
{
itoa( lastError, strTmp, 10 );
WriteLogFile( "Error code:" );
WriteLogFile( strTmp );
WriteLogFile( "\r\n" );
}
char * strExeName = (char*)malloc( 256 );
char * strModName = (char*)malloc( 256 );
GetModuleFileName( NULL, strExeName, 255 );
GetModuleFileName( hMod, strModName, 255 );
//对新加载的模块进行API函数替换
if ( stricmp( strExeName, strModName ) )
{
WriteLogFile( "ReplaceFunctions\r\n\r\n" );
ReplaceFunctions( hMod );
}
free( strExeName );
free( strModName );
counter --;
if ( counter == 0 )
{
WriteLogFile( "ReplaceAllMods\r\n" );
ReplaceAllMod( 1 );
}
free( strTmp );
SetLastError( lastError );
return hMod;
}
//
//用来替换GetProcAddress()的函数
//
FARPROC WINAPI __stdcall MyGetProcAddress( HMODULE hModule,
LPCSTR lpProcName )
{
//调用系统的GetProcAddress()函数
FARPROC proc = OriginalGetProcAddress( hModule,
lpProcName );
int lastError = GetLastError();
//获取hModule的Module Name
char * lpModName = (char*)malloc( 256 );
GetModuleFileName( hModule, lpModName, 255 );
//替换对WSOCK32函数的取地址操作
if ( strstr( lpModName, "WSOCK32" ) )
{
if ( proc == (FARPROC)OriginalConnect )
{
proc = (FARPROC)MyConnect;
WriteLogFile( "GetProcAddress connect() \r\n\r\n" );
}
}
//替换对Kernel32 Loadlibrary()函数的取地址操作
if ( strstr( lpModName, "KERNEL32" ) )
{
if ( proc == (FARPROC)OriginalLoadLibraryA )
{
proc = (FARPROC)MyLoadLibraryA;
WriteLogFile( "GetProcAddress LoadLibraryA() \r\n" );
}
if ( proc == (FARPROC)OriginalLoadLibraryW )
{
proc = (FARPROC)MyLoadLibraryW;
WriteLogFile( "GetProcAddress LoadLibraryW() \r\n" );
}
if ( proc == (FARPROC)OriginalLoadLibraryExA )
{
proc = (FARPROC)MyLoadLibraryExA;
WriteLogFile( "GetProcAddress LoadLibraryExA() \r\n" );
}
if ( proc == (FARPROC)OriginalLoadLibraryExW )
{
proc = (FARPROC)MyLoadLibraryExW;
WriteLogFile( "GetProcAddress LoadLibraryExW() \r\n" );
}
}
free( lpModName );
SetLastError( lastError );
return proc;
}
//
//用来替换connect()的函数
//
int WINAPI __stdcall MyConnect( SOCKET s,
const struct sockaddr FAR *name,
int namelen )
{
char buf[255] = {0};
sockaddr_in * to;
to = (sockaddr_in*)name;
// socks proxy address & port
sockaddr_in sa;
sa.sin_family = AF_INET;
sa.sin_addr.s_addr = inet_addr( "127.0.0.1" );
sa.sin_port = htons( 1080 );
// connect to the socks proxy
int iRet = OriginalConnect( s, (sockaddr*)&sa, namelen );
// send a version identifier/method selection message
buf[0] = 0x5; // SOCKS Protocol Version 5.0
buf[1] = 0x2; // number of methods is 2
buf[2] = 0x0; // X'00' NO AUTHENTICATION REQUIRED
buf[3] = 0x2; // X'02' USERNAME/PASSWORD
iRet = send( s, buf, 4, 0 );
if ( iRet == SOCKET_ERROR )
return SOCKET_ERROR;
else
MessageBox( NULL, "send", "sockscap", MB_OK );
iRet = recv( s, buf, 254, 0 );
if ( iRet == SOCKET_ERROR )
return SOCKET_ERROR;
else
MessageBox( NULL, "Recv", "sockscap", MB_OK );
// define the username & password for socks authentication
char username[64] = "guest";
int userlen = 5;
char password[64] = "guest";
int passlen = 5;
switch ( buf[1] )
{
case 0x0 : // No authentication require
buf[0] = 0x5; // SOCKS Protocol Version 5.0
buf[1] = 0x1; // CMD = connect
buf[2] = 0x0; // Reserved
buf[3] = 0x1; // IP v4
memcpy( buf + 4, &to->sin_addr.s_addr, sizeof(DWORD) );
memcpy( buf + 8, &to->sin_port, sizeof(WORD) );
iRet = send( s, buf, 10, 0 );
iRet = recv( s, buf, 254, 0 );
if ( buf[1] == 0x0 ) //
iRet = 0;
else
iRet = SOCKET_ERROR;
break;
case 0x2 : // need username/password
buf[0] = 0x1;
buf[1] = userlen;
memcpy( buf + userlen, username, userlen );
buf[ userlen+2 ] = passlen;
memcpy( buf + userlen + 3, password, passlen );
iRet = send( s, buf, 3 + userlen + passlen, 0 );
iRet = recv( s, buf, 254, 0 );
if ( buf[1] == 0x0 ) // Authentication return vaule, 0x0 for success
iRet = 0;
else
iRet = SOCKET_ERROR; // Other for failure
break;
case 0xFF: // Can't accept your methods
iRet = SOCKET_ERROR;
break;
default : // Unknown error
iRet = SOCKET_ERROR;
break;
}
return iRet;
}
//
//记录日志文件的函数
//
void WriteLogFile( char * strBuf )
{
DWORD nNumberOfBytesToWrite, NumberOfBytesWritten;
nNumberOfBytesToWrite = strlen( strBuf );
WriteFile( hLogFile, strBuf, nNumberOfBytesToWrite,
&NumberOfBytesWritten, NULL );
}
//
//错误处理函数CheckError()
//如果iReturnCode等于iErrorCode,则输出pErrorMsg并退出
//
void CheckError( int iRetCode, int iErrorCode, char *pErrorMsg )
{
char strErrorCode[10];
char * strBuf = (char*)malloc( 256 );
if ( iRetCode == iErrorCode )
{
strcpy( strBuf, pErrorMsg );
itoa( GetLastError(), strErrorCode, 10 );
strcat( strBuf, strErrorCode );
strcat( strBuf, "\r\n\r\n" );
WriteLogFile( strBuf );
}
free( strBuf );
}
//end of CheckError() |
|
|手机版|小黑屋|AUTOIT CN
( 鲁ICP备19019924号-1 )谷歌
百度
发表于 2012-2-4 09:52:17