HanDs
NO.2

[Delphi文章] 编写IIS过滤器实例 





学习中请遵循国家相关法律法规,黑客不作恶。没有网络安全就没有国家安全

本站需要登陆后才能查看

Library BaGuaIISFilter;

uses
   SysUtils,
   Windows,Messages;

const
     HTTP_FILTER_MAJOR           = 1; { major version of this spec }
     HTTP_FILTER_MINOR           = 0; { minor version of this spec }
     SF_MAX_USERNAME             = 257;
     SF_MAX_PASSWORD             = 257;
     SF_MAX_FILTER_DESC_LEN      = 257;

{ SF_STATUS_TYPE }
     SF_STATUS_TYPE                      = $8000000;   { base value }
     SF_STATUS_REQ_FINISHED              = SF_STATUS_TYPE;
     SF_STATUS_REQ_FINISHED_KEEP_CONN    = SF_STATUS_TYPE + 1;
     SF_STATUS_REQ_NEXT_NOTIFICATION     = SF_STATUS_TYPE + 2;
     SF_STATUS_REQ_HANDLED_NOTIFICATION = SF_STATUS_TYPE + 3;
     SF_STATUS_REQ_ERROR                 = SF_STATUS_TYPE + 4;
     SF_STATUS_REQ_READ_NEXT             = SF_STATUS_TYPE + 5;

     SF_NOTIFY_SECURE_PORT               = $00000001;
     SF_NOTIFY_NONSECURE_PORT            = $00000002;
     SF_NOTIFY_READ_RAW_DATA             = $00008000;
     SF_NOTIFY_PREPROC_HEADERS           = $00004000;
     SF_NOTIFY_AUTHENTICATION            = $00002000;
     SF_NOTIFY_URL_MAP                   = $00001000;
     SF_NOTIFY_SEND_RAW_DATA             = $00000400;
     SF_NOTIFY_LOG                       = $00000200;
     SF_NOTIFY_END_OF_NET_SESSION        = $00000100;

     SF_NOTIFY_ORDER_HIGH                = $00080000;
     SF_NOTIFY_ORDER_MEDIUM              = $00040000;
     SF_NOTIFY_ORDER_LOW                 = $00020000;
     SF_NOTIFY_ORDER_DEFAULT             = SF_NOTIFY_ORDER_HIGH;
     SF_NOTIFY_ORDER_MASK                = (SF_NOTIFY_ORDER_HIGH or SF_NOTIFY_ORDER_MEDIUM or SF_NOTIFY_ORDER_LOW);

type
     PVOID = Pointer;
     LPVOID = Pointer;
     PCardinal = ^Cardinal;

     SF_REQ_TYPE = (SF_REQ_SEND_RESPONSE_HEADER, SF_REQ_ADD_HEADERS_ON_DENIAL,
                    SF_REQ_SET_NEXT_READ_SIZE, SF_REQ_SET_PROXY_INFO);

     Type
       TFuncPlaceHolder = POINTER;

     THTTP_FILTER_CONTEXT = record
       cbSize              : DWORD;
       Revision            : DWORD;
       ServerContext       : PVOID;
       ulReserved          : DWORD;
       fIsSecurePort       : BOOL;
       pFilterContext      : PVOID;
       GetServerVariable   : TFuncPlaceHolder; {TGetServerVariable;}
       AddResponseHeaders : TFuncPlaceHolder; {TAddResponseHeaders;}
       WriteClient         : TFuncPlaceHolder; {TWriteClient;}
       AllocMem            : TFuncPlaceHolder; {TAllocMem;}
       ServerSupportFunc   : TFuncPlaceHolder; {TServerSupportFunc;}
     end;
     HTTP_FILTER_CONTEXT = THTTP_FILTER_CONTEXT;
     PHTTP_FILTER_CONTEXT = ^HTTP_FILTER_CONTEXT;

     TGetServerVariable   = Function(var pfc           : THTTP_FILTER_CONTEXT;
                                        VariableName : PChar;
                                        Buffer        : LPVOID;
                                        BuffSize      : PCardinal) : BOOL;
                                        StdCall;

     TAddResponseHeaders = Function(var pfc           : THTTP_FILTER_CONTEXT;
                                        Headers       : PChar;
                                        Reserved      : DWORD) : BOOL;
                                        StdCall;

     TWriteClient         = Function(var pfc           : THTTP_FILTER_CONTEXT;
                                        Buffer        : LPVOID;
                                        dwBytes       : LPDWORD;
                                        Reserved      : DWORD) : BOOL;
                                        StdCall;

     TAllocMem            = Procedure(var pfc          : THTTP_FILTER_CONTEXT;
                                         cbSize       : DWORD;
                                         dwReserved   : DWORD);

     TServerSupportFunc = Function(var   pfc           : THTTP_FILTER_CONTEXT;
                                        sfReq         : SF_REQ_TYPE;
                                        pData         : PVOID;
                                        ul1           : DWORD;
                                        ul2           : DWORD) : BOOL;
                                        StdCall;

 

     THTTP_FILTER_RAW_DATA = record
       pvInData    : PVOID;
       cbInData    : DWORD;
       cbInBuffer : DWORD;
       dwReserved : DWORD;
     end;
     HTTP_FILTER_RAW_DATA   = THTTP_FILTER_RAW_DATA;
     PHTTP_FILTER_RAW_DATA = ^HTTP_FILTER_RAW_DATA;

     TGetHeader = Function(var pfc        : THTTP_FILTER_CONTEXT;
                               lpszName   : PChar;
                               lpvBuffer : LPVOID;
                               lpdwSize   : LPDWORD) : BOOL; StdCall;

     TSetHeader = Function(var pfc : THTTP_FILTER_CONTEXT;
                               lpszName   : PChar;
                               lpszValue : PChar) : BOOL; StdCall;

     TAddHeader = Function(var pfc : THTTP_FILTER_CONTEXT;
                               lpszName   : PChar;
                               lpszValue : PChar) : BOOL; StdCall;

 


     THTTP_FILTER_PREPROC_HEADERS = record
       GetHeader   : TGetHeader;
       SetHeader   : TSetHeader;
       AddHeader   : TAddHeader;
       dwReserved : DWORD;
     end;
     HTTP_FILTER_PREPROC_HEADERS   = THTTP_FILTER_PREPROC_HEADERS;
     PHTTP_FILTER_PREPROC_HEADERS = ^HTTP_FILTER_PREPROC_HEADERS;


     THTTP_FILTER_AUTHENT = record
       pszUser         : PChar;
       cbUserBuff      : DWORD;
       pszPassword     : PChar;
       cbPasswordBuff : DWORD;
     end;
     HTTP_FILTER_AUTHENT   = THTTP_FILTER_AUTHENT;
     PHTTP_FILTER_AUTHENT = ^HTTP_FILTER_AUTHENT;


     THTTP_FILTER_URL_MAP = record
       pszURL : PChar;
       pszPhysicalPath : PChar;
       cbPathBuff : DWORD;
     end;
     HTTP_FILTER_URL_MAP   = THTTP_FILTER_URL_MAP;
     PHTTP_FILTER_URL_MAP = ^HTTP_FILTER_URL_MAP;

     THTTP_READ_FILTER_RAW_DATA    = record

     end;
     HTTP_READ_FILTER_RAW_DATA     = THTTP_READ_FILTER_RAW_DATA;
     PHTTP_READ_FILTER_RAW_DATA    = ^HTTP_READ_FILTER_RAW_DATA;

     THTTP_FILTER_LOG = record
       pszClientHostName : PChar;
       pszClientUserName : PChar;
       pszServerName      : PChar;
       pszOperation       : PChar;
       pszTarget          : PChar;
       pszParameters      : PChar;
       dwHttpStatus       : DWORD;
       dwWin32Status      : DWORD;
     end;
     HTTP_FILTER_LOG   = THTTP_FILTER_LOG;
     PHTTP_FILTER_LOG = ^HTTP_FILTER_LOG;


     THTTP_FILTER_VERSION = record
       dwServerFilterVersion : DWORD;
       dwFilterVersion        : DWORD;
       lpszFilterDesc         : array [0..(SF_MAX_FILTER_DESC_LEN-1)] of Char;
       dwFlags                : DWORD;
     end;
     HTTP_FILTER_VERSION = THTTP_FILTER_VERSION;
     PHTTP_FILTER_VERSION = ^HTTP_FILTER_VERSION;

procedure LogInfo (aStr : PChar);
const
   LogFileName = 'c:\chtLog.txt';
Var
   ds: TCopyDataStruct;
   hd: THandle;
   OutFile : TextFile;
begin
ds.cbData := Length (aStr) + 1;
GetMem (ds.lpData, ds.cbData ); //为传递的数据区分配内存
StrCopy (ds.lpData, PChar (aStr));
Hd := FindWindow (nil, '红盟八卦阵系统'); // 获得接受窗口的句柄
if Hd <> 0 then
       SendMessage (Hd, WM_COPYDATA, 0,
           Cardinal(@ds)) // 发送WM_COPYDATA消息
else MessageBox(0,'没有发现红盟八卦阵系统!','提示',0);
   FreeMem (ds.lpData); //释放资源

   AssignFile (OutFile, LogFileName);
   If FileExists (LogFileName) then Append (OutFile) else Rewrite(OutFile);
   Writeln (OutFile, aStr);
   CloseFile (OutFile);
end;

Function GetFilterVersion(var pVer : HTTP_FILTER_VERSION) : BOOL; export; stdcall;
begin
   try
     pVer.dwFilterVersion := MAKELONG(0, 1);
     StrPCopy(pVer.lpszFilterDesc, 'IIS过滤器 - IIS保镖');
     pVer.dwFlags := (SF_NOTIFY_SECURE_PORT or SF_NOTIFY_NONSECURE_PORT or
         SF_NOTIFY_URL_MAP or SF_NOTIFY_ORDER_DEFAULT or SF_NOTIFY_READ_RAW_DATA);
     result := True;
   except
     result := False;
   end;
end;

Function HttpFilterProc(var pfc : HTTP_FILTER_CONTEXT;
                         NotificationType : DWORD;
                         pvNotification : LPVOID) : DWORD; export; stdcall;

var
   pvHTTP_FILTER_URL_MAP : HTTP_FILTER_URL_MAP;
   pvHTTP_READ_FILTER_RAW_DATA : string;
   Buffer : Array[0..1023] of Char;
   BuffSize    : DWORD;
   HisAddress : String;

function OnUrlMap : DWORD;

begin
   try
     BuffSize := 1024;
     pvHTTP_FILTER_URL_MAP :=   HTTP_FILTER_URL_MAP(pvNotification^);

     TGetServerVariable (pfc.GetServerVariable) (pfc, 'REMOTE_ADDR', @Buffer, @BuffSize);
     HisAddress := StrPas(Buffer);

     LogInfo(pchar(
             '客户IP : ' + HisAddress   +
             'URL : ' + pvHTTP_FILTER_URL_MAP.pszURL + ^M^J +
             '路径 : ' + pvHTTP_FILTER_URL_MAP.pszPhysicalPath));

     if Not CheckURL(pvHTTP_FILTER_URL_MAP.pszURL) then begin
       result := SF_STATUS_REQ_ERROR;
     end
     else begin
       result := SF_STATUS_REQ_NEXT_NOTIFICATION;
     end;
   except
     result := SF_STATUS_REQ_ERROR;
   end;
end;
function OnReadUserGet : DWORD;

begin
   try
     BuffSize := 1024;
      pvHTTP_READ_FILTER_RAW_DATA := String(pvNotification);

     TGetServerVariable (pfc.GetServerVariable) (pfc, 'REMOTE_ADDR', @Buffer, @BuffSize);
     HisAddress := StrPas(Buffer);

     LogInfo(pchar(
             '客户IP : ' + HisAddress   +
             'URL : ' + pvHTTP_READ_FILTER_RAW_DATA + ^M^J ));

      result := SF_STATUS_REQ_NEXT_NOTIFICATION;
   except
     result := SF_STATUS_REQ_ERROR;
   end;
end;

begin
   Case NotificationType of
     SF_NOTIFY_URL_MAP         : begin
                                  result := OnUrlMap;
                                end;
     SF_NOTIFY_READ_RAW_DATA   : begin
                                  result := OnReadUserGet;
                                end;

     else                        begin
                                   result := SF_STATUS_REQ_NEXT_NOTIFICATION;
                                end;
   end;
end;

exports
   HttpFilterProc,
   GetFilterVersion;

end.
 


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
编写
#1楼
发帖时间:2016-7-9   |   查看数:0   |   回复数:0
游客组