private IntPtr Recieve(IntPtr socket, int len) { var buffer = Marshal.AllocHGlobal(len); allocatedMemory.Add(buffer); var result = recv(socket, buffer, len, 0); if (result == -1) { HookManager.Log("Error2: " + WSAGetLastError()); return(IntPtr.Zero); } return(buffer); }
private bool VerifyBindResponse(IntPtr buffer) { var recvBytes = new byte[10] { Marshal.ReadByte(buffer), Marshal.ReadByte(buffer, 1), Marshal.ReadByte(buffer, 2), Marshal.ReadByte(buffer, 3), Marshal.ReadByte(buffer, 4), Marshal.ReadByte(buffer, 5), Marshal.ReadByte(buffer, 6), Marshal.ReadByte(buffer, 7), Marshal.ReadByte(buffer, 8), Marshal.ReadByte(buffer, 9) }; if (recvBytes[1] != 0) { if (recvBytes[1] == 1) { HookManager.Log("General failure"); } if (recvBytes[1] == 2) { HookManager.Log("connection not allowed by ruleset"); } if (recvBytes[1] == 3) { HookManager.Log("network unreachable"); } if (recvBytes[1] == 4) { HookManager.Log("host unreachable"); } if (recvBytes[1] == 5) { HookManager.Log("connection refused by destination host"); } if (recvBytes[1] == 6) { HookManager.Log("TTL expired"); } if (recvBytes[1] == 7) { HookManager.Log("command not supported / protocol error"); } if (recvBytes[1] == 8) { HookManager.Log("address type not supported"); } HookManager.Log("Proxy: Connection error binding eve server"); return(false); } return(true); }
private int WinsockConnectDetour(IntPtr s, IntPtr addr, int addrsize) { lock (wSockLock) { // retrieve remote ip sockaddr_in structure = (sockaddr_in)Marshal.PtrToStructure(addr, typeof(sockaddr_in)); string remoteIp = new System.Net.IPAddress(structure.sin_addr.S_addr).ToString(); ushort remotePort = ntohs(structure.sin_port); HookManager.Log("Ip: " + remoteIp + " Port: " + remotePort.ToString() + " Addrsize: " + addrsize); if (!proxyIp.Equals("")) //if (!proxyIp.Equals("")) { // connect to socks5 server SetAddr(s, addr, proxyIp, proxyPort); var result = Connect(s, addr, addrsize); if (result == -1) { return(-1); } // send socks 5 request IntPtr socksProtocolRequest = SetUpSocks5Request(); result = send(s, socksProtocolRequest, 4, 0); if (result == -1) { return(-1); } // retrieve server repsonse var response = Recieve(s, 2); if (response == IntPtr.Zero) { return(-1); } byte[] recvBytes = new byte[2] { Marshal.ReadByte(response), Marshal.ReadByte(response, 1) }; if (recvBytes[1] == 255) { HookManager.Log("No authentication method was accepted by the proxy server"); return(-1); } if (recvBytes[0] != 5) { HookManager.Log("No SOCKS5 proxy"); return(-1); } // if auth request response, send authenicate request if (recvBytes[1] == 2) { int length = 0; var authenticateRequest = SetUpAuthenticateRequest(proxyUser, proxyPass, out length); result = Send(s, authenticateRequest, length); response = Recieve(s, 2); if (response == IntPtr.Zero) { return(-1); } recvBytes = new byte[2] { Marshal.ReadByte(response), Marshal.ReadByte(response, 1) }; if (recvBytes[1] != 0) { HookManager.Log("Proxy: incorrect username/password"); return(-1); } } // request bind with server var bindRequest = SetUpBindWithRemoteHost(remoteIp, remotePort); result = Send(s, bindRequest, 10); if (result == -1) { return(-1); } // response response = Recieve(s, 10); if (response == IntPtr.Zero) { return(-1); } if (!VerifyBindResponse(response)) { return(-1); } // success WSASetLastError(0); SetLastError(0); // clean memory foreach (var ptr in allocatedMemory) { Marshal.FreeHGlobal(ptr); } allocatedMemory.Clear(); return(0); } else { var result = connect(s, addr, addrsize); return(result); } } }
