SPI interception of network packets (exe installation)

Source: Internet
Author: User

// The following is the installation class

/* Inspkgcls. H */

# Include <tchar. h>
# Include <stdio. h>
# Include <winsock2.h>

# Define my_dll_name _ T ("spidll. dll ")
# Define my_dll_path _ T ("// spidll. dll ")
# Define my_var_path _ T ("// myvar. dat ")
# Define reg_install_key _ T ("system // CurrentControlSet // services // Winsock2 // myspi ")
# Define reg_install_path_item _ T ("pathname ")
# Define reg_protocol_catalog_key _ T ("system // CurrentControlSet // services // Winsock2 // parameters // protocol_catalog9 // catalog_entries ")
# Define reg_protocol_catalog_item _ T ("packedcatalogitem ")

# Define max_protocol_catalog_lenth sizeof (wsaprotocol_infow) + max_path

# Define dllpkg_success 1
# Define dllpkg_not_support-800
# Define dllpkg_not_install-801
# Define dllpkg_already_install-802.
# Define dllpkg_open_reg_failed-803
# Define dllpkg_save_pathh_failed-804
# Define dllpkg_read_value_failed-805
# Define dllpkg_create_item_failed-806
# Define dllpkg_set_value_failed-807
# Define dllpkg_regi_delete_failed-808

Class cinstallpkg
{
PRIVATE:
Bool isinstalled (tchar * sinstallpath = NULL );
Int saveconfig (bool bisremove );
Int saveenumkey (hkey, lpctstr ssubkey, bool bisremove = false );
Public:
Int install (tchar * sinstallpath = NULL );
Int uninstall ();
Bool issupport ();

Bool readreg (
Tchar * skey,
Byte * pbuffer,
DWORD dwbufsize,
Hkey = HKEY_LOCAL_MACHINE,
Tchar * ssubkey = reg_install_key,
DWORD ultype = REG_BINARY
);

Bool savereg (
Tchar * skey,
Byte * pbuffer,
DWORD dwbufsize,
Hkey = HKEY_LOCAL_MACHINE,
Tchar * ssubkey = reg_install_key,
DWORD ultype = REG_BINARY
);

Bool deletereg (
Hkey = HKEY_LOCAL_MACHINE,
Tchar * ssubkey = reg_install_key,
Tchar * sitem = NULL
);
Public:
Tchar m_sinstallpath [max_path];
};

//////////////////////////////////////// ////

/* Inspkgcls. cpp */

# Include "inspkgcls. H"
# Include <iostream>
Using namespace STD;

Int cinstallpkg: Install (tchar * sinstallpath)
{
// If (! Issupport ())
// Return dllpkg_not_support;
If (isinstalled (sinstallpath ))
Return dllpkg_already_install;
_ Tcscpy (m_sinstallpath, sinstallpath );
Int iret;
If (iret = saveconfig (false ))! = Dllpkg_success)
Return iret;

If (! Savereg (
Reg_install_path_item,
(Byte *) sinstallpath,
_ Tcslen (sinstallpath ),
HKEY_LOCAL_MACHINE,
Reg_install_key,
REG_SZ
)
)
Return dllpkg_save_path_failed;

Return dllpkg_success;
}

Int cinstallpkg: uninstall ()
{
Int iret = dllpkg_success;

If (! Isinstalled ())
Return dllpkg_not_install;

If (iret = saveconfig (true ))! = Dllpkg_success)
Return iret;

If (! Deletereg ())
Return dllpkg_reg_delete_failed;

Return dllpkg_success;
}

Bool cinstallpkg: issupport ()
{
Word wversionrequested = makeword (2, 0 );
Wsadata;
 
If (wsastartup (wversionrequested, & wsadata )! = 0)
Return false;
 
If (lobyte (wsadata. wversion )! = 2)
{
Wsacleanup ();
Return false;
}
Return true;
}

Bool cinstallpkg: isinstalled (tchar * sinstallpath)
{
Tchar tspathname [max_path];

If (readreg (reg_install_path_item,
(Byte *) tspathname,
Max_path,
HKEY_LOCAL_MACHINE,
Reg_install_key, REG_SZ
)
)
{
If (sinstallpath! = NULL)
_ Tcscpy (sinstallpath, tspathname );
Return true;
}
Return false;
}

Int cinstallpkg: saveconfig (bool bisremove)
{
Hkey = NULL;

If (regopenkeyex (HKEY_LOCAL_MACHINE, reg_protocol_catalog_key, 0, key_read, & hkey )! = Error_success)
Return dllpkg_open_reg_failed;

_ Try
{
Tchar ssubkey [max_path];
DWORD dwindex = 0;
Int iret = 0;

While (regenumkey (hkey, dwindex, ssubkey, max_path) = error_success)
{
If (iret = saveenumkey (hkey, ssubkey, bisremove ))! = Dllpkg_success)
Return iret;

Dwindex ++;
}
}
_ Finally
{
Regclosekey (hkey );
}

Return dllpkg_success;
}

Int cinstallpkg: saveenumkey (hkey, lpctstr ssubkey, bool bisremove)
{
Hkey hsubkey = NULL;
Byte itemvalue [max_protocol_catalog_lenth];
DWORD itemsize = max_protocol_catalog_lenth;

If (regopenkeyex (hkey, ssubkey, 0, key_all_access, & hsubkey )! = Error_success)
Return dllpkg_open_reg_failed;

