| 网站首页 | 业界新闻 | 小组 | 威客 | 人才 | 下载频道 | 博客 | 代码贴 | 在线编程 | 编程论坛
欢迎加入我们,一同切磋技术
用户名:   
 
密 码:  
共有 9799 人关注过本帖
标题:请教一下,如何做一个截获报文并修改报文的小软件?(编辑HTTP Request)
只看楼主 加入收藏
东海一鱼
Rank: 13Rank: 13Rank: 13Rank: 13
等 级:贵宾
威 望:48
帖 子:757
专家分:4760
注 册:2009-8-10
收藏
得分:0 
回复 9楼 非虫

嗬嗬,我还真写过一个。写得不好,请多指教。

程序代码:
#include "precomp.h" 
#pragma hdrstop 
#pragma NDIS_INIT_FUNCTION(DriverEntry) 

 
#define LINKNAME_STRING     L"\\DosDevices\\NDIS_INFACE" 
#define NTDEVICE_STRING     L"\\Device\\MYNDIS_001"              //我的设备:〉

 
UINT            g_BanDing = 0; 

 
NDIS_HANDLE                        ProtHandle = NULL; 
NDIS_HANDLE                        DriverHandle = NULL; 
NDIS_MEDIUM                        MediumArray[4] =                       //支持的物理网络类型
                                    { 
                                        NdisMedium802_3,    // Ethernet 
                                        NdisMedium802_5,    // Token-ring 
                                        NdisMediumFddi,        // Fddi 
                                        NdisMediumWan       // NDISWAN 
                                    }; 

 
NDIS_SPIN_LOCK    GlobalLock; 

 
PADAPT            pAdaptList = NULL; 
LONG            MiniportCount = 0; 

 
NDIS_HANDLE        NdisWrapperHandle;  

 
NDIS_HANDLE     NdisDeviceHandle = NULL; 
PDEVICE_OBJECT  ControlDeviceObject = NULL; 
enum _DEVICE_STATE 
{ 
    PS_DEVICE_STATE_READY = 0,    
    PS_DEVICE_STATE_CREATING,    
    PS_DEVICE_STATE_DELETING    
}                ControlDeviceState = PS_DEVICE_STATE_READY; 

 

 

 
NTSTATUS 
DriverEntry( 
    IN    PDRIVER_OBJECT        DriverObject, 
    IN    PUNICODE_STRING        RegistryPath 
    ) 
{ 
    NDIS_STATUS                        Status; 
    NDIS_PROTOCOL_CHARACTERISTICS    PChars; 
    NDIS_MINIPORT_CHARACTERISTICS    MChars; 
    PNDIS_CONFIGURATION_PARAMETER    Param; 
    NDIS_STRING                        Name; 

 
    Status = NDIS_STATUS_SUCCESS; 
    NdisAllocateSpinLock(&GlobalLock); 

 
    NdisMInitializeWrapper(&NdisWrapperHandle, DriverObject, RegistryPath, NULL); 

 
    do 
    {          
        NdisZeroMemory(&MChars, sizeof(NDIS_MINIPORT_CHARACTERISTICS)); 

 
        MChars.MajorNdisVersion = PASSTHRU_MAJOR_NDIS_VERSION; 
        MChars.MinorNdisVersion = PASSTHRU_MINOR_NDIS_VERSION; 

 
        MChars.InitializeHandler = MPInitialize; 
        MChars.QueryInformationHandler = MPQueryInformation; 
        MChars.SetInformationHandler = MPSetInformation; 
        MChars.ResetHandler = MPReset; 
        MChars.TransferDataHandler = MPTransferData; 
        MChars.HaltHandler = MPHalt; 
#ifdef NDIS51_MINIPORT 
        MChars.CancelSendPacketsHandler = MPCancelSendPackets; 
        MChars.PnPEventNotifyHandler = MPDevicePnPEvent; 
        MChars.AdapterShutdownHandler = MPAdapterShutdown; 
#endif // NDIS51_MINIPORT 

 
        MChars.CheckForHangHandler = NULL; 
        MChars.ReturnPacketHandler = MPReturnPacket; 

 
        // 
        // 采用多包发送 
        // 
        MChars.SendHandler = NULL;    // MPSend; 
        MChars.SendPacketsHandler = MPSendPackets; 

 
        Status = NdisIMRegisterLayeredMiniport(NdisWrapperHandle, 
                                                  &MChars, 
                                                  sizeof(MChars), 
                                                  &DriverHandle); 
        if (Status != NDIS_STATUS_SUCCESS) 
        { 
            break; 
        } 

 
#ifndef WIN9X 
        NdisMRegisterUnloadHandler(NdisWrapperHandle, PtUnload); 
#endif 

 
        // 
        // 注册我的协议 
        // 
        NdisZeroMemory(&PChars, sizeof(NDIS_PROTOCOL_CHARACTERISTICS)); 
        PChars.MajorNdisVersion = PASSTHRU_PROT_MAJOR_NDIS_VERSION; 
        PChars.MinorNdisVersion = PASSTHRU_PROT_MINOR_NDIS_VERSION; 

 
        NdisInitUnicodeString(&Name, L"XNDF");    // 我的协议名称,哈哈
        PChars.Name = Name; 
        PChars.OpenAdapterCompleteHandler = PtOpenAdapterComplete; 
        PChars.CloseAdapterCompleteHandler = PtCloseAdapterComplete; 
        PChars.SendCompleteHandler = PtSendComplete; 
        PChars.TransferDataCompleteHandler = PtTransferDataComplete; 
     
        PChars.ResetCompleteHandler = PtResetComplete; 
        PChars.RequestCompleteHandler = PtRequestComplete; 
        PChars.ReceiveHandler = PtReceive; 
        PChars.ReceiveCompleteHandler = PtReceiveComplete; 
        PChars.StatusHandler = PtStatus; 
        PChars.StatusCompleteHandler = PtStatusComplete; 
        PChars.BindAdapterHandler = PtBindAdapter; 
        PChars.UnbindAdapterHandler = PtUnbindAdapter; 
        PChars.UnloadHandler = PtUnloadProtocol; 

 
        PChars.ReceivePacketHandler = PtReceivePacket; 
        PChars.PnPEventHandler= PtPNPHandler; 

 
        NdisRegisterProtocol(&Status, 
                             &ProtHandle, 
                             &PChars, 
                             sizeof(NDIS_PROTOCOL_CHARACTERISTICS)); 

 
        if (Status != NDIS_STATUS_SUCCESS) 
        { 
            NdisIMDeregisterLayeredMiniport(DriverHandle); 
            break; 
        } 

 
        NdisIMAssociateMiniport(DriverHandle, ProtHandle); 
    } 
    while (FALSE); 

 
    if (Status != NDIS_STATUS_SUCCESS) 
    { 
        NdisTerminateWrapper(NdisWrapperHandle, NULL); 
    } 

 
    return(Status); 
} 

 

 
NDIS_STATUS 
PtRegisterDevice( 
    VOID 
    ) 
{ 
    NDIS_STATUS            Status = NDIS_STATUS_SUCCESS; 
    UNICODE_STRING        DeviceName; 
    UNICODE_STRING        DeviceLinkUnicodeString; 
    PDRIVER_DISPATCH    DispatchTable[IRP_MJ_MAXIMUM_FUNCTION]; 
    UINT                i; 

 
    DBGPRINT(("==>PtRegisterDevice\n")); 

 
    NdisAcquireSpinLock(&GlobalLock); 

 
    ++MiniportCount; 
     
    if (1 == MiniportCount) 
    { 
        ASSERT(ControlDeviceState != PS_DEVICE_STATE_CREATING); 

 
        while (ControlDeviceState != PS_DEVICE_STATE_READY) 
        { 
            NdisReleaseSpinLock(&GlobalLock); 
            NdisMSleep(1); 
            NdisAcquireSpinLock(&GlobalLock); 
        } 

 
        ControlDeviceState = PS_DEVICE_STATE_CREATING; 

 
        NdisReleaseSpinLock(&GlobalLock); 

 
        for (i = 0; i < IRP_MJ_MAXIMUM_FUNCTION; i++) 
        { 
            DispatchTable[i] = PtDispatch; 
        } 

 
        NdisInitUnicodeString(&DeviceName, NTDEVICE_STRING); 
        NdisInitUnicodeString(&DeviceLinkUnicodeString, LINKNAME_STRING); 

