www.pudn.com > ntsniff.zip > PACKET32.C
/*
* NtSniff by Davide Libenzi ( To rebuild NtSniff You need Microsoft SDK & DDK )
* Copyright (C) 1999 Davide Libenzi
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* Davide Libenzi
*
*/
#define UNICODE 1
#include
#include
#include
#include
#include
TCHAR szWindowTitle[] = TEXT("PACKET32.DLL");
#if DBG
#define ODS(_x) OutputDebugString(TEXT(_x))
#else
#define ODS(_x)
#endif
BOOL PacketInit(IN PVOID DllHandle, IN ULONG Reason, IN PCONTEXT Context OPTIONAL)
{
BOOLEAN Status = TRUE;
ODS("Packet32: DllEntry\n");
switch (Reason)
{
case DLL_PROCESS_ATTACH:
break;
case DLL_PROCESS_DETACH:
break;
default:
break;
}
return Status;
}
PVOID PacketOpenAdapter(LPTSTR AdapterName)
{
LPADAPTER lpAdapter;
ULONG Error;
ODS("Packet32: PacketOpenAdapter\n");
lpAdapter = (LPADAPTER) GlobalAllocPtr(
GMEM_MOVEABLE | GMEM_ZEROINIT,
sizeof(ADAPTER));
if (lpAdapter == NULL)
{
ODS("Packet32: PacketOpenAdapter GlobalAlloc Failed\n");
return NULL;
}
wsprintf(
lpAdapter->SymbolicLink,
TEXT("\\\\.\\%s"),
&AdapterName[8]);
lpAdapter->hFile = CreateFile(lpAdapter->SymbolicLink,
GENERIC_WRITE | GENERIC_READ,
0,
NULL,
OPEN_EXISTING,
FILE_FLAG_OVERLAPPED,
0);
if (lpAdapter->hFile != INVALID_HANDLE_VALUE)
return lpAdapter;
Error = GetLastError();
ODS("Packet32: PacketOpenAdapter Could not open adapter\n");
GlobalFreePtr(lpAdapter);
return NULL;
}
VOID PacketCloseAdapter(LPADAPTER lpAdapter)
{
ODS("Packet32: PacketCloseAdapter\n");
CloseHandle(lpAdapter->hFile);
GlobalFreePtr(lpAdapter);
}
PVOID PacketAllocatePacket(LPADAPTER AdapterObject)
{
LPPACKET lpPacket;
lpPacket = (LPPACKET) GlobalAllocPtr(
GMEM_MOVEABLE | GMEM_ZEROINIT,
sizeof(PACKET));
if (lpPacket == NULL)
{
ODS("Packet32: PacketAllocateSendPacket: GlobalAlloc Failed\n");
return NULL;
}
lpPacket->OverLapped.hEvent = CreateEvent(
NULL,
FALSE,
FALSE,
NULL);
if (lpPacket->OverLapped.hEvent == NULL)
{
ODS("Packet32: PacketAllocateSendPacket: CreateEvent Failed\n");
GlobalFreePtr(lpPacket);
return NULL;
}
return lpPacket;
}
VOID PacketFreePacket(LPPACKET lpPacket)
{
CloseHandle(lpPacket->OverLapped.hEvent);
GlobalFreePtr(lpPacket);
}
VOID PacketInitPacket(LPPACKET lpPacket, PVOID Buffer, UINT Length)
{
lpPacket->Buffer = Buffer;
lpPacket->Length = Length;
}
BOOL PacketSendPacket(LPADAPTER AdapterObject, LPPACKET lpPacket, BOOLEAN Sync)
{
BOOL Result;
DWORD BytesTransfered;
lpPacket->OverLapped.Offset = 0;
lpPacket->OverLapped.OffsetHigh = 0;
if (!ResetEvent(lpPacket->OverLapped.hEvent))
{
return FALSE;
}
Result = WriteFile(
AdapterObject->hFile,
lpPacket->Buffer,
lpPacket->Length,
&BytesTransfered,
&lpPacket->OverLapped);
if (Sync)
{
Result = GetOverlappedResult(
AdapterObject->hFile,
&lpPacket->OverLapped,
&BytesTransfered,
TRUE);
}
else
{
Result = TRUE;
}
return Result;
}
BOOL PacketReceivePacket(LPADAPTER AdapterObject, LPPACKET lpPacket, BOOLEAN Sync, PULONG BytesReceived)
{
BOOL Result;
lpPacket->OverLapped.Offset = 0;
lpPacket->OverLapped.OffsetHigh = 0;
if (!ResetEvent(lpPacket->OverLapped.hEvent))
{
return FALSE;
}
Result = ReadFile(
AdapterObject->hFile,
lpPacket->Buffer,
lpPacket->Length,
BytesReceived,
&lpPacket->OverLapped);
if (Sync)
{
Result = GetOverlappedResult(
AdapterObject->hFile,
&lpPacket->OverLapped,
BytesReceived,
TRUE);
}
else
{
Result = TRUE;
}
return Result;
}
BOOL PacketWaitPacket(LPADAPTER AdapterObject, LPPACKET lpPacket, PULONG BytesReceived)
{
return GetOverlappedResult(
AdapterObject->hFile,
&lpPacket->OverLapped,
BytesReceived,
TRUE
);
}
BOOL PacketResetAdapter(LPADAPTER AdapterObject)
{
UINT BytesReturned;
DeviceIoControl(
AdapterObject->hFile,
(DWORD) IOCTL_PROTOCOL_RESET,
NULL,
0,
NULL,
0,
&BytesReturned,
NULL
);
return TRUE;
}
BOOL PacketRequest(LPADAPTER AdapterObject, BOOLEAN Set, PPACKET_OID_DATA OidData)
{
UINT BytesReturned;
BOOL Result;
Result = DeviceIoControl(
AdapterObject->hFile,
(DWORD) Set ? IOCTL_PROTOCOL_SET_OID : IOCTL_PROTOCOL_QUERY_OID,
OidData,
sizeof(PACKET_OID_DATA) - 1 + OidData->Length,
OidData,
sizeof(PACKET_OID_DATA) - 1 + OidData->Length,
&BytesReturned,
NULL
);
return Result;
}
BOOL PacketSetFilter(LPADAPTER AdapterObject, ULONG Filter)
{
BOOL Status;
ULONG IoCtlBufferLength = (sizeof(PACKET_OID_DATA) + sizeof(ULONG) - 1);
PPACKET_OID_DATA OidData;
OidData = GlobalAllocPtr(
GMEM_MOVEABLE | GMEM_ZEROINIT,
IoCtlBufferLength
);
if (OidData == NULL)
{
return FALSE;
}
OidData->Oid = OID_GEN_CURRENT_PACKET_FILTER;
OidData->Length = sizeof(ULONG);
*((PULONG) OidData->Data) = Filter;
Status = PacketRequest(
AdapterObject,
TRUE,
OidData
);
GlobalFreePtr(OidData);
return Status;
}
ULONG PacketGetAdapterNames(PTSTR pStr, PULONG BufferSize)
{
HKEY SystemKey;
HKEY ControlSetKey;
HKEY ServicesKey;
HKEY NdisPerfKey;
HKEY LinkageKey;
LONG Status;
DWORD RegType;
Status = RegOpenKeyEx(
HKEY_LOCAL_MACHINE,
TEXT("SYSTEM"),
0,
KEY_READ,
&SystemKey
);
if (Status == ERROR_SUCCESS)
{
Status = RegOpenKeyEx(
SystemKey,
TEXT("CurrentControlSet"),
0,
KEY_READ,
&ControlSetKey
);
if (Status == ERROR_SUCCESS)
{
Status = RegOpenKeyEx(
ControlSetKey,
TEXT("Services"),
0,
KEY_READ,
&ServicesKey
);
if (Status == ERROR_SUCCESS)
{
Status = RegOpenKeyEx(
ServicesKey,
TEXT("PacketCap"),
0,
KEY_READ,
&NdisPerfKey
);
if (Status == ERROR_SUCCESS)
{
Status = RegOpenKeyEx(
NdisPerfKey,
TEXT("Linkage"),
0,
KEY_READ,
&LinkageKey
);
if (Status == ERROR_SUCCESS)
{
Status = RegQueryValueEx(
LinkageKey,
TEXT("Export"),
NULL,
&RegType,
(LPBYTE) pStr,
BufferSize
);
RegCloseKey(LinkageKey);
}
RegCloseKey(NdisPerfKey);
}
RegCloseKey(ServicesKey);
}
RegCloseKey(ControlSetKey);
}
RegCloseKey(SystemKey);
}
return Status;
}