private int WinsockConnectDetour(IntPtr s, IntPtr sockAddr, int addrsize) { lock (wSockLock) { // retrieve remote ip sockaddr_in structure = (sockaddr_in)Marshal.PtrToStructure(sockAddr, typeof(sockaddr_in)); string remoteIp = new System.Net.IPAddress(structure.sin_addr.S_addr).ToString(); ushort remotePort = ntohs(structure.sin_port); HookManager.Log("Ip: " + remoteIp + " Port: " + remotePort.ToString() + " Addrsize: " + addrsize); if (!remoteIp.Contains("127.0.0.1")) { // connect to socks5 server //IntPtr test = CreateAddr(proxyIp,proxyPort.ToString()); SetAddr(sockAddr, proxyIp, proxyPort.ToString()); var result = connect(s, sockAddr, addrsize); // send socks 5 request IntPtr socksProtocolRequest = SetUpSocks5Request(); result = -1; while (result == -1) { result = send(s, socksProtocolRequest, 4, 0); var errorcode = WSAGetLastError(); if (errorcode != WSAENOTCONN && errorcode != WSANOERROR) { HookManager.Log("Send failed, Error: + " + errorcode); return(-1); } Thread.Sleep(1); } // retrieve server repsonse var response = IntPtr.Zero; while (response == IntPtr.Zero) { response = Recieve(s, 2); var errorcode = WSAGetLastError(); if (errorcode != WSAEWOULDBLOCK && errorcode != WSANOERROR) { HookManager.Log("Recieve FAILED response == IntPtr.Zero! Lasterror: " + errorcode.ToString()); return(-1); } Thread.Sleep(1); } byte[] recvBytes = new byte[2] { Marshal.ReadByte(response), Marshal.ReadByte(response, 1) }; if (recvBytes[1] == 255) { HookManager.Log("No authentication method was accepted by the proxy server"); return(-1); } if (recvBytes[0] != 5) { HookManager.Log("No SOCKS5 proxy"); return(-1); } // if auth request response, send authenicate request if (recvBytes[1] == 2) { int length = 0; var authenticateRequest = SetUpAuthenticateRequest(proxyUser, proxyPass, out length); result = -1; while (result == -1) { result = send(s, authenticateRequest, length, 0); var errorcode = WSAGetLastError(); if (errorcode != WSAENOTCONN && errorcode != WSANOERROR) { HookManager.Log("Send failed, Error: + " + errorcode); return(-1); } Thread.Sleep(1); } response = IntPtr.Zero; while (response == IntPtr.Zero) { response = Recieve(s, 2); var errorcode = WSAGetLastError(); if (errorcode != WSAEWOULDBLOCK && errorcode != WSANOERROR) { HookManager.Log("Recieve FAILED response == IntPtr.Zero! Lasterror: " + errorcode.ToString()); return(-1); } Thread.Sleep(1); } recvBytes = new byte[2] { Marshal.ReadByte(response), Marshal.ReadByte(response, 1) }; if (recvBytes[1] != 0) { //HookManager.Log("Proxy: incorrect username/password"); HookManager.Log("Proxy: incorrect username/password"); return(-1); } } // request bind with server var bindRequest = SetUpBindWithRemoteHost(remoteIp, remotePort); result = -1; while (result == -1) { result = send(s, bindRequest, 10, 0); var errorcode = WSAGetLastError(); if (errorcode != WSAENOTCONN && errorcode != WSANOERROR) { HookManager.Log("Send failed (bindRequest), Error: + " + errorcode); return(-1); } Thread.Sleep(1); } // bind response response = IntPtr.Zero; while (response == IntPtr.Zero) { response = Recieve(s, 10); var errorcode = WSAGetLastError(); if (errorcode != WSAEWOULDBLOCK && errorcode != WSANOERROR) { HookManager.Log("Recieve FAILED response == IntPtr.Zero! Lasterror: " + errorcode.ToString()); return(-1); } Thread.Sleep(1); } if (!VerifyBindResponse(response)) { HookManager.Log("VerifyBindResponse failed!"); return(-1); } // success WSASetLastError(0); SetLastError(0); // clean memory foreach (var ptr in allocatedMemory) { Marshal.FreeHGlobal(ptr); } allocatedMemory.Clear(); return(0); } else { return(connect(s, sockAddr, addrsize)); } } }