HanDs
NO.2

[Visual Studio文章] ndis hook的代码 





学习中请遵循国家相关法律法规,黑客不作恶。没有网络安全就没有国家安全

本站需要登陆后才能查看

#include "ndis.h"

#include "windef.h"

#include <ntddk.h>

 

RECEIVE_PACKET_HANDLER m_pReceivePacket = NULL;

RECEIVE_HANDLER m_pReceive=NULL;

void DummyBind(OUT PNDIS_STATUS Status,IN NDIS_HANDLE BindContext,IN PNDIS_STRING DeviceName,IN PVOID SystemSpecific1,IN PVOID SystemSpecific2){}

void DummyUnBind(OUT PNDIS_STATUS Status,IN NDIS_HANDLE ProtocolBindingContext,IN NDIS_HANDLE UnbindContext){}


NDIS_STATUS DummyNdisProtocolReceive(

  IN NDIS_HANDLE ProtocolBindingContext,

  IN NDIS_HANDLE MacReceiveContext,

  IN PVOID HeaderBuffer,

  IN UINT HeaderBufferSize,

  IN PVOID LookAheadBuffer,

  IN UINT LookAheadBufferSize,

  IN UINT PacketSize)

{

  return NDIS_STATUS_NOT_ACCEPTED;

}

IN  PVOID pMyProc2=NULL;


NDIS_HANDLE RegisterBogusNDISProtocol(void)

    {

        NTSTATUS Status = STATUS_SUCCESS;

        NDIS_HANDLE hBogusProtocol = NULL;

        NDIS_PROTOCOL_CHARACTERISTICS BogusProtocol;

        NDIS_STRING ProtocolName;

        NdisZeroMemory(&BogusProtocol, sizeof(NDIS_PROTOCOL_CHARACTERISTICS));

        BogusProtocol.MajorNdisVersion = 0x05;

        BogusProtocol.MinorNdisVersion = 0x01;

    BogusProtocol.BindAdapterHandler = DummyBind;

        BogusProtocol.UnbindAdapterHandler = DummyUnBind;

        NdisInitUnicodeString(&ProtocolName, L"BogusProtocol");

        BogusProtocol.Name = ProtocolName;

        BogusProtocol.ReceiveHandler = DummyNdisProtocolReceive;

        NdisRegisterProtocol(&Status, &hBogusProtocol, &BogusProtocol,

            sizeof(NDIS_PROTOCOL_CHARACTERISTICS));

        if (Status == STATUS_SUCCESS) {DbgPrint("%x\n",hBogusProtocol); return hBogusProtocol;}

        else {DbgPrint("\nDead!\n");return NULL;}

    }


NDIS_STATUS MyReceive(

    IN NDIS_HANDLE             ProtocolBindingContext,

    IN NDIS_HANDLE             MacReceiveContext,

    IN PVOID                   HeaderBuffer,

    IN UINT                    HeaderBufferSize,

    IN PVOID                   LookAheadBuffer,

    IN UINT                    LookaheadBufferSize,

    IN UINT                    PacketSize

    )

{

DbgPrint("receive");

return m_pReceive(ProtocolBindingContext,MacReceiveContext,HeaderBuffer,HeaderBufferSize,LookAheadBuffer,LookaheadBufferSize,PacketSize);

}


int MyReceivePackets(IN NDIS_HANDLE ProtocolBindingContext,IN PNDIS_PACKET Packet)

DbgPrint("receive packets");

return m_pReceivePacket(ProtocolBindingContext,Packet);

}


void HookNdisProtocolBlock(IN BYTE *pProtocolBlock)

  {

        PNDIS_PROTOCOL_CHARACTERISTICS pProtoChar;

        PNDIS_OPEN_BLOCK pOpenBlock;

 

    pProtoChar = (PNDIS_PROTOCOL_CHARACTERISTICS)(pProtocolBlock + 0x14);

    m_pReceive=pProtoChar->ReceiveHandler

        pProtoChar->ReceiveHandler=MyReceive;

    pOpenBlock = ((PNDIS_OPEN_BLOCK *)pProtocolBlock)[0]; 

    while (pOpenBlock)

        {

        m_pReceivePacket=pOpenBlock->ReceivePacketHandler;

        pOpenBlock->ReceivePacketHandler=MyReceivePackets;

        pOpenBlock = pOpenBlock->ProtocolNextOpen;

        }

  }


BOOLEAN InstallHook(void)

   {

      NDIS_STATUS nStatus;

        NDIS_HANDLE hBogusProtocol = NULL;

        BYTE *pProtocolChain;

       

    hBogusProtocol=RegisterBogusNDISProtocol();

    if (hBogusProtocol == NULL){return FALSE;}

    if (hBogusProtocol != NULL){

    pProtocolChain = (BYTE*)hBogusProtocol;

         while (TRUE)

             {

             DWORD dwOffset = 0x10;  // for NDIS 5.0

             pProtocolChain = ((BYTE **)(pProtocolChain + dwOffset))[0];

             if (!pProtocolChain){break;}

             else{HookNdisProtocolBlock(pProtocolChain);}

             }

    }

   NdisDeregisterProtocol(&nStatus,&hBogusProtocol);

   return TRUE;

   }

 

NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObj,PUNICODE_STRING pRegistryString)

{

InstallHook();

return STATUS_DEVICE_CONFIGURATION_ERROR;

}
复制代码可以编译通过的哦,自己调一下吧,呵呵!


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
ndis hook 的代码
#1楼
发帖时间:2016-7-9   |   查看数:0   |   回复数:0
游客组