Bonjour,

Je suis entrain de créer un projet qui me permettra de récupérer certains paquets avant qu'ils soient transmis et de modifier leur contenu. Pour celà j'utilise la librairie winpKFilter.

Habituellement, développer web je ne suis pas du tout à l'aise avec le C++ mais tout de même je me suis lancé.

Les paquets que je vais faire passer dans mon filtre seront toujours des paquets à entête UDP :

Le sample tiré de la librairie WinpKFilter :

Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
/*************************************************************************/
/*				Copyright (c) 2000-2010 NT Kernel Resources.		     */
/*                           All Rights Reserved.                        */
/*                          http://www.ntkernel.com                      */
/*                           ndisrd@ntkernel.com                         */
/*                                                                       */
/* Module Name:  PassThru.cpp                                            */
/*                                                                       */
/* Abstract: Defines the entry point for the console application         */
/*                                                                       */
/*************************************************************************/
// PassThru.cpp : Defines the entry point for the console application.
//
 
#include "stdafx.h"
TCP_AdapterList		AdList;
DWORD				iIndex;
CNdisApi			api;
ETH_REQUEST			Request;
INTERMEDIATE_BUFFER PacketBuffer;
HANDLE				hEvent;
 
USHORT ntohs( USHORT netshort )
{
	PUCHAR	pBuffer;
	USHORT	nResult;
 
	nResult = 0;
	pBuffer = (PUCHAR )&netshort;
 
	nResult = ( (pBuffer[ 0 ] << 8) & 0xFF00 )
		| ( pBuffer[ 1 ] & 0x00FF );
 
	return( nResult );
}
 
void ReleaseInterface()
{
	// This function releases packets in the adapter queue and stops listening the interface
	ADAPTER_MODE Mode;
 
	Mode.dwFlags = 0;
	Mode.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
 
	// Set NULL event to release previously set event object
	api.SetPacketEvent(AdList.m_nAdapterHandle[iIndex], NULL);
 
	// Close Event
	if (hEvent)
		CloseHandle ( hEvent );
 
	// Set default adapter mode
	api.SetAdapterMode(&Mode);
 
	// Empty adapter packets queue
	api.FlushAdapterPacketQueue (AdList.m_nAdapterHandle[iIndex]);
}
 
int main(int argc, char* argv[])
{
	UINT				counter = 0;
	ether_header*		pEthHeader = NULL;
	iphdr_ptr			pIpHdr		= NULL;
	tcphdr_ptr			pTcpHdr		= NULL;
	udphdr_ptr			pUdpHdr		= NULL;
 
	if (argc < 3)
	{
		printf ("Command line syntax:\n\tPassThru.exe index num\n\tindex - network interface index.\n\tnum - number or packets to filter\n\tYou can use ListAdapters to determine correct index.\n");
		return 0;
	}
 
	iIndex = atoi(argv[1]) - 1;
	counter = atoi(argv[2]);
 
	if(!api.IsDriverLoaded())
	{
		printf ("Driver not installed on this system of failed to load.\n");
		return 0;
	}
 
	api.GetTcpipBoundAdaptersInfo ( &AdList );
 
	if ( iIndex + 1 > AdList.m_nAdapterCount )
	{
		printf("There is no network interface with such index on this system.\n");
		return 0;
	}
 
	ADAPTER_MODE Mode;
 
	Mode.dwFlags = MSTCP_FLAG_SENT_TUNNEL|MSTCP_FLAG_RECV_TUNNEL;
	Mode.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
 
	// Create notification event
	hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
 
	// Set event for helper driver
	if ((!hEvent)||(!api.SetPacketEvent((HANDLE)AdList.m_nAdapterHandle[iIndex], hEvent)))
	{
		printf ("Failed to create notification event or set it for driver.\n");
		return 0;
	}
 
	atexit (ReleaseInterface);
 
	// Initialize Request
	ZeroMemory ( &Request, sizeof(ETH_REQUEST) );
	ZeroMemory ( &PacketBuffer, sizeof(INTERMEDIATE_BUFFER) );
	Request.EthPacket.Buffer = &PacketBuffer;
	Request.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
 
	api.SetAdapterMode(&Mode);
 
	while (counter != 0)
	{
		WaitForSingleObject ( hEvent, INFINITE );
 
		while(api.ReadPacket(&Request))
		{
			counter--;
 
			if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
			{
				printf("\n%d - MSTCP --> Interface\n", counter);
			}
			else
			{
				printf("\n%d - Interface --> MSTCP\n", counter);
			}
 
			printf ("\tPacket size = %d\n", PacketBuffer.m_Length);
 
			// Get protocol headers
			pEthHeader = (ether_header*)PacketBuffer.m_IBuffer;
 
			if (ntohs(pEthHeader->h_proto) == ETH_P_IP)
			{
				pIpHdr = (iphdr*)(PacketBuffer.m_IBuffer + sizeof(ether_header));
 
				if(pIpHdr->ip_p == IPPROTO_TCP)
				{
					pTcpHdr = (tcphdr_ptr)(((PUCHAR)pIpHdr) + sizeof(DWORD)*pIpHdr->ip_hl);
				}
				else
				{
					pTcpHdr = NULL;
				}
 
				if(pIpHdr->ip_p == IPPROTO_UDP)
				{
					pUdpHdr = (udphdr_ptr)(((PUCHAR)pIpHdr) + sizeof(DWORD)*pIpHdr->ip_hl);
				}
				else
				{
					pUdpHdr = NULL;
				}
			}
 
			printf (
				"\tSource MAC:\t\t %.2X%.2X%.2X%.2X%.2X%.2X\n",
				pEthHeader->h_source[0],
				pEthHeader->h_source[1],
				pEthHeader->h_source[2],
				pEthHeader->h_source[3],
				pEthHeader->h_source[4],
				pEthHeader->h_source[5]
				);
 
			printf (
				"\tDestination MAC:\t %.2X%.2X%.2X%.2X%.2X%.2X\n",
				pEthHeader->h_dest[0],
				pEthHeader->h_dest[1],
				pEthHeader->h_dest[2],
				pEthHeader->h_dest[3],
				pEthHeader->h_dest[4],
				pEthHeader->h_dest[5]
				);
 
			if(ntohs(pEthHeader->h_proto) == ETH_P_IP)
			{
				printf("\tIP %.3d.%.3d.%.3d.%.3d --> %.3d.%.3d.%.3d.%.3d PROTOCOL: %d\n",
					pIpHdr->ip_src.S_un.S_un_b.s_b1,
					pIpHdr->ip_src.S_un.S_un_b.s_b2,
					pIpHdr->ip_src.S_un.S_un_b.s_b3,
					pIpHdr->ip_src.S_un.S_un_b.s_b4,
					pIpHdr->ip_dst.S_un.S_un_b.s_b1,
					pIpHdr->ip_dst.S_un.S_un_b.s_b2,
					pIpHdr->ip_dst.S_un.S_un_b.s_b3,
					pIpHdr->ip_dst.S_un.S_un_b.s_b4,
					pIpHdr->ip_p
					);
 
				if (pUdpHdr)
				{
					printf ("\tUDP SRC PORT: %d DST PORT: %d\n",
						ntohs(pUdpHdr->th_sport),
						ntohs(pUdpHdr->th_dport)
						);
				}
 
				if (pTcpHdr)
				{
					printf ("\tTCP SRC PORT: %d DST PORT: %d\n",
						ntohs(pTcpHdr->th_sport),
						ntohs(pTcpHdr->th_dport)
						);
				}
			}
 
			if(ntohs(pEthHeader->h_proto) == ETH_P_RARP)
				printf("\tReverse Addr Res packet\n");
 
			if(ntohs(pEthHeader->h_proto) == ETH_P_ARP)
				printf("\tAddress Resolution packet\n");
 
 
			if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
			{
				// Place packet on the network interface
				api.SendPacketToAdapter(&Request);
			}
			else
			{
				// Indicate packet to MSTCP
				api.SendPacketToMstcp(&Request);
			}
 
			if (counter == 0)
			{
				printf ("Filtering complete\n");
				break;
			}
 
		}
 
		ResetEvent(hEvent);
 
	}
 
	return 0;
}
Mon code :

Code : Sélectionner tout - Visualiser dans une fenêtre à part
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
#include "stdafx.h"
#include <iostream> 
#include <limits>
 
#undef min  
#undef max 
 
using namespace std;
 
CNdisApi			api;
TCP_AdapterList		AdList;
char				szFriendlyName[MAX_PATH*4];
ADAPTER_MODE		Mode;
DWORD				iIndex;
ETH_REQUEST			Request;
INTERMEDIATE_BUFFER PacketBuffer;
HANDLE				hEvent;
UINT				Adaptateur;
ether_header*		pEthHeader = NULL;
iphdr_ptr			pIpHdr		= NULL;
tcphdr_ptr			pTcpHdr		= NULL;
udphdr_ptr			pUdpHdr		= NULL;
 
USHORT ntohs( USHORT netshort )
{
	PUCHAR	pBuffer;
	USHORT	nResult;
 
	nResult = 0;
	pBuffer = (PUCHAR )&netshort;
 
	nResult = ( (pBuffer[ 0 ] << 8) & 0xFF00 )
		| ( pBuffer[ 1 ] & 0x00FF );
 
	return( nResult );
}
 
void ReleaseInterface()
{
	// This function releases packets in the adapter queue and stops listening the interface
	ADAPTER_MODE Mode;
 
	Mode.dwFlags = 0;
	Mode.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
 
	// Set NULL event to release previously set event object
	api.SetPacketEvent(AdList.m_nAdapterHandle[iIndex], NULL);
 
	// Close Event
	if (hEvent)
		CloseHandle ( hEvent );
 
	// Set default adapter mode
	api.SetAdapterMode(&Mode);
 
	// Empty adapter packets queue
	api.FlushAdapterPacketQueue (AdList.m_nAdapterHandle[iIndex]);
}
 
int main(int argc, char* argv[])
{
	DWORD dwMTUDec = api.GetMTUDecrement();
	DWORD dwAdapterStartupMode = api.GetAdaptersStartupMode();
 
	if(api.IsDriverLoaded())
	{
		api.GetTcpipBoundAdaptersInfo (&AdList);
 
		for (UINT i = 0; i < AdList.m_nAdapterCount; ++i)
			{
				// Windows 2000 or XP
				CNdisApi::ConvertWindows2000AdapterName((const char*)AdList.m_szAdapterNameList[i], szFriendlyName, MAX_PATH*4);
 
				cout << i+1 << " - " << szFriendlyName << endl;
			}
 
		cout << endl << "Choisissez votre adaptateur reseau : ";
 
		while (!(cin >> Adaptateur) || cin.fail() || Adaptateur > AdList.m_nAdapterCount || Adaptateur == 0)
		{
			cout << endl << endl << "Cet adaptateur reseau n'existe pas!" << endl << endl;
 
			for (UINT i = 0; i < AdList.m_nAdapterCount; ++i)
			{
				// Windows 2000 or XP
				CNdisApi::ConvertWindows2000AdapterName((const char*)AdList.m_szAdapterNameList[i], szFriendlyName, MAX_PATH*4);
 
				cout << i+1 << " - " << szFriendlyName << endl;
			}
 
			cout << endl << "Choisissez votre adaptateur reseau : ";
			cin.clear();
			cin.ignore(numeric_limits<streamsize>::max(), '\n');
		}
 
		iIndex = Adaptateur - 1;
 
                /*A PARTIR D'ICI JE SUIS COMPLETEMENT PERDU*/
 
		// Drapeaux d'écoute du mode (on enfile tous les packets qui arrive de l'adaptateur)
		Mode.dwFlags = MSTCP_FLAG_RECV_TUNNEL|MSTCP_FLAG_RECV_LISTEN;
		// Affectation de l'adaptateur au mode
		Mode.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
 
		// Créer un événement
		hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
 
		// On affecte l'événement au pilote et à l'adaptateur pour signaler que la file d'attente n'est pas vide
		if ((!hEvent)||(!api.SetPacketEvent((HANDLE)AdList.m_nAdapterHandle[iIndex], hEvent)))
		{
			cout << "Erreur lors de la creation d'un evenement passe au pilote" << endl;
			return 0;
		}
 
		atexit (ReleaseInterface);
 
		// Initialize Request
		ZeroMemory ( &Request, sizeof(ETH_REQUEST) );
		ZeroMemory ( &PacketBuffer, sizeof(INTERMEDIATE_BUFFER) );
		Request.EthPacket.Buffer = &PacketBuffer;
		Request.hAdapterHandle = (HANDLE)AdList.m_nAdapterHandle[iIndex];
 
		api.SetAdapterMode(&Mode);
 
		WaitForSingleObject ( hEvent, INFINITE );
 
		while(api.ReadPacket(&Request))
		{
			cout << "\n%d - Interface --> MSTCP\n";
 
			cout << "\tPacket size = %d\n", PacketBuffer.m_Length;
 
			// Get protocol headers
			pEthHeader = (ether_header*)PacketBuffer.m_IBuffer;
 
			if (ntohs(pEthHeader->h_proto) == ETH_P_IP)
			{
				pIpHdr = (iphdr*)(PacketBuffer.m_IBuffer + sizeof(ether_header));
 
				if(pIpHdr->ip_p == IPPROTO_UDP)
				{
					pUdpHdr = (udphdr_ptr)(((PUCHAR)pIpHdr) + sizeof(DWORD)*pIpHdr->ip_hl);
 
					cout << "OK!";
				}
				else
				{
					pUdpHdr = NULL;
				}
			}
 
			cout <<
				"\tSource MAC:\t\t %.2X%.2X%.2X%.2X%.2X%.2X\n" <<
				pEthHeader->h_source[0] <<
				pEthHeader->h_source[1] <<
				pEthHeader->h_source[2] <<
				pEthHeader->h_source[3] <<
				pEthHeader->h_source[4] <<
				pEthHeader->h_source[5]
				;
 
			cout <<
				"\tDestination MAC:\t %.2X%.2X%.2X%.2X%.2X%.2X\n" <<
				pEthHeader->h_dest[0] <<
				pEthHeader->h_dest[1] <<
				pEthHeader->h_dest[2] <<
				pEthHeader->h_dest[3] <<
				pEthHeader->h_dest[4] <<
				pEthHeader->h_dest[5]
				;
 
			if(ntohs(pEthHeader->h_proto) == ETH_P_IP)
			{
				cout <<"\tIP %.3d.%.3d.%.3d.%.3d --> %.3d.%.3d.%.3d.%.3d PROTOCOL: %d\n" <<
					pIpHdr->ip_src.S_un.S_un_b.s_b1 <<
					pIpHdr->ip_src.S_un.S_un_b.s_b2 <<
					pIpHdr->ip_src.S_un.S_un_b.s_b3 <<
					pIpHdr->ip_src.S_un.S_un_b.s_b4 <<
					pIpHdr->ip_dst.S_un.S_un_b.s_b1 <<
					pIpHdr->ip_dst.S_un.S_un_b.s_b2 <<
					pIpHdr->ip_dst.S_un.S_un_b.s_b3 <<
					pIpHdr->ip_dst.S_un.S_un_b.s_b4 <<
					pIpHdr->ip_p
					;
 
				if (pUdpHdr)
				{
					cout << "\tUDP SRC PORT: %d DST PORT: %d\n" <<
						ntohs(pUdpHdr->th_sport) <<
						ntohs(pUdpHdr->th_dport)
						;
				}
			}
 
			if(ntohs(pEthHeader->h_proto) == ETH_P_RARP)
				printf("\tReverse Addr Res packet\n");
 
			if(ntohs(pEthHeader->h_proto) == ETH_P_ARP)
				printf("\tAddress Resolution packet\n");
 
 
			if (PacketBuffer.m_dwDeviceFlags == PACKET_FLAG_ON_SEND)
			{
				// Place packet on the network interface
				api.SendPacketToAdapter(&Request);
			}
			else
			{
				// Indicate packet to MSTCP
				api.SendPacketToMstcp(&Request);
			}
 
			break;
 
		}
 
		ResetEvent(hEvent);
	}
	else
		cout << "Le pilote requis n'a pas pu etre loade ou n'est pas installe" << endl;
 
	return 0;
}
La première partie de mon code qui conciste à récupérer puis lister les adaptateurs réseau disponible et ensuite d'en choisir un pour récupérer son iIndex fonctionne parfaitement.

A partir de
Code : Sélectionner tout - Visualiser dans une fenêtre à part
iIndex = Adaptateur - 1;
je suis complètement perdu.

Merci d'avance.