 
        // 
        // 创建设备对象并绑定驱动回调函数组
        // 
         
        Status = NdisMRegisterDevice( 
                    NdisWrapperHandle, 
                    &DeviceName, 
                    &DeviceLinkUnicodeString, 
                    &DispatchTable[0], 
                    &ControlDeviceObject, 
                    &NdisDeviceHandle 
                    ); 

 
        NdisAcquireSpinLock(&GlobalLock); 

 
        ControlDeviceState = PS_DEVICE_STATE_READY; 
    } 

 
    NdisReleaseSpinLock(&GlobalLock); 

 
    DBGPRINT(("<==PtRegisterDevice: %x\n", Status)); 

 
    return (Status); 
} 


[ 本帖最后由 东海一鱼 于 2009-8-18 07:39 编辑 ]
收到的鲜花
  • zklhp2009-08-19 18:28 送鲜花  50朵   附言:我很赞同

举世而誉之而不加劝,举世而非之而不加沮,定乎内外之分,辩乎荣辱之境,斯已矣。彼其于世未数数然也。
2009-08-18 07:09
东海一鱼
Rank: 13Rank: 13Rank: 13Rank: 13
等 级:贵宾
威 望:48
帖 子:757
专家分:4760
注 册:2009-8-10
收藏
得分:0 
这个论坛够‘霉’的,字数检测说少于50000子的代码可发。结果才40000多字就出错。

举世而誉之而不加劝,举世而非之而不加沮,定乎内外之分,辩乎荣辱之境,斯已矣。彼其于世未数数然也。
2009-08-18 07:21
东海一鱼
Rank: 13Rank: 13Rank: 13Rank: 13
等 级:贵宾
威 望:48
帖 子:757
专家分:4760
注 册:2009-8-10
收藏
得分:0 
程序代码:
NDIS_STATUS 
PtReceive( 
    IN  NDIS_HANDLE            ProtocolBindingContext, 
    IN  NDIS_HANDLE            MacReceiveContext, 
    IN  PVOID                HeaderBuffer, 
    IN  UINT                HeaderBufferSize, 
    IN  PVOID                LookAheadBuffer, 
    IN  UINT                LookAheadBufferSize, 
    IN  UINT                PacketSize 
    ) 
{ 
    PADAPT            pAdapt =(PADAPT)ProtocolBindingContext; 
    PNDIS_PACKET    Packet,MyPacket,LookAheadPacket,LaterPacket; 
    NDIS_STATUS        Status = NDIS_STATUS_SUCCESS; 
    PUCHAR            pPacketContent,pLookAheadContent,pLaterContent; 
    PNDIS_BUFFER    pPacketBuffer,pLookAheadBuffer,pLaterBuffer; 
    NDIS_PHYSICAL_ADDRESS HighestAcceptableMax; 
    UINT            OffsetSize,PacketLen,BytesTransferred; 
    PRECV_RSVD        Rsvd=NULL; 
     

 
    HighestAcceptableMax.LowPart = -1; 
    HighestAcceptableMax.HighPart = -1; 
     

 
    if (!pAdapt->MiniportHandle) 
    { 
        Status = NDIS_STATUS_FAILURE; 
    } 
    else do 
    { 
        Packet = NdisGetReceivedPacket(pAdapt->BindingHandle, MacReceiveContext); 
        if (Packet != NULL) 
        { 
            NdisDprAllocatePacket(&Status, 
                                         &MyPacket, 
                                         pAdapt->RecvPacketPoolHandle); 

 
            if (Status == NDIS_STATUS_SUCCESS) 
            { 
                MyPacket->Private.Head = Packet->Private.Head; 
                MyPacket->Private.Tail = Packet->Private.Tail; 

 
                NDIS_SET_ORIGINAL_PACKET(MyPacket, NDIS_GET_ORIGINAL_PACKET(Packet)); 
                NDIS_SET_PACKET_HEADER_SIZE(MyPacket, HeaderBufferSize); 

 
                // 
                // 拷贝包标记 
                // 
                NdisGetPacketFlags(MyPacket) = NdisGetPacketFlags(Packet); 
                NDIS_SET_PACKET_STATUS(MyPacket, NDIS_STATUS_RESOURCES); 