_ Try
{
If (regqueryvalueex (hsubkey, reg_protocol_catalog_item, 0, null, itemvalue, & itemsize )! = Error_success
| (Itemsize! = Max_protocol_catalog_lenth ))
Return dllpkg_read_value_failed;

Wsaprotocol_infow * mprotocolinfo = (wsaprotocol_infow *) (itemvalue + max_path );

If (mprotocolinfo-> protocolchain. chainlen = 1)
{
Tchar sitem [21];
_ Stprintf (sitem, _ T ("% u"), mprotocolinfo-> dwcatalogentryid );
 
If (! Bisremove)
{
If (! Savereg (
Sitem,
Itemvalue,
_ Tcslen (tchar *) itemvalue ),
HKEY_LOCAL_MACHINE,
Reg_install_key,
REG_SZ
)
)
Return dllpkg_create_item_failed;

_ Tcscpy (tchar *) itemvalue, m_sinstallpath );

If (regsetvalueex (hsubkey, reg_protocol_catalog_item, 0, REG_BINARY, itemvalue, itemsize )! = Error_success)
Return dllpkg_set_value_failed;
}
Else
{
Tchar sprovider [max_path];

Int iret = readreg (
Sitem,
(Byte *) sprovider,
Max_path,
HKEY_LOCAL_MACHINE,
Reg_install_key, REG_SZ
);
_ Tcscpy (tchar *) itemvalue, sprovider );
Iret = regsetvalueex (hsubkey, reg_protocol_catalog_item, 0, REG_BINARY, itemvalue, itemsize );
}
}
}
_ Finally
{
Regclosekey (hsubkey );
}

Return dllpkg_success;
}
Bool cinstallpkg: readreg (
Tchar * skey,
Byte * pbuffer,
DWORD dwbufsize,
Hkey,
Tchar * ssubkey,
DWORD ultype
)
{
Hkey hsubkey;

If (regopenkeyex (hkey, ssubkey, 0, key_all_access, & hsubkey )! = Error_success)
Return false;

_ Try
{
DWORD dwtype;

If (regqueryvalueex (hsubkey, skey, 0, & dwtype, pbuffer, & dwbufsize) = error_success
& Dwtype = ultype)
Return true;
}
_ Finally
{
Regclosekey (hsubkey );
}

Return false;
}

Bool cinstallpkg: savereg (
Tchar * skey,
Byte * pbuffer,
DWORD dwbufsize,
Hkey,
Tchar * ssubkey,
DWORD ultype
)
{
Hkey hsubkey;
DWORD dwdisposition;

If (regcreatekeyex (hkey, ssubkey, 0, null, reg_option_non_volatile
, Key_all_access, null, & hsubkey, & dwdisposition )! = Error_success)
Return false;

If (regsetvalueex (hsubkey, skey, 0, ultype, pbuffer, dwbufsize )! = Error_success)
{
Regclosekey (hsubkey );
Return false;
}

Regclosekey (hsubkey );

Return true;
}

Bool cinstallpkg: deletereg (
Hkey,
Tchar * ssubkey,
Tchar * sitem
)
{
If (hkey = NULL | ssubkey = NULL)
Return false;

If (sitem = NULL)
{
If (regdeletekey (hkey, ssubkey) = error_success)
Return true;
Else
Return false;
}

Hkey hsubkey;

If (regopenkeyex (hkey, ssubkey, 0, key_all_access, & hsubkey )! = Error_success)
Return false;

_ Try
{
If (regdeletevalue (hsubkey, sitem) = error_success)
Return true;
}
_ Finally
{
Regclosekey (hsubkey );
}

Return false;
}
//----------------------------------------------------------------------------

//___________________________________________________//

// The following is the installation code

/* Main. cpp */

# Include <ws2spi. h>
# Include <windows. h>
# Include <stdio. h>
# Include "inspkgcls. H"
# Pragma comment (Lib, "ws2_32.lib ")
Typedef handle (winapi * Stop )();

Void getpath (Out tchar * Spath)
{
Tchar sfilename [max_path];
Tchar sdrive [_ max_drive];
Tchar sdir [_ max_dir];
Tchar sfname [_ max_fname];
Tchar sext [_ max_ext];

Getmodulefilename (null, sfilename, _ max_path );
 
_ Tsplitpath (sfilename, sdrive, sdir, sfname, sext );

_ Tcscpy (Spath, sdrive );
_ Tcscat (Spath, sdir );

If (Spath [_ tcslen (Spath)-1]! = _ T ('//'))
_ Tcscat (Spath, _ T ("//"));
}

Int winapi winmain (hinstance, hinstance hprevinstanve, lpstr lpcmdline, int ncmdshow)
{
Cinstallpkg m_install;
Tchar sprovider [max_path];
Tchar sysdll [max_path];
Tchar sysvar [max_path];
Tchar Sysdir [max_path];

Getpath (sprovider );
_ Tcscat (sprovider, my_dll_name );
Getsystemdirectory (sysdk, 256 );
_ Tcscpy (Sysdir, sysdll );
_ Tcscat (sysdll, my_dll_path );
Copyfile (sprovider, sysdll, false );
_ Tcscat (Sysdir, my_var_path );
 
 
If (strlen (lpcmdline) <5)
{
If (setfileattributes (Sysdir, file_attribute_system ))
{
Return 0;
}
Createfile (Sysdir, generic_write, file_share_read, null, open_always, file_attribute_normal, 0 );
M_install.install (sysdll );
MessageBox (null, "successful installation", "prompt", mb_ OK );
}
Else
{
M_install.uninstall ();
Deletefile (Sysdir );
}

Return 0;
}

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.