I've seen examples and sample code of WinDivert being used to modify properties of packets like their destination addresses, for example.
我见过WinDivert的示例和示例代码,用于修改数据包的属性,例如目标地址。
But I've tried searching really hard and can't find any documentation or samples of modifying the actual payload of the packets before reinjecting them.
但我已经尝试过非常努力的搜索,并且在重新注入之前找不到任何修改数据包实际有效负载的文档或示例。
Here is the code I have so far:
这是我到目前为止的代码:
HANDLE handle; // WinDivert handle
WINDIVERT_ADDRESS addr; // Packet address
char packet[MAXBUF]; // Packet buffer
UINT packetLen;
handle = WinDivertOpen("...", 0, 0, 0); // Open some filter
if (handle == INVALID_HANDLE_VALUE)
{
// Handle error
exit(1);
}
// Main capture-modify-inject loop:
while (TRUE)
{
if (!WinDivertRecv(handle, packet, sizeof(packet), &addr, &packetLen))
{
// Handle recv error
continue;
}
// Modify packet.
if (!WinDivertSend(handle, packet, packetLen, &addr, NULL))
{
// Handle send error
continue;
}
}
At the //Modify packet. Step I need to perform the payload modification. Specifically I am looking to either replace or completely overwrite the data with a new string.
在//修改数据包。步骤我需要执行有效负载修改。具体来说,我希望用新字符串替换或完全覆盖数据。
In the WinDivert documentation the only thing I could find that dealt with packet data was this method to parse packets:
在WinDivert文档中,我唯一能找到的处理数据包数据的方法是解析数据包的方法:
BOOL WinDivertHelperParsePacket(
__in PVOID pPacket,
__in UINT packetLen,
__out_opt PWINDIVERT_IPHDR *ppIpHdr,
__out_opt PWINDIVERT_IPV6HDR *ppIpv6Hdr,
__out_opt PWINDIVERT_ICMPHDR *ppIcmpHdr,
__out_opt PWINDIVERT_ICMPV6HDR *ppIcmpv6Hdr,
__out_opt PWINDIVERT_TCPHDR *ppTcpHdr,
__out_opt PWINDIVERT_UDPHDR *ppUdpHdr,
__out_opt PVOID *ppData,
__out_opt UINT *pDataLen
);
ppData: Output pointer to the packet's data/payload.
ppData:输出指向数据包数据/有效负载的指针。
However I am not sure if this would let me modify the data (maybe it does?) because it seems like it will only let me retrieve the packet data for output.
但是我不确定这是否会让我修改数据(也许它会这样做?)因为看起来它只会让我检索输出的数据包数据。
So how would I go about editing the payload?
那么我将如何编辑有效载荷呢?
2 个解决方案
#1
0
https://github.com/basil00/Divert/issues/16 Video and source user windivert.
https://github.com/basil00/Divert/issues/16视频和源用户windivert。
#2
0
If anyone in the future is looking for an extremely easy way to do this, there is a Python wrapper for WinDivert called "pydivert" which I used. It's very simple.
如果将来任何人都在寻找一种非常简单的方法来实现这一点,那么我使用的是WinDivert的Python包装器,名为“pydivert”。这很简单。
#1
0
https://github.com/basil00/Divert/issues/16 Video and source user windivert.
https://github.com/basil00/Divert/issues/16视频和源用户windivert。
#2
0
If anyone in the future is looking for an extremely easy way to do this, there is a Python wrapper for WinDivert called "pydivert" which I used. It's very simple.
如果将来任何人都在寻找一种非常简单的方法来实现这一点,那么我使用的是WinDivert的Python包装器,名为“pydivert”。这很简单。