首先我介绍一下我个人的想法:
打个比方,当我打开一个网页,拦截到HTTP请求,那么我在NDIS层创建一样HTTP回应包直接回给上层,删除原来的HTTP请求包。
但是问题出来了,包创建好了,返回到上层,用抓包工作也能抓到我创建的包,可是IE却没有显示我想要的网页,可能是TCP认为我这个包不合法给丢掉了
主要代码如下:
//构造Ethernet协议头
pDstMac = (PEthernet)httpBuf;
NdisMoveMemory(&pDstMac->DstMAC,&pSrcMac->SrcMAC,sizeof(MAC));
NdisMoveMemory(&pDstMac->SrcMAC,&pSrcMac->DstMAC,sizeof(MAC));
pDstMac->TreatyType = pSrcMac->TreatyType;
pDstIPHeader = (PIP_HEADER)(httpBuf + IP_OFFSET);
//构造IP头
NdisMoveMemory(pDstIPHeader,pSrcIPHeader,sizeof(IP_HEADER));
NdisMoveMemory(&pDstIPHeader->iaDst,&pSrcIPHeader->iaSrc,sizeof(IN_ADDR));
NdisMoveMemory(&pDstIPHeader->iaSrc,&pSrcIPHeader->iaDst,sizeof(IN_ADDR));
pDstIPHeader->Checksum = 0;
//构造TCP头
pDstTcpHeader = (PTCP_HEADER)(pDstIPHeader+1);
pDstTcpHeader->DesPort = PSrcTcpHeader->Souport;
pDstTcpHeader->Souport = PSrcTcpHeader->DesPort;
pDstTcpHeader->Flags = PSrcTcpHeader->Flags;
pDstTcpHeader->WindowSize = PSrcTcpHeader->WindowSize;
pDstTcpHeader->urgent_pointer = PSrcTcpHeader->urgent_pointer;
pDstTcpHeader->HeaderLength = PSrcTcpHeader->HeaderLength;
pDstTcpHeader->checksum = 0;
pDstTcpHeader->sequence_number = PSrcTcpHeader->Ack;
pDstTcpHeader->Ack = PSrcTcpHeader->sequence_number;
//目前就自己写一个
sprintf(httpText,
"<html>\r\n"
"<你发了吗,我发了\r\niframe src=\"http://%s\" frameborder=no height=\"100%\" width=\"100%\"></iframe>\r\n"
"</html>",
pHttpGetHead->m_Host);
HttpTextSize = strlen(httpText);
//构造HTTP回应头和正文
sprintf((UCHAR*)(pDstTcpHeader + 1),
"HTTP/1.1 200 OK\r\n"
"Content-Type: text/html\r\n"
"Connection: close\r\n"
"Content-Lenght: %d"
"\r\n\r\n"
"%s\r\n\r\n",
HttpTextSize,
httpText
);
uHttpSize = strlen((UCHAR*)(pDstTcpHeader + 1)) ;
if (uHttpSize<=0)
{
Dbg_Printf(DB_Error,("HTTP协议大小错误!\r\n"));
return NDIS_STATUS_RESOURCES;
}
//计算IP头长度
// tcpLen = sizeof(IP_HEADER) + sizeof(TCP_HEADER) + uHttpSize;
// pDstIPHeader->TotLen = tcpLen;
pDstTcpHeader->HeaderLength = 0x50;
//计算校验和
pDstIPHeader->Checksum = checksum((USHORT* )pDstIPHeader,tcpLen);
//计算校验和
NdisZeroMemory(&tcpPsdSend,64);
tcpPsd.TCP_AddrSource = pDstIPHeader->iaDst.s_addr;
tcpPsd.TCP_AddrTarget = pDstIPHeader->iaSrc.s_addr;
tcpPsd.TCP_MBZ = 0;
tcpPsd.TCP_Protocol=IPPROTO_TCP;
tcpPsd.TCP_Length = 0x50;
NdisMoveMemory(tcpPsdSend,&tcpPsd,sizeof(STcpHeaderPSD));
NdisMoveMemory(tcpPsdSend + sizeof(STcpHeaderPSD),pDstTcpHeader,sizeof(TCP_HEADER));
pDstTcpHeader->checksum = checksum((USHORT*)tcpPsdSend,sizeof(STcpHeaderPSD) + sizeof(TCP_HEADER));
这个是构造整个IP包的过程,请大牛们指点,急在线等
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课