 
               NdisMIndicateReceivePacket(pAdapt->MiniportHandle, &MyPacket, 1); 

 
               NdisDprFreePacket(MyPacket); 

 
                break; 
            } 
        } 
        ///////////////////////收包截获A/////////////////////////////////////////////////// 
        else if (LookAheadBufferSize>=PacketSize)
        { 
            DBGPRINT (("1 PtReceive PacketSize=%d,LookAheadBufferSize=%d\n",PacketSize,LookAheadBufferSize));  
             
            Status=NdisAllocateMemory(&pPacketContent,BUFFER_SIZE,0,HighestAcceptableMax); 
            if(Status!=NDIS_STATUS_SUCCESS) 
            { 
                DBGPRINT(("PTReceive:NdisAllocateMemory pPacketContent Failed\n")); 
                break;  
            } 
            if(pPacketContent==NULL) 
            { 
                DBGPRINT(("PTReceive:pPacketContent==NULL\n")); 
                return(NDIS_STATUS_NOT_ACCEPTED); 
            }  
            NdisZeroMemory(pPacketContent,BUFFER_SIZE); 
             
             
            NdisMoveMemory(pPacketContent,HeaderBuffer,HeaderBufferSize); 
            NdisMoveMemory(pPacketContent+HeaderBufferSize,LookAheadBuffer,LookAheadBufferSize); 
            PacketLen=PacketSize+HeaderBufferSize;//接收包长度 
            DBGPRINT(("+++++++++++MypacketContent  In   PtReceive 1+++++++++++++++++++")); 

            MyFixRecv(pPacketContent,PacketLen);        ///////////我对包的处理(乾坤大挪移,哈),
            
            NdisDprAllocatePacket(&Status,&MyPacket,pAdapt->RecvPacketPoolHandle); 
            if(Status!=NDIS_STATUS_SUCCESS) 
            { 
                NdisFreeMemory(pPacketContent,BUFFER_SIZE,0); 
                break; 
            } 
             
            //分配buffer 
            NdisAllocateBuffer(&Status,&pPacketBuffer,pAdapt->RcvBufferPoolHandle,pPacketContent,PacketLen); 
            if (Status!=NDIS_STATUS_SUCCESS) 
            { 
                NdisFreeMemory(pPacketContent,BUFFER_SIZE,0); 
                NdisDprFreePacket(MyPacket); 
                break;  
            } 
             
            //对分配的包作处理 
            NdisChainBufferAtFront(MyPacket,pPacketBuffer);  
            MyPacket->Private.Head->Next=NULL; 
            MyPacket->Private.Tail=NULL; 

 
            Rsvd=(PRECV_RSVD)(MyPacket->MiniportReserved); 
            Rsvd->OriginalPkt=NULL; 
            NDIS_SET_PACKET_HEADER_SIZE(MyPacket,HeaderBufferSize); 
             
            //提交包,如状态为PENDING,则调用MPReturnPacket 
            NdisMIndicateReceivePacket(pAdapt->MiniportHandle,&MyPacket,1); 
             
            if(NDIS_GET_PACKET_STATUS(MyPacket)!=NDIS_STATUS_PENDING) 
            { 
                DBGPRINT(("In PtReceive NDIS_GET_PACKET_STATUS(MyPacket)!=NDIS_STATUS_PENDING Free Memory\n")); 
                NdisFreeBuffer(pPacketBuffer); 
                NdisFreeMemory(pPacketContent,BUFFER_SIZE,0); 
                NdisDprFreePacket(MyPacket); 
            } 
            break; 

 
        } 
        else 
        { 
            DBGPRINT (("2 PtReceive PacketSize=%d,LookAheadBufferSize=%d\n",PacketSize,LookAheadBufferSize));  
            ////////////////////////////组包接收LookAhead数据A////////////////////////////////// 
             
            OffsetSize=HeaderBufferSize+LookAheadBufferSize;             
             
            Status=NdisAllocateMemory(&pLookAheadContent,BUFFER_SIZE,0,HighestAcceptableMax);  
            if(Status!=NDIS_STATUS_SUCCESS) 
            { 
                DBGPRINT(("PtReceive:NdisAllocateMemory pLookAheadContent Failed.\n")); 
                break; 
            } 
            if(pLookAheadContent==NULL) 
            { 
                DBGPRINT(("PTReceive:pLookAheadContent==NULL\n")); 
                return(NDIS_STATUS_NOT_ACCEPTED); 
            }  
            NdisZeroMemory(pLookAheadContent,BUFFER_SIZE); 
             
            NdisMoveMemory(pLookAheadContent,HeaderBuffer,HeaderBufferSize); 
            NdisMoveMemory(pLookAheadContent+HeaderBufferSize,LookAheadBuffer,LookAheadBufferSize);             
            
            NdisAllocateBuffer(&Status,&pLookAheadBuffer,pAdapt->RcvBufferPoolHandle,pLookAheadContent,OffsetSize); 
            if (Status!=NDIS_STATUS_SUCCESS)  
            { 
                DBGPRINT(("PtReceive:NdisAllocateBuffer pPacketBuffer Failed.\n")); 
                NdisFreeMemory(pLookAheadContent,BUFFER_SIZE,0); 
                break; 
            }             
            
            NdisDprAllocatePacket(&Status,&LookAheadPacket,pAdapt->RecvPacketPoolHandle); 
            if (Status!=NDIS_STATUS_SUCCESS) 
            { 
                DBGPRINT(("PtReceive:NdisDprAllocatePacket LookAheadPacket Failed.\n")); 
                NdisFreeMemory(pLookAheadContent,BUFFER_SIZE,0); 
                NdisFreeBuffer(pLookAheadBuffer); 
                break; 
            } 

 
            NdisChainBufferAtFront(LookAheadPacket,pLookAheadBuffer); 
            LookAheadPacket->Private.Head->Next=NULL; 
            LookAheadPacket->Private.Tail=NULL; 
             

 
            ////////////////////////////组包接收后续数据A////////////////////////////////// 
             
            //分配Memory,用于接收后续数据 
            Status=NdisAllocateMemory(&pLaterContent,BUFFER_SIZE,0,HighestAcceptableMax);  
            if(Status!=NDIS_STATUS_SUCCESS) 
            { 
                DBGPRINT(("PtReceive:NdisAllocateMemory pLaterContent Failed.\n")); 
                NdisFreeMemory(pLookAheadContent,BUFFER_SIZE,0); 
                NdisFreeBuffer(pLookAheadBuffer); 
                NdisDprFreePacket(LookAheadPacket); 
                break; 
            } 
            if(pLaterContent==NULL) 
            { 
                DBGPRINT(("PTReceive:pLaterContent==NULL\n")); 
                NdisFreeMemory(pLookAheadContent,BUFFER_SIZE,0); 
                NdisFreeBuffer(pLookAheadBuffer); 
                NdisDprFreePacket(LookAheadPacket); 
                return(NDIS_STATUS_NOT_ACCEPTED); 
            }  
            NdisZeroMemory(pLaterContent,BUFFER_SIZE); 

 
            //分配pLaterBuffer 
            NdisAllocateBuffer(&Status,&pLaterBuffer,pAdapt->RcvBufferPoolHandle,pLaterContent,PacketSize-LookAheadBufferSize); 
            if (Status!=NDIS_STATUS_SUCCESS) 
            { 
                NdisFreeMemory(pLookAheadContent,BUFFER_SIZE,0); 
                NdisFreeBuffer(pLookAheadBuffer); 
                NdisDprFreePacket(LookAheadPacket); 
                NdisFreeMemory(pLaterContent,BUFFER_SIZE,0); 
                break; 
            } 
             
            //分配LaterPacket 
            NdisDprAllocatePacket(&Status,&LaterPacket,pAdapt->RecvPacketPoolHandle); 
            if (Status!=NDIS_STATUS_SUCCESS) 
            { 
                 
                NdisFreeMemory(pLookAheadContent,BUFFER_SIZE,0); 
                NdisFreeBuffer(pLookAheadBuffer); 
                NdisDprFreePacket(LookAheadPacket); 
                NdisFreeMemory(pLaterContent,BUFFER_SIZE,0); 
                NdisFreeBuffer(pLaterBuffer); 
                break; 
            } 

 
            NdisChainBufferAtFront(LaterPacket,pLaterBuffer); 
            LaterPacket->Private.Head->Next=NULL; 
            LaterPacket->Private.Tail=NULL; 

 
            NDIS_SET_PACKET_HEADER_SIZE(LaterPacket,HeaderBufferSize); 

 
            ////////////////////////////组包接收后续数据V////////////////////////////////// 

 
            //将先接到的数据包连接到后收到的数据包上 
            Rsvd=(PRECV_RSVD)(LaterPacket->MiniportReserved); 
            Rsvd->OriginalPkt=(PNDIS_PACKET)LookAheadPacket; 
             
            //接收后续数据             
            NdisTransferData(&Status,pAdapt->BindingHandle,MacReceiveContext,LookAheadBufferSize,PacketSize-LookAheadBufferSize,LaterPacket,&BytesTransferred); 
             
            if(Status!=NDIS_STATUS_PENDING) 
            { 
                DBGPRINT(("NdisTransferData != NDIS_STATUS_PENDING")); 
                PtTransferDataComplete((NDIS_HANDLE)pAdapt,LaterPacket,Status,BytesTransferred); 
            } 
            break; 
        } 
        ///////////////////////收包截获V///////////////////////////////////////////////////  
        pAdapt->IndicateRcvComplete = TRUE; 
        switch (pAdapt->Medium) 
        { 
          case NdisMedium802_3: 
          case NdisMediumWan: 
             NdisMEthIndicateReceive(pAdapt->MiniportHandle, 
                                             MacReceiveContext, 
                                             HeaderBuffer, 
                                             HeaderBufferSize, 
                                             LookAheadBuffer, 
                                             LookAheadBufferSize, 
                                             PacketSize); 
             break; 

 
          case NdisMedium802_5: 
             NdisMTrIndicateReceive(pAdapt->MiniportHandle, 
                                            MacReceiveContext, 
                                            HeaderBuffer, 
                                            HeaderBufferSize, 
                                            LookAheadBuffer, 
                                            LookAheadBufferSize, 
                                            PacketSize); 
             break; 

 
          case NdisMediumFddi: 
             NdisMFddiIndicateReceive(pAdapt->MiniportHandle, 
                                              MacReceiveContext, 
                                              HeaderBuffer, 
                                              HeaderBufferSize, 
                                              LookAheadBuffer, 
                                              LookAheadBufferSize, 
                                              PacketSize); 
             break; 

 
          default: 
             ASSERT(FALSE); 
             break; 
        } 

 
    } while(FALSE); 

 
    return Status; 
}


[ 本帖最后由 东海一鱼 于 2009-8-18 08:11 编辑 ]
收到的鲜花
  • zklhp2009-08-19 18:27 送鲜花  50朵   附言:我很赞同

举世而誉之而不加劝,举世而非之而不加沮,定乎内外之分,辩乎荣辱之境,斯已矣。彼其于世未数数然也。
2009-08-18 07:31
东海一鱼
Rank: 13Rank: 13Rank: 13Rank: 13
等 级:贵宾
威 望:48
帖 子:757
专家分:4760
注 册:2009-8-10
收藏
得分:0 
拆得麻烦死了。就贴这末多吧。

举世而誉之而不加劝,举世而非之而不加沮,定乎内外之分,辩乎荣辱之境,斯已矣。彼其于世未数数然也。
2009-08-18 07:36
爱号者
Rank: 2
等 级:论坛游民
帖 子:6
专家分:20
注 册:2009-9-3
收藏
得分:0 
Documents and Settings\SQWB\桌面\bc53b-20090902-sp6\20090902-sp6
2009-09-03 13:23
yeyang
Rank: 1
等 级:新手上路
帖 子:2
专家分:0
注 册:2015-4-1
收藏
得分:0 
2015-05-24 11:39
yeyang
Rank: 1
等 级:新手上路
帖 子:2
专家分:0
注 册:2015-4-1
收藏
得分:0 
说我想要做一个局域网内部的ARP防火墙,可以给点意见吗?
2015-05-24 17:13
快速回复:请教一下,如何做一个截获报文并修改报文的小软件?(编辑HTTP Reques ...
数据加载中...
 
   



关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.037498 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved