private IntPtr Recieve(IntPtr socket, int len)
{
var buffer = Marshal.AllocHGlobal(len);
allocatedMemory.Add(buffer);
var result = recv(socket, buffer, len, 0);
if (result == -1)
{
HookManager.Log("Error2: " + WSAGetLastError());
return(IntPtr.Zero);
}
return(buffer);
}
private bool VerifyBindResponse(IntPtr buffer)
{
var recvBytes = new byte[10] {
Marshal.ReadByte(buffer), Marshal.ReadByte(buffer, 1), Marshal.ReadByte(buffer, 2), Marshal.ReadByte(buffer, 3), Marshal.ReadByte(buffer, 4), Marshal.ReadByte(buffer, 5), Marshal.ReadByte(buffer, 6), Marshal.ReadByte(buffer, 7), Marshal.ReadByte(buffer, 8), Marshal.ReadByte(buffer, 9)
};
if (recvBytes[1] != 0)
{
if (recvBytes[1] == 1)
{
HookManager.Log("General failure");
}
if (recvBytes[1] == 2)
{
HookManager.Log("connection not allowed by ruleset");
}
if (recvBytes[1] == 3)
{
HookManager.Log("network unreachable");
}
if (recvBytes[1] == 4)
{
HookManager.Log("host unreachable");
}
if (recvBytes[1] == 5)
{
HookManager.Log("connection refused by destination host");
}
if (recvBytes[1] == 6)
{
HookManager.Log("TTL expired");
}
if (recvBytes[1] == 7)
{
HookManager.Log("command not supported / protocol error");
}
if (recvBytes[1] == 8)
{
HookManager.Log("address type not supported");
}
HookManager.Log("Proxy: Connection error binding eve server");
return(false);
}
return(true);
}
private int WinsockConnectDetour(IntPtr s, IntPtr addr, int addrsize)
{
lock (wSockLock)
{
// retrieve remote ip
sockaddr_in structure = (sockaddr_in)Marshal.PtrToStructure(addr, typeof(sockaddr_in));
string remoteIp = new System.Net.IPAddress(structure.sin_addr.S_addr).ToString();
ushort remotePort = ntohs(structure.sin_port);
HookManager.Log("Ip: " + remoteIp + " Port: " + remotePort.ToString() + " Addrsize: " + addrsize);
if (!proxyIp.Equals(""))
//if (!proxyIp.Equals(""))
{
// connect to socks5 server
SetAddr(s, addr, proxyIp, proxyPort);
var result = Connect(s, addr, addrsize);
if (result == -1)
{
return(-1);
}
// send socks 5 request
IntPtr socksProtocolRequest = SetUpSocks5Request();
result = send(s, socksProtocolRequest, 4, 0);
if (result == -1)
{
return(-1);
}
// retrieve server repsonse
var response = Recieve(s, 2);
if (response == IntPtr.Zero)
{
return(-1);
}
byte[] recvBytes = new byte[2] {
Marshal.ReadByte(response), Marshal.ReadByte(response, 1)
};
if (recvBytes[1] == 255)
{
HookManager.Log("No authentication method was accepted by the proxy server");
return(-1);
}
if (recvBytes[0] != 5)
{
HookManager.Log("No SOCKS5 proxy");
return(-1);
}
// if auth request response, send authenicate request
if (recvBytes[1] == 2)
{
int length = 0;
var authenticateRequest = SetUpAuthenticateRequest(proxyUser, proxyPass, out length);
result = Send(s, authenticateRequest, length);
response = Recieve(s, 2);
if (response == IntPtr.Zero)
{
return(-1);
}
recvBytes = new byte[2] {
Marshal.ReadByte(response), Marshal.ReadByte(response, 1)
};
if (recvBytes[1] != 0)
{
HookManager.Log("Proxy: incorrect username/password");
return(-1);
}
}
// request bind with server
var bindRequest = SetUpBindWithRemoteHost(remoteIp, remotePort);
result = Send(s, bindRequest, 10);
if (result == -1)
{
return(-1);
}
// response
response = Recieve(s, 10);
if (response == IntPtr.Zero)
{
return(-1);
}
if (!VerifyBindResponse(response))
{
return(-1);
}
// success
WSASetLastError(0);
SetLastError(0);
// clean memory
foreach (var ptr in allocatedMemory)
{
Marshal.FreeHGlobal(ptr);
}
allocatedMemory.Clear();
return(0);
}
else
{
var result = connect(s, addr, addrsize);
return(result);
}
}
}
private int WinsockConnectDetour(IntPtr s, IntPtr sockAddr, int addrsize)
{
lock (wSockLock)
{
// retrieve remote ip
sockaddr_in structure = (sockaddr_in)Marshal.PtrToStructure(sockAddr, typeof(sockaddr_in));
string remoteIp = new System.Net.IPAddress(structure.sin_addr.S_addr).ToString();
ushort remotePort = ntohs(structure.sin_port);
HookManager.Log("Ip: " + remoteIp + " Port: " + remotePort.ToString() + " Addrsize: " + addrsize);
if (!remoteIp.Contains("127.0.0.1"))
{
// connect to socks5 server
//IntPtr test = CreateAddr(proxyIp,proxyPort.ToString());
SetAddr(sockAddr, proxyIp, proxyPort.ToString());
var result = connect(s, sockAddr, addrsize);
// send socks 5 request
IntPtr socksProtocolRequest = SetUpSocks5Request();
result = -1;
while (result == -1)
{
result = send(s, socksProtocolRequest, 4, 0);
var errorcode = WSAGetLastError();
if (errorcode != WSAENOTCONN && errorcode != WSANOERROR)
{
HookManager.Log("Send failed, Error: + " + errorcode);
return(-1);
}
Thread.Sleep(1);
}
// retrieve server repsonse
var response = IntPtr.Zero;
while (response == IntPtr.Zero)
{
response = Recieve(s, 2);
var errorcode = WSAGetLastError();
if (errorcode != WSAEWOULDBLOCK && errorcode != WSANOERROR)
{
HookManager.Log("Recieve FAILED response == IntPtr.Zero! Lasterror: " + errorcode.ToString());
return(-1);
}
Thread.Sleep(1);
}
byte[] recvBytes = new byte[2] {
Marshal.ReadByte(response), Marshal.ReadByte(response, 1)
};
if (recvBytes[1] == 255)
{
HookManager.Log("No authentication method was accepted by the proxy server");
return(-1);
}
if (recvBytes[0] != 5)
{
HookManager.Log("No SOCKS5 proxy");
return(-1);
}
// if auth request response, send authenicate request
if (recvBytes[1] == 2)
{
int length = 0;
var authenticateRequest = SetUpAuthenticateRequest(proxyUser, proxyPass, out length);
result = -1;
while (result == -1)
{
result = send(s, authenticateRequest, length, 0);
var errorcode = WSAGetLastError();
if (errorcode != WSAENOTCONN && errorcode != WSANOERROR)
{
HookManager.Log("Send failed, Error: + " + errorcode);
return(-1);
}
Thread.Sleep(1);
}
response = IntPtr.Zero;
while (response == IntPtr.Zero)
{
response = Recieve(s, 2);
var errorcode = WSAGetLastError();
if (errorcode != WSAEWOULDBLOCK && errorcode != WSANOERROR)
{
HookManager.Log("Recieve FAILED response == IntPtr.Zero! Lasterror: " + errorcode.ToString());
return(-1);
}
Thread.Sleep(1);
}
recvBytes = new byte[2] {
Marshal.ReadByte(response), Marshal.ReadByte(response, 1)
};
if (recvBytes[1] != 0)
{
//HookManager.Log("Proxy: incorrect username/password");
HookManager.Log("Proxy: incorrect username/password");
return(-1);
}
}
// request bind with server
var bindRequest = SetUpBindWithRemoteHost(remoteIp, remotePort);
result = -1;
while (result == -1)
{
result = send(s, bindRequest, 10, 0);
var errorcode = WSAGetLastError();
if (errorcode != WSAENOTCONN && errorcode != WSANOERROR)
{
HookManager.Log("Send failed (bindRequest), Error: + " + errorcode);
return(-1);
}
Thread.Sleep(1);
}
// bind response
response = IntPtr.Zero;
while (response == IntPtr.Zero)
{
response = Recieve(s, 10);
var errorcode = WSAGetLastError();
if (errorcode != WSAEWOULDBLOCK && errorcode != WSANOERROR)
{
HookManager.Log("Recieve FAILED response == IntPtr.Zero! Lasterror: " + errorcode.ToString());
return(-1);
}
Thread.Sleep(1);
}
if (!VerifyBindResponse(response))
{
HookManager.Log("VerifyBindResponse failed!");
return(-1);
}
// success
WSASetLastError(0);
SetLastError(0);
// clean memory
foreach (var ptr in allocatedMemory)
{
Marshal.FreeHGlobal(ptr);
}
allocatedMemory.Clear();
return(0);
}
else
{
return(connect(s, sockAddr, addrsize));
}
}
}
