Redirect Client Blocks (引诱服转移功能屏蔽代码+成品)
本帖最后由 201724 于 2012-12-1 20:00 编辑代码+成品压缩包回复可见
原理:屏蔽引诱服的关键封包,让转移服务器的功能失效来达到屏蔽引诱服的效果
**** Hidden Message *****
//Code By 201724
//Anti Redirect Server Dynamic Library Sources Code
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <memory.h>
#include <stdarg.h>
#include <windows.h>
#include "detours.h"
HMODULE gSocket_ws2;
HMODULE gSocket_wsock32;
BOOL bInstance=FALSE;
typedef int (WINAPI * fnrecvfrom)(SOCKET s,char* buf,int len,int flags,struct sockaddr* from,int* fromlen);
//origin ws2_32.dll recvfrom callback
fnrecvfrom orecvfrom_ws2;
//origin wsock32.dll recvfrom callback
fnrecvfrom orecvfrom_wsock32;
//Quake Protocol Redirect Packet Title
#define S2C_REDIRECT 'L'
//ws2_32.dll new recvfrom
int WINAPI newrecvfrom_ws2(SOCKET s,char* buf,int len,int flags,struct sockaddr* from,int* fromlen)
{
int ret = orecvfrom_ws2(s,buf,len,flags,from,fromlen);
if(ret > 0 && *(DWORD*)buf == -1) //check request packet head
{
if(((PBYTE)buf) == S2C_REDIRECT) //check Redirect Packet
{
//Block this packet
WSASetLastError(WSAEWOULDBLOCK);
return -1;
}
}
return ret;
}
//wsock32.dll new recvfrom
int WINAPI newrecvfrom_wsock32(SOCKET s,char* buf,int len,int flags,struct sockaddr* from,int* fromlen)
{
int ret = orecvfrom_wsock32(s,buf,len,flags,from,fromlen);
if(ret > 0 && *(DWORD*)buf == -1) //check request packet head
{
if(((PBYTE)buf) == S2C_REDIRECT) //check Redirect Packet
{
//Block this packet
WSASetLastError(WSAEWOULDBLOCK);
return -1;
}
}
return ret;
}
//Initialize pakcet filter
void Instance()
{
//load librarys and get function address
gSocket_ws2 = LoadLibrary("ws2_32.dll");
gSocket_wsock32 = LoadLibrary("wsock32.dll");
orecvfrom_ws2 = (fnrecvfrom)GetProcAddress(gSocket_ws2,"recvfrom");
orecvfrom_wsock32 = (fnrecvfrom)GetProcAddress(gSocket_wsock32,"recvfrom");
if(orecvfrom_ws2) //check func ws2_32.dll -> recvfrom address
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach((void**)&orecvfrom_ws2,newrecvfrom_ws2); //attach make new jump data
DetourTransactionCommit(); //instance
}
if(orecvfrom_wsock32) //check func ws2_32.dll -> recvfrom address
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourAttach((void**)&orecvfrom_wsock32,newrecvfrom_wsock32); //attach make new jump data
DetourTransactionCommit();//instance
}
bInstance = TRUE; //set hook mark
}
void Deinstance()
{
if(bInstance==TRUE) //check hook mark
{
if(orecvfrom_ws2)
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach((void**)&orecvfrom_ws2,newrecvfrom_ws2); //detach hook
DetourTransactionCommit();//destory new jump data and restore
}
if(orecvfrom_wsock32) //check hook mark
{
DetourTransactionBegin();
DetourUpdateThread(GetCurrentThread());
DetourDetach((void**)&orecvfrom_wsock32,newrecvfrom_wsock32);//detach hook
DetourTransactionCommit();//destory new jump data and restore
}
}
}
//Dll Initialize
BOOL WINAPI DllMain(HINSTANCE hDllHandle,DWORD nReason,LPVOID lpReserved)
{
switch(nReason)
{
case DLL_PROCESS_ATTACH:
{
Instance();
break;
}
case DLL_PROCESS_DETACH:
{
Deinstance();
break;
}
}
return TRUE;
}
看下:)怎么样啊 啊哈哈 试试效果:victory::victory:试试效果 不懂怎么用... 这是什么语言写的? 这是什么啊!说说怎么用啊。老大给个能弄明白的说明 回复后看看
然后下载收藏 顶!!!!!!!!!!! 回复后看看 本帖最后由 hackroad 于 2012-12-2 12:03 编辑
这下浩方可以借鉴了..........
是c++的吧