From 8ffa2cdf8233aecf5a094820a1ce03376950a9ac Mon Sep 17 00:00:00 2001 From: Connection Refused Date: Mon, 4 Oct 2021 17:01:29 +0800 Subject: [PATCH] [Redirector] Add DNSHandler --- Redirector/Based.cpp | 14 ++--- Redirector/DNSHandler.cpp | 83 +++++++++++++++++++++++++++ Redirector/DNSHandler.h | 14 +++++ Redirector/EventHandler.cpp | 19 +++--- Redirector/EventHandler.h | 1 - Redirector/Redirector.cpp | 26 +++++++-- Redirector/Redirector.vcxproj | 2 + Redirector/Redirector.vcxproj.filters | 6 ++ Redirector/SocksHelper.cpp | 31 +++++----- Redirector/TCPHandler.h | 1 - 10 files changed, 161 insertions(+), 36 deletions(-) create mode 100644 Redirector/DNSHandler.cpp create mode 100644 Redirector/DNSHandler.h diff --git a/Redirector/Based.cpp b/Redirector/Based.cpp index a40e3ee0..0dbab44b 100644 --- a/Redirector/Based.cpp +++ b/Redirector/Based.cpp @@ -1,15 +1,15 @@ #include "Based.h" -BOOL filterLoopback = FALSE; -BOOL filterIntranet = FALSE; -BOOL filterICMP = TRUE; -BOOL filterTCP = TRUE; -BOOL filterUDP = TRUE; -BOOL filterDNS = TRUE; +bool filterLoopback = false; +bool filterIntranet = false; +bool filterICMP = true; +bool filterTCP = true; +bool filterUDP = true; +bool filterDNS = true; DWORD icmping = 0; -wstring dnsHost = L"1.1.1.1"; +string dnsHost = "1.1.1.1"; USHORT dnsPort = 443; wstring tgtHost = L"127.0.0.1"; diff --git a/Redirector/DNSHandler.cpp b/Redirector/DNSHandler.cpp new file mode 100644 index 00000000..6d6a865e --- /dev/null +++ b/Redirector/DNSHandler.cpp @@ -0,0 +1,83 @@ +#include "DNSHandler.h" + +// Noob code +// Waiting rewrite + +extern string dnsHost; +extern USHORT dnsPort; + +void ProcessPacket(ENDPOINT_ID id, SOCKADDR_IN6 target, const char* packet, int length, PNF_UDP_OPTIONS options) +{ + auto buffer = new char[1024](); + + auto tcpSocket = SocksHelper::Utils::Connect(); + if (tcpSocket != INVALID_SOCKET) + { + if (SocksHelper::Utils::Handshake(tcpSocket)) + { + SocksHelper::UDP udpConn; + udpConn.tcpSocket = tcpSocket; + + if (udpConn.Associate()) + { + if (udpConn.CreateUDP()) + { + SOCKADDR_IN6 addr; + if (inet_pton(AF_INET, dnsHost.c_str(), &addr.sin6_addr) == 1) + { + addr.sin6_family = AF_INET; + } + else if (inet_pton(AF_INET6, dnsHost.c_str(), &((PSOCKADDR_IN)&addr)->sin_addr) == 1) + { + addr.sin6_family = AF_INET6; + } + + if (addr.sin6_family == AF_INET) + { + ((PSOCKADDR_IN)&addr)->sin_port = htons(dnsPort); + } + else + { + addr.sin6_port = htons(dnsPort); + } + + if (udpConn.Send(&addr, packet, length) == length) + { + int size = udpConn.Read(NULL, buffer, sizeof(buffer)); + if (size != 0 && size != SOCKET_ERROR) + { + nf_udpPostReceive(id, (unsigned char*)&target, buffer, size, options); + } + } + } + } + } + } + + delete options; + delete[] buffer; + delete[] packet; +} + +bool DNSHandler::IsDNS(PSOCKADDR_IN6 target) +{ + if (target->sin6_family == AF_INET) + { + return ((PSOCKADDR_IN)target)->sin_port == htons(53); + } + + return target->sin6_port == htons(53); +} + +void DNSHandler::CreateHandler(ENDPOINT_ID id, PSOCKADDR_IN6 target, const char* packet, int length, PNF_UDP_OPTIONS options) +{ + SOCKADDR_IN6 remote; + auto buffer = new char[length](); + auto option = (PNF_UDP_OPTIONS)new char[sizeof(NF_UDP_OPTIONS) + options->optionsLength]; + + memcpy(&remote, target, sizeof(SOCKADDR_IN6)); + memcpy(buffer, packet, length); + memcpy(option, options, sizeof(NF_UDP_OPTIONS) + options->optionsLength - 1); + + thread(ProcessPacket, id, remote, buffer, length, option).detach(); +} diff --git a/Redirector/DNSHandler.h b/Redirector/DNSHandler.h new file mode 100644 index 00000000..e008dc1e --- /dev/null +++ b/Redirector/DNSHandler.h @@ -0,0 +1,14 @@ +#pragma once +#ifndef DNSHANDLER_H +#define DNSHANDLER_H +#include "Based.h" +#include "SocksHelper.h" + +namespace DNSHandler +{ + bool IsDNS(PSOCKADDR_IN6 target); + + void CreateHandler(ENDPOINT_ID id, PSOCKADDR_IN6 target, const char* packet, int length, PNF_UDP_OPTIONS options); +} + +#endif diff --git a/Redirector/EventHandler.cpp b/Redirector/EventHandler.cpp index 83d37c0b..a096052a 100644 --- a/Redirector/EventHandler.cpp +++ b/Redirector/EventHandler.cpp @@ -1,9 +1,12 @@ #include "EventHandler.h" +#include "DNSHandler.h" #include "TCPHandler.h" -extern BOOL filterTCP; -extern BOOL filterUDP; +extern bool filterTCP; +extern bool filterUDP; +extern bool filterDNS; + extern vector bypassList; extern vector handleList; @@ -208,24 +211,18 @@ void udpCreated(ENDPOINT_ID id, PNF_UDP_CONN_INFO info) { if (!filterUDP) { - nf_udpDisableFiltering(id); - wcout << "[Redirector][EventHandler][udpCreated][" << id << "][" << info->processId << "][!filterUDP] " << GetProcessName(info->processId) << endl; return; } if (checkBypassName(info->processId)) { - nf_udpDisableFiltering(id); - wcout << "[Redirector][EventHandler][udpCreated][" << id << "][" << info->processId << "][checkBypassName] " << GetProcessName(info->processId) << endl; return; } if (!checkHandleName(info->processId)) { - nf_udpDisableFiltering(id); - wcout << "[Redirector][EventHandler][udpCreated][" << id << "][" << info->processId << "][!checkHandleName] " << GetProcessName(info->processId) << endl; return; } @@ -247,6 +244,12 @@ void udpCanSend(ENDPOINT_ID id) void udpSend(ENDPOINT_ID id, const unsigned char* target, const char* buffer, int length, PNF_UDP_