📄 psmfirew.~dpr
字号:
Function recvfromCallback(s: TSocket; var Buf; len, flags: Integer; var from: TSockAddr; var fromlen: Integer): Integer; stdcall;
Var
myresult: Integer;
ip: string;
port: integer;
localport: Integer;
//HMapMutex: THandle;
Begin
try
GetIPAndPort(s,ip,port,localport);
ip:=inet_ntoa(from.sin_addr);
port:=ntohs(from.sin_port);
bRec := bRec + DWORD(len);
{
if LockMap then if (PMapData <> nil) then
Begin
PMapData^:=PMapData^ + DWORD(len);
UnlockMap;
End;
}
{
HMapMutex := CreateMutex(nil, false, pchar('PSMFirewallShareMemMutex'));
if HMapMutex <> 0 then begin
if WaitForSingleObject(HMapMutex,REQUEST_TIMEOUT) <> WAIT_FAILED then begin
PMapData^:=PMapData^ + DWORD(len);
end;
ReleaseMutex(HMapMutex);
CloseHandle(HMapMutex);
end;
}
If WriteLog(s, 'IN',ip,port,localport) then//RECF
Begin
if @recvfromNext<>nil then
myresult:=recvfromNext(s, Buf, len, flags, from, fromlen)
else
myresult:=recvfrom(s, Buf, len, flags, from, fromlen);
result:=myresult;
end
else
begin
//s:=INVALID_SOCKET; (must change Var s)
closesocket(s);
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
if @recvfromNext<>nil then RenewHook(@recvfromNext);
except
SendIpcMessage('PSMFirewall', Pchar(' Error at recvfrom()'#0),length(' Error at recvfrom()'#0) ,nil,0);
SysUtils.Beep;
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
End;
Function sendCallback(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
Var
myresult: Integer;
ip: string;
port: integer;
localport: Integer;
//HMapMutex: THandle;
Begin
try
GetIPAndPort(s,ip,port,localport);
bSen := bSen + DWORD(len);
{
if LockMap then if (PMapData <> nil) then
Begin
PMapData^:=PMapData^ + DWORD(len);
UnlockMap;
End;
}
{
HMapMutex := CreateMutex(nil, false, pchar('PSMFirewallShareMemMutex'));
if HMapMutex <> 0 then begin
if WaitForSingleObject(HMapMutex,REQUEST_TIMEOUT) <> WAIT_FAILED then begin
PMapData^:=PMapData^ + DWORD(len);
end;
ReleaseMutex(HMapMutex);
CloseHandle(HMapMutex);
end;
}
if WriteLog(s, 'OUT',ip,port,localport)then//SEN
Begin
if @sendNext<>nil then myresult:=sendNext(s, Buf, len, flags)
else myresult:=send(s, Buf, len, flags);
result:=myresult;
end
else
begin
//s:=INVALID_SOCKET; (must change Var s)
closesocket(s);
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
if @sendNext<>nil then RenewHook(@sendNext);
except
SendIpcMessage('PSMFirewall', Pchar(' Error at send()'#0),length(' Error at send()'#0) ,nil,0);
SysUtils.Beep;
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
End;
Function sendtoCallback(s: TSocket; var Buf; len, flags: Integer; var addrto: TSockAddr; tolen: Integer): Integer; stdcall;
Var
myresult: Integer;
ip: string;
port: integer;
localport: Integer;
//HMapMutex: THandle;
Begin
try
GetIPAndPort(s,ip,port,localport);
ip:=inet_ntoa(addrto.sin_addr);
port:=ntohs(addrto.sin_port);
bSen := bSen + DWORD(len);
{
if LockMap then if (PMapData <> nil) then
Begin
PMapData^:=PMapData^ + DWORD(len);
UnlockMap;
End;
}
{
HMapMutex := CreateMutex(nil, false, pchar('PSMFirewallShareMemMutex'));
if HMapMutex <> 0 then begin
if WaitForSingleObject(HMapMutex,REQUEST_TIMEOUT) <> WAIT_FAILED then begin
PMapData^:=PMapData^ + DWORD(len);
end;
ReleaseMutex(HMapMutex);
CloseHandle(HMapMutex);
end;
}
if WriteLog(s, 'OUT',ip,port,localport) then//SENT
begin
if @sendtoNext<>nil then
myresult:=sendtoNext(s, Buf, len, flags,addrto, tolen)
else
myresult:=sendto(s, Buf, len, flags,addrto, tolen);
result:=myresult;
End
else
begin
//s:=INVALID_SOCKET; (must change Var s)
closesocket(s);
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
if @sendtoNext<>nil then RenewHook(@sendtoNext);
except
SendIpcMessage('PSMFirewall', Pchar(' Error at sendto()'#0),length(' Error at sendto()'#0) ,nil,0);
SysUtils.Beep;
WSASetLastError(WSAENETDOWN);
result:= SOCKET_ERROR;
end;
End;
Function AcceptExCallback(sListenSocket, sAcceptSocket: TSocket;
lpOutputBuffer: Pointer; dwReceiveDataLength, dwLocalAddressLength,
dwRemoteAddressLength: DWORD; var lpdwBytesReceived: DWORD;
lpOverlapped: POverlapped): BOOL; stdcall;
Begin
Result:=AcceptExNext(sListenSocket, sAcceptSocket, lpOutputBuffer, dwReceiveDataLength, dwLocalAddressLength, dwRemoteAddressLength, lpdwBytesReceived, lpOverlapped);
//SendIpcMessage('PSMFirewall', Pchar(' AcceptEx'),Length(' AcceptEx'),nil,0,IGNORE, TRUE);
SendIpcMessage('PSMFirewall', Pchar(' AcceptEx'#0),Length(' AcceptEx'#0),nil,0);
End;
{
function DeviceIoControlCallback(hDevice: THandle; dwIoControlCode: DWORD; lpInBuffer: Pointer;
nInBufferSize: DWORD; lpOutBuffer: Pointer; nOutBufferSize: DWORD;
var lpBytesReturned: DWORD; lpOverlapped: POverlapped): BOOL; stdcall;
Begin
Result:=DeviceIoControlNext(hDevice, dwIoControlCode, lpInBuffer, nInBufferSize, lpOutBuffer, nOutBufferSize, lpBytesReturned, lpOverlapped);
SendIpcMessage('PSMFirewall', Pchar('hDevice#9dwIoControlCode'),Length('hDevice#9dwIoControlCode'),nil,0);
SendIpcMessage('PSMFirewall', Pchar(IntToStr(hDevice) + #9 + IntToStr(dwIoControlCode) + #9 + DllPath),Length(IntToStr(hDevice) + #9 + IntToStr(dwIoControlCode) + #9 + DllPath),nil,0);
End;
}
function gethostbynameCallback(name: PChar): PHostEnt; stdcall;
type
TAPInAddr = Array[0..4] of PInAddr;
PAPInAddr = ^TAPInAddr;
var
tmp:shortstring;
myHostEnt:PHostEnt;
pptr: PAPInAddr;
i: Integer;
begin
try
tmp:=String(name);
if @gethostbynameNext<>nil then
myHostEnt:=gethostbynameNext(name)
else
myHostEnt:=gethostbyname(name);
if myHostEnt<>nil then begin
pptr := PAPInAddr(myHostEnt^.h_addr_list );
i:=0;
while pptr^[i] <> NIL do begin
DomainName[iDomain]:=tmp;
DomainIP[iDomain]:=inet_ntoa( pptr^[i]^ );
iDomain:=(iDomain+1) mod MAX_DOMAIN_HIS;
inc(i);
if i>4 then break;
end;
end;
result:=myHostEnt;
if @gethostbynameNext<>nil then renewhook(@gethostbynameNext);
except
SendIpcMessage('PSMFirewall', Pchar(' Error at gethostbyname()'#0),length(' Error at gethostbyname()'#0) ,nil,0);
SysUtils.Beep;
result:=nil;
WSASetLastError(WSAENETDOWN);
end;
end;
{
procedure SafeDllProc(Reason: Integer);
begin
case Reason of
DLL_PROCESS_ATTACH:
SendIpcMessage('PSMFirewall', Pchar(' DLL_PROCESS_ATTACH'),length(' DLL_PROCESS_ATTACH') ,nil,0);
DLL_THREAD_ATTACH:
SendIpcMessage('PSMFirewall', Pchar(' DLL_THREAD_ATTACH'),length(' DLL_THREAD_ATTACH') ,nil,0);
DLL_THREAD_DETACH :
SendIpcMessage('PSMFirewall', Pchar(' DLL_THREAD_DETACH'),length(' DLL_THREAD_DETACH') ,nil,0);
DLL_PROCESS_DETACH :
SendIpcMessage('PSMFirewall', Pchar(' DLL_PROCESS_DETACH'),length(' DLL_PROCESS_DETACH') ,nil,0);
end;
end;
}
BEGIN
{
if not assigned(DllProc) then
DllProc := @SafeDllProc;
SafeDllProc(DLL_PROCESS_ATTACH);
}
GetModuleFileName(0,DLLPath,MAX_PATH);
//GetLongPathName(DLLPath,DLLPath,MAX_PATH);
ToLongPath(DLLPath,MAX_PATH);
StrLower(DllPath);
FillChar(DomainName,SizeOf(DomainName),' ');
FillChar(DomainIP,SizeOf(DomainIP),' ');
if not AmSystemProcess() then OpenMap else
//SendIpcMessage('PSMFirewall', Pchar(' System Process: ' + dllpath),length(' System Process: ' + dllpath),nil,0,IGNORE, TRUE);
SendIpcMessage('PSMFirewall', Pchar(' System Process: ' + dllpath + #0),length(' System Process: ' + dllpath + #0),nil,0);
//DONT_COUNT//Add to App?
LoadRules();
CollectHooks();
if not HookAPI('WSOCK32.DLL', 'accept', @acceptCallback, @acceptNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.accept'#0),length(' Er HookAPI: WSOCK32.dll.accept'#0),nil,0);
if not HookAPI('WSOCK32.DLL', 'connect', @connectCallback, @connectNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.connect'#0),length(' Er HookAPI: WSOCK32.dll.connect'#0),nil,0);
if not HookAPI('WSOCK32.DLL', 'recv', @recvCallback, @recvNext)then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.recv'#0),length(' Er HookAPI: WSOCK32.dll.recv'#0),nil,0);
if not HookAPI('WSOCK32.DLL', 'recvfrom', @recvfromCallback, @recvfromNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.recvfrom'#0),length(' Er HookAPI: WSOCK32.dll.recvfrom'#0),nil,0);
if not HookAPI('WSOCK32.DLL', 'send', @sendCallback, @sendNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.send'#0),length(' Er HookAPI: WSOCK32.dll.send'#0),nil,0);
if not HookAPI('WSOCK32.DLL', 'sendto', @sendtoCallback, @sendtoNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.sendto'#0),length(' Er HookAPI: WSOCK32.dll.sendto'#0),nil,0);
if not HookAPI('WSOCK32.DLL', 'AcceptEx', @AcceptExCallback, @AcceptExNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.AcceptEx'#0),length(' Er HookAPI: WSOCK32.dll.AcceptEx'#0),nil,0);
if not HookAPI('WSOCK32.DLL', 'gethostbyname', @gethostbynameCallback, @gethostbynameNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: WSOCK32.dll.gethostbyname'#0),length(' Er HookAPI: WSOCK32.dll.gethostbyname'#0),nil,0);
if not HookAPI('ws2_32.dll', 'accept', @acceptCallback, @acceptNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.accept'#0),length(' Er HookAPI: ws2_32.dll.accept'#0),nil,0);
if not HookAPI('ws2_32.dll', 'connect', @connectCallback, @connectNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.connect'#0),length(' Er HookAPI: ws2_32.dll.connect'#0),nil,0);
if not HookAPI('ws2_32.dll', 'recv', @recvCallback, @recvNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.recv'#0),length(' Er HookAPI: ws2_32.dll.recv'#0),nil,0);
if not HookAPI('ws2_32.dll', 'recvfrom', @recvfromCallback, @recvfromNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.recvfrom'#0),length(' Er HookAPI: ws2_32.dll.recvfrom'#0),nil,0);
if not HookAPI('ws2_32.dll', 'send', @sendCallback, @sendNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.send'#0),length(' Er HookAPI: ws2_32.dll.send'#0),nil,0);
if not HookAPI('ws2_32.dll', 'sendto', @sendtoCallback, @sendtoNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.sendto'#0),length(' Er HookAPI: ws2_32.dll.sendto'#0),nil,0);
if not HookAPI('ws2_32.dll', 'AcceptEx', @AcceptExCallback, @AcceptExNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.AcceptEx'#0),length(' Er HookAPI: ws2_32.dll.AcceptEx'#0),nil,0);
if not HookAPI('ws2_32.DLL', 'gethostbyname', @gethostbynameCallback, @gethostbynameNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: ws2_32.dll.gethostbyname'#0),length(' Er HookAPI: ws2_32.dll.gethostbyname'#0),nil,0);
{
if not HookAPI('mswsock.dll', 'accept', @acceptCallback, @acceptNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: mswsock.dll.accept'#0),length(' Er HookAPI: mswsock.dll.accept'#0),nil,0);
if not HookAPI('mswsock.dll', 'connect', @connectCallback, @connectNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: mswsock.dll.connect'#0),length(' Er HookAPI: mswsock.dll.connect'#0),nil,0);
if not HookAPI('mswsock.dll', 'recv', @recvCallback, @recvNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: mswsock.dll.recv'#0),length(' Er HookAPI: mswsock.dll.recv'#0),nil,0);
if not HookAPI('mswsock.dll', 'recvfrom', @recvfromCallback, @recvfromNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: mswsock.dll.recvfrom'#0),length(' Er HookAPI: mswsock.dll.recvfrom'#0),nil,0);
if not HookAPI('mswsock.dll', 'send', @sendCallback, @sendNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: mswsock.dll.send'#0),length(' Er HookAPI: mswsock.dll.send'#0),nil,0);
if not HookAPI('mswsock.dll', 'sendto', @sendtoCallback, @sendtoNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: mswsock.dll.sendto'#0),length(' Er HookAPI: mswsock.dll.sendto'#0),nil,0);
if not HookAPI('mswsock.dll', 'AcceptEx', @AcceptExCallback, @AcceptExNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: mswsock.dll.AcceptEx'#0),length(' Er HookAPI: mswsock.dll.AcceptEx'#0),nil,0);
}
//if not HookAPI('kernel32.dll', 'DeviceIoControl', @DeviceIoControlCallback, @DeviceIoControlNext) then SendIpcMessage('PSMFirewall', Pchar(' Er HookAPI: kernel32.dll.DeviceIoControl'#0),length(' Er HookAPI: kernel32.dll.DeviceIoControl'#0),nil,0);
FlushHooks();
END.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -