Created
February 18, 2022 09:03
-
-
Save e673/97da046c728a2b83c0e98be1ddacb5bb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
using System; | |
using System.Collections.Generic; | |
using System.Text; | |
using System.Threading; | |
using System.Runtime.InteropServices; | |
using Microsoft.Win32.SafeHandles; | |
using System.Diagnostics; | |
using System.IO; | |
using System.Net.Sockets; | |
using System.Net; | |
namespace Hacks | |
{ | |
public class NewDllInjectHandler | |
{ | |
public NewDllInjectHandler() | |
{ | |
Thread thr = new Thread(MainThread); | |
thr.Start(); | |
} | |
#region Extern | |
[DllImport("kernel32.dll", SetLastError = true)] | |
static extern SafeFileHandle CreateNamedPipe( | |
String pipeName, | |
uint dwOpenMode, | |
uint dwPipeMode, | |
uint nMaxInstances, | |
uint nOutBufferSize, | |
uint nInBufferSize, | |
uint nDefaultTimeOut, | |
IntPtr lpSecurityAttributes); | |
[DllImport("kernel32.dll", SetLastError = true)] | |
static extern int ConnectNamedPipe( | |
SafeFileHandle hNamedPipe, | |
IntPtr lpOverlapped); | |
const uint DUPLEX = (0x00000003); | |
const uint FILE_FLAG_OVERLAPPED = (0x40000000); | |
[DllImport("kernel32.dll", SetLastError = true)] | |
static extern SafeFileHandle CreateFile( | |
String pipeName, | |
uint dwDesiredAccess, | |
uint dwShareMode, | |
IntPtr lpSecurityAttributes, | |
uint dwCreationDisposition, | |
uint dwFlagsAndAttributes, | |
IntPtr hTemplate); | |
const uint GENERIC_READ = (0x80000000); | |
const uint GENERIC_WRITE = (0x40000000); | |
const uint OPEN_EXISTING = 3; | |
const int BUFFER_SIZE = 4096; | |
#endregion | |
struct SPipe | |
{ | |
public Socket from, to; | |
} | |
private void MainThread() | |
{ | |
SafeFileHandle WaitingHandle = CreateNamedPipe(@"\\.\pipe\strans", | |
DUPLEX, | |
0, | |
255, | |
BUFFER_SIZE, | |
BUFFER_SIZE, | |
0, | |
IntPtr.Zero); | |
int success = ConnectNamedPipe(WaitingHandle, IntPtr.Zero); | |
FileStream fs = new FileStream(WaitingHandle, FileAccess.ReadWrite, BUFFER_SIZE, false); | |
BinaryReader R = new BinaryReader(fs); | |
int pid = Process.GetCurrentProcess().Id; | |
byte[] data = BitConverter.GetBytes(pid); | |
fs.Write(data, 0, 4); | |
Socket listener = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp); | |
listener.Bind(new IPEndPoint(IPAddress.Loopback, 21903)); | |
listener.Listen(10); | |
while (true) | |
{ | |
uint addr = R.ReadUInt32(); | |
int port = R.ReadInt32(); | |
int sisize = R.ReadInt32(); | |
SocketInformation si = new SocketInformation(); | |
si.ProtocolInformation = R.ReadBytes(sisize); | |
si.Options = SocketInformationOptions.Connected; | |
Socket remote = new Socket(si); | |
Socket local = listener.Accept(); | |
SPipe pipe1 = new SPipe(); | |
pipe1.from = local; | |
pipe1.to = remote; | |
SPipe pipe2 = new SPipe(); | |
pipe2.from = remote; | |
pipe2.to = local; | |
IPAddress adr = new IPAddress(addr); | |
Console.WriteLine("Intercepted to {0}:{1}", adr, port); | |
Thread thr1 = new Thread(PipeThread); | |
Thread thr2 = new Thread(PipeThread); | |
thr1.Start(pipe1); | |
thr2.Start(pipe2); | |
} | |
} | |
private void PipeThread(object pipeinfo) | |
{ | |
SPipe pipe = (SPipe)pipeinfo; | |
try | |
{ | |
byte[] buf = new byte[8192]; | |
while (true) | |
{ | |
int rcv = pipe.from.Receive(buf); | |
if (rcv == 0) | |
return; | |
int ofs = 0; | |
while (ofs < rcv) | |
{ | |
int snd = pipe.to.Send(buf, ofs, rcv - ofs, SocketFlags.None); | |
if (snd == 0) | |
return; | |
ofs += snd; | |
} | |
} | |
} | |
finally | |
{ | |
pipe.from.Shutdown(SocketShutdown.Both); | |
pipe.to.Shutdown(SocketShutdown.Both); | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment