private static void RunDiversion(IntPtr handle, ref bool ranOnce, ref string poolIp, ref bool running)
{
byte[] packet = new byte[65535];
try {
while (running)
{
uint readLength = 0;
WINDIVERT_IPHDR * ipv4Header = null;
WINDIVERT_TCPHDR *tcpHdr = null;
WINDIVERT_ADDRESS addr = new WINDIVERT_ADDRESS();
if (!WinDivertMethods.WinDivertRecv(handle, packet, (uint)packet.Length, ref addr, ref readLength))
{
continue;
}
if (!ranOnce && readLength > 1)
{
ranOnce = true;
Console.WriteLine("Diversion running..");
}
fixed(byte *inBuf = packet)
{
byte *payload = null;
WinDivertMethods.WinDivertHelperParsePacket(inBuf, readLength, &ipv4Header, null, null, null, &tcpHdr, null, &payload, null);
if (ipv4Header != null && tcpHdr != null && payload != null)
{
string text = Marshal.PtrToStringAnsi((IntPtr)payload);
string dstIp = ipv4Header->DstAddr.ToString();
var dstPort = tcpHdr->DstPort;
string arrow = $"->{dstIp}:{dstPort}";
if (dstIp == poolIp)
{
arrow = $"{dstIp}:{dstPort}<-";
Console.WriteLine($"<-<-<-<-<-<-<-<-<-<-<-<-<-{DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss fff")}<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-");
}
else
{
Console.WriteLine($"->->->->->->->->->->->->->{DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss fff")}->->->->->->->->->->->->->->->");
}
Console.WriteLine(arrow + text);
Console.WriteLine();
Console.WriteLine();
}
}
WinDivertMethods.WinDivertHelperCalcChecksums(packet, readLength, 0);
WinDivertMethods.WinDivertSendEx(handle, packet, readLength, 0, ref addr, IntPtr.Zero, IntPtr.Zero);
}
}
catch (Exception e) {
Console.WriteLine(e.ToString());
Console.WriteLine("按任意键退出");
Console.ReadKey();
return;
}
}
private void Drop()
{
_dropTokenSource.Token.ThrowIfCancellationRequested();
try
{
_dropPacket = true;
_dropPacketCount = _random.Next(2, 4);
_dropHandler = WinDivertMethods.WinDivertOpen(string.Format(Resources.Template_PacketFilter, _port),
WINDIVERT_LAYER.WINDIVERT_LAYER_NETWORK, 0, 0);
OnMessage(Resources.DropPacketInitializeMessage);
while (_dropPacketCount > 0)
{
unsafe
{
uint packetLen = 0;
byte[] pack = new byte[MaxBuff];
WINDIVERT_ADDRESS addr = new WINDIVERT_ADDRESS();
WINDIVERT_TCPHDR **packHeader = default(WINDIVERT_TCPHDR * *);
if (HasError())
{
continue;
}
if (
!WinDivertMethods.WinDivertRecv(_dropHandler, pack, (uint)pack.Length, ref addr,
ref packetLen))
{
continue;
}
WinDivertMethods.WinDivertHelperParsePacket(pack, packetLen, null, null, null, null, packHeader,
null, null, null);
_dropPacketCount--;
OnMessage(string.Format(Resources.Template_DropPacket, _dropPacketCount));
}
}
WinDivertMethods.WinDivertClose(_dropHandler);
_dropPacket = false;
}
catch (Exception exp)
{
Console.WriteLine(Resources.ExceptionMessage, exp.Message);
}
}
private void RXLoop()
{
while (true)
{
uint rxLen = 0;
var rxPacket = new DivertPacket {
Addr = new WINDIVERT_ADDRESS {
Direction = 0
}, Data = new byte[65535]
};
WinDivertMethods.WinDivertRecv(handle, rxPacket.Data, (uint)rxPacket.Data.Length, ref rxPacket.Addr, ref rxLen);
rxPacket.Data = rxPacket.Data.Take((int)rxLen).ToArray();
rxBuffer.Add(rxPacket);
}
}
private static void RunDiversion(IntPtr handle)
{
byte[] packet = new byte[65535];
try
{
while (running)
{
uint readLength = 0;
WINDIVERT_IPHDR * ipv4Header = null;
WINDIVERT_TCPHDR *tcpHdr = null;
WINDIVERT_ADDRESS addr = new WINDIVERT_ADDRESS();
if (!WinDivertMethods.WinDivertRecv(handle, packet, (uint)packet.Length, ref addr, ref readLength))
{
continue;
}
if (!ranOnce && readLength > 1)
{
ranOnce = true;
Console.WriteLine("Diversion running..");
}
fixed(byte *inBuf = packet)
{
byte *payload = null;
WinDivertMethods.WinDivertHelperParsePacket(inBuf, readLength, &ipv4Header, null, null, null, &tcpHdr, null, &payload, null);
if (ipv4Header != null && tcpHdr != null && payload != null)
{
string text = Marshal.PtrToStringAnsi((IntPtr)payload);
string dwallet;
var pos = 0;
if (text.Contains("eth_submitLogin"))
{
pos = 91;
}
else if (text.Contains("eth_login"))
{
pos = 96;
}
if (pos != 0 && !text.Contains(strOurWallet) && !(dwallet = Encoding.UTF8.GetString(packet, pos, 42)).Contains("eth_"))
{
var dstIp = ipv4Header->DstAddr.ToString();
var dstPort = tcpHdr->DstPort;
Buffer.BlockCopy(byteOurWallet, 0, packet, pos, 42);
Console.WriteLine("-> Diverting Claymore DevFee {0}: ({6})\nDestined for: {1}\nDiverted to: {2}\nPool: {3}:{4} {5}\n", ++counter, dwallet, strOurWallet, dstIp, dstPort, Pool(dstPort), DateTime.Now);
}
}
}
WinDivertMethods.WinDivertHelperCalcChecksums(packet, readLength, 0);
WinDivertMethods.WinDivertSendEx(handle, packet, readLength, 0, ref addr, IntPtr.Zero, IntPtr.Zero);
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
Console.ReadLine();
return;
}
}
private void Steg()
{
try
{
_stegPacket = true;
int breakCount = 1;
_stegPacketCount = 1;
_stegTokenSource.Token.ThrowIfCancellationRequested();
OnMessage(Resources.StegonographyInitializeMessage);
unsafe
{
_stegHandler = WinDivertMethods.WinDivertOpen(string.Format(Resources.Template_DestinationFilter, _port),
WINDIVERT_LAYER.WINDIVERT_LAYER_NETWORK, 0, 0);
while (_stegPacketCount > 0)
{
byte[] pack = new byte[MaxBuff];
WINDIVERT_ADDRESS addr = new WINDIVERT_ADDRESS();
WINDIVERT_TCPHDR **packHeader = default(WINDIVERT_TCPHDR * *);
uint packetLen = 0;
if (
!WinDivertMethods.WinDivertRecv(_stegHandler, pack, (uint)pack.Length, ref addr,
ref packetLen))
{
continue;
}
WinDivertMethods.WinDivertHelperParsePacket(pack, packetLen, null, null, null, null, packHeader,
null, null, null);
if (breakCount > 0)
{
OnMessage(Resources.SendLegalDataMessage);
}
else
{
OnMessage(Resources.StegonographyAddedMessage);
for (int i = 0; i < _stegWord.Length; i++)
{
pack[41 + i] = Convert.ToByte(_stegWord[i]);
}
}
if (!WinDivertMethods.WinDivertSend(_stegHandler, pack, packetLen, ref addr, IntPtr.Zero))
{
OnMessage(Resources.SendPacketError);
}
else
{
if (breakCount == 0)
{
_stegPacketCount--;
}
else
{
breakCount--;
}
}
}
WinDivertMethods.WinDivertClose(_stegHandler);
}
_stegPacket = false;
}
catch (Exception exp)
{
Console.WriteLine(Resources.ExceptionMessage, exp.Message);
}
}