Skip to content

sugarbearr/WindivertDotnet

 
 

Repository files navigation

WindivertDotnet

面向对象的WinDivertv2.2的dotnet异步封装,轻松实现网络数据拦截与修改。

1 nuget

WindivertDotnet

<PackageReference Include="WindivertDotnet" Version="1.*" /> 

2 功能介绍

  • 抓取网络数据包
  • 过滤或丢弃网络数据包
  • 嗅探网络数据包
  • 注入网络数据包
  • 修改网络数据包

3 如何使用

3.1 抓包改包

var filter = Filter.True
    .And(f => f.Network.Loopback)
    .And(f => f.Tcp.DstPort == 443)
    .And(f => f.Tcp.Ack == true);

using var divert = new WinDivert(filter, WinDivertLayer.Network);
using var packet = new WinDivertPacket();
using var addr = new WinDivertAddress();

while (true)
{
    // 读包
    await divert.RecvAsync(packet, addr);

    ProcessPacket(packet, addr); 

    // 修改后发出
    await divert.SendAsync(packet, addr);
}

static unsafe void ProcessPacket(WinDivertPacket packet, WinDivertAddress addr)
{
    // 解包
    var result = packet.GetParseResult();

    // 改包
    result.TcpHeader->DstPort = 443;

    // 重算checksums
    packet.CalcChecksums(addr);
}

3.2 注入数据包

private async Task SendEchoRequestAsync(IPAddress dstAddr)
{
    // 使用router计算将进行通讯的本机地址
    var router = new WinDivertRouter(dstAddr);
    using var addr = router.CreateAddress();
    using var packet = this.CreateIPV4EchoPacket(router.SrcAddress, router.DstAddress);

    packet.CalcChecksums(addr);     // 计算checksums,因为创建包时没有计算

    await this.divert.SendAsync(packet, addr);
}

/// <summary>
/// 创建icmp的echo包
/// </summary>
/// <param name="srcAddr"></param>
/// <param name="dstAddr"></param>
/// <returns></returns>
private unsafe WinDivertPacket CreateIPV4EchoPacket(IPAddress srcAddr, IPAddress dstAddr)
{
    // ipv4头
    var ipHeader = new IPV4Header
    {
        TTL = 128,
        Version =  IPVersion.V4,
        DstAddr = dstAddr,
        SrcAddr = srcAddr,
        Protocol = ProtocolType.Icmp,
        HdrLength = (byte)(sizeof(IPV4Header) / 4),
        Id = ++this.id,
        Length = (ushort)(sizeof(IPV4Header) + sizeof(IcmpV4Header))
    };

    // icmp头
    var icmpHeader = new IcmpV4Header
    {
        Type = IcmpV4MessageType.EchoRequest,
        Code = default,
        Identifier = ipHeader.Id,
        SequenceNumber = ++this.sequenceNumber,
    };

    // 将数据写到packet缓冲区
    var packet = new WinDivertPacket(ipHeader.Length);

    var writer = packet.GetWriter();
    writer.Write(ipHeader);
    writer.Write(icmpHeader);

    return packet;
}

About

面向对象的WinDivert的dotnet异步封装

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C# 100.0%