📄 再谈突破tcp-ip过滤-防火墙进入内网.txt
字号:
if(sin[0][3].sin_addr.s_addr==htonl(0))
{
cout<<"sin[0][3].sin_addr.s_addr==htonl(0)"<<endl;
istbcs=0;
memset(msgsend,0,sizeof(msgsend));
break;
}
iret=sendto(sock[0][1],msgsend,istbcs,0,(struct sockaddr *)&sin[0][3],addrlen);
if(iret==SOCKET_ERROR)
{
cout<<"Sendto sock[0][1] Error: "<<GetLastError()<<endl;
break;
}
cout<<"Thread 0 send "<<iret<<" bytes to \t"<<inet_ntoa(sin[0][3].sin_addr)<<endl;
istbcs-=iret;
}
memset(msgsend,0,sizeof(msgsend));
istbcs=0;
}
Sleep(20);
}
}
return 0;
}
DWORD WINAPI i2u(LPVOID num)
{
UNREFERENCED_PARAMETER(num);
fd_set fdread,fdwrite;
char msgrecv[maxsize]={0},msgsend[maxsize]={0};
int ret,iret,idx,istbcs=0,ileft;
DWORD dwbufferlen[10];
DWORD dwbufferinlen=1;
DWORD dwbytesreturned=0;
struct ipheader *iphdr;
struct icmpheader *icmphdr;
if((sock[1][0]=socket(AF_INET,SOCK_RAW,IPPROTO_IP))==INVALID_SOCKET)
{
cout<<"Socket sock[1][0] Error: "<<GetLastError()<<endl;
return -1;
}
if(bind(sock[1][0],(struct sockaddr *)&sin[1][1],addrlen)==SOCKET_ERROR)
{
cout<<"Bind sock[1][0] Error: "<<GetLastError()<<endl;
return -1;
}
WSAIoctl(sock[1][0],SIO_RCVALL,&dwbufferinlen,sizeof(dwbufferinlen),&dwbufferlen,sizeof(dwbufferlen),&dwbytesreturned,NULL,NULL);
iphdr=(struct ipheader *)msgrecv;
icmphdr=(struct icmpheader *)(msgrecv+sizeof(struct ipheader));
while(1)
{
FD_ZERO(&fdread);
FD_ZERO(&fdwrite);
FD_SET(sock[1][0],&fdread);
FD_SET(sock[1][1],&fdwrite);
if((ret=select(0,&fdread,&fdwrite,NULL,NULL))==SOCKET_ERROR)
{
cout<<"Select in thread 1 Error: "<<GetLastError()<<endl;
break;
}
if(ret>0)
{
if(FD_ISSET(sock[1][0],&fdread))
{
{
iret=recvfrom(sock[1][0],msgrecv,sizeof(msgrecv),0,(struct sockaddr *)&temps,&addrlen);
if(iret==SOCKET_ERROR)
{
cout<<"Recvfrom sock[1][0] Error: "<<GetLastError()<<endl;
break;
}
if(iret<=28)
{
break;
}
if((icmphdr->type!=0) || (icmphdr->code!=0) || ((icmphdr->id)!=htons(65456)) || ((icmphdr->seq)!=htons(65456)))
{
break;
}
if((sin[1][0].sin_addr.s_addr!=htonl(0)) && (sin[1][0].sin_addr.s_addr!=temps.sin_addr.s_addr))
break;
}
else if(sin[1][0].sin_addr.s_addr==htonl(0))
{
sin[1][0].sin_addr.s_addr=temps.sin_addr.s_addr;
sin[0][3].sin_addr.s_addr=temps.sin_addr.s_addr;
cout<<"sin[0][3] ==> "<<inet_ntoa(sin[0][3].sin_addr)<<endl;
}
cout<<"\nThread 1 Recv "<<iret<<" bytes from \t"<<inet_ntoa(temps.sin_addr)<<endl;
memcpy(msgsend+istbcs,msgrecv,iret);
istbcs+=iret;
memset(msgrecv,0,sizeof(msgrecv));
}
}
else if(FD_ISSET(sock[1][1],&fdwrite))
{
ileft=istbcs-28;
idx=28;
while(ileft>0)
{
iret=sendto(sock[1][1],&msgsend[idx],ileft,0,(struct sockaddr *)&sin[1][3],addrlen);
if(iret==SOCKET_ERROR)
{
cout<<"Sendto sock[1][1] Error: "<<GetLastError()<<endl;
break;
}
cout<<"Thread 1 send "<<iret<<" bytes to \t"<<inet_ntoa(sin[1][3].sin_addr)<<endl;
ileft-=iret;
idx+=iret;
}
istbcs=0;
memset(msgsend,0,sizeof(msgsend));
}
Sleep(20);
}
}
return 0;
}
int main(int argc,char *argv[])
{
WSADATA wsa;
BOOL gl;
HANDLE hthreads[2];
DWORD hthreadid[2];
struct hostent *hp;
char cname[100];
int dwret,log;
system("cls.exe");
start();
if(argc==2)
{
if(strcmp(argv[1],"-h")==0)
{
ShellExecute(NULL,"open","help.txt",NULL,NULL,SW_SHOWMAXIMIZED);
return 0;
}
else
{
usage();
return -1;
}
}
else if(argc!=4)
{
usage();
return -1;
}
if(!strcmp(argv[1],"-g"))
gl=true;
else if(!strcmp(argv[1],"-l"))
gl=false;
else
{
usage();
return -1;
}
if(WSAStartup(MAKEWORD(2,2),&wsa)!=0)
{
cout<<"WSAStartup Error: "<<GetLastError()<<endl;
return -1;
}
gethostname(cname,sizeof(cname));
hp=gethostbyname(cname);
for(int ipnum=0;hp->h_addr_list[ipnum]!=NULL;ipnum++)
sag.sin_addr=*(in_addr *)hp->h_addr_list[ipnum];
sag.sin_family=AF_INET;
sag.sin_port=htons(65456);
sal=sag;
if(ipnum>1)
sal.sin_addr=*(in_addr *)hp->h_addr_list[ipnum-2];
if(gl)
{
sin[0][0].sin_addr.s_addr=inet_addr(argv[2]);
sin[0][0].sin_family=AF_INET;
sin[0][0].sin_port=htons(8000);
sin[0][1].sin_addr.s_addr=htonl(INADDR_ANY);
sin[0][1].sin_family=AF_INET;
sin[0][1].sin_port=htons(atoi(argv[3]));
sin[0][2]=sal;
memset(&sin[0][3],0,sizeof(sin[0][3]));
sin[0][3].sin_family=AF_INET;
}
else
{
sin[0][0].sin_addr.s_addr=inet_addr("127.0.0.1");
sin[0][0].sin_family=AF_INET;
sin[0][0].sin_port=htons(4000);
sin[0][1].sin_addr.s_addr=htonl(INADDR_ANY);
sin[0][1].sin_family=AF_INET;
sin[0][1].sin_port=htons(atoi(argv[3]));
sin[0][2]=sal;
sin[0][3].sin_addr.s_addr=inet_addr(argv[2]);
sin[0][3].sin_family=AF_INET;
}
sin[1][0]=sin[0][3];
sin[1][1]=sin[0][2];
sin[1][2]=sin[0][1];
sin[1][3]=sin[0][0];
if((sock[0][0]=socket(AF_INET,SOCK_DGRAM,0))==INVALID_SOCKET)
{
cout<<"Socket sock[0][0] Error: "<<GetLastError()<<endl;
return -1;
}
if(bind(sock[0][0],(struct sockaddr *)&sin[0][1],addrlen)==SOCKET_ERROR)
{
cout<<"Bind sock[0][0] Error: "<<GetLastError()<<endl;
return -1;
}
sock[1][1]=sock[0][0];
cout<<"\n正常工作中..."<<endl;
hthreads[0]=CreateThread(NULL,0,u2i,(LPVOID)0,NULL,&hthreadid[0]);
hthreads[1]=CreateThread(NULL,0,i2u,(LPVOID)1,NULL,&hthreadid[1]);
while(1)
{
dwret=WaitForMultipleObjects(2,hthreads,false,INFINITE);
if(dwret==WAIT_FAILED)
{
cout<<"WaitForMultipleObjects Error: "<<GetLastError()<<endl;
return -1;
}
log=dwret-WAIT_OBJECT_0;
if(log==0)
{
CloseHandle(hthreads[0]);
closesocket(sock[0][1]);
hthreads[0]=CreateThread(NULL,0,u2i,(LPVOID)0,NULL,&hthreadid[0]);
}
else if(log==1)
{
CloseHandle(hthreads[1]);
closesocket(sock[1][0]);
hthreads[1]=CreateThread(NULL,0,i2u,(LPVOID)1,NULL,&hthreadid[1]);
}
else
{
for(int no1=0;no1<2;no1++)
{
CloseHandle(hthreads[no1]);
for(int no2=0;no2<2;no2++)
closesocket(sock[no1][no2]);
}
}
}
WSACleanup();
return 0;
}
本文相关软件T-QQ主要针对禁止使用QQ的网关,提供UDP,TCP及ICMP数据报转发功能,本软件同样适用于各种基于UDP协议的通信软件。其中的TCP数据报转发功能,也可以使用UDP数据报来转发TCP数据。相关软件及源代码下载地址: http://www.cshu.net/down/t-qq.rar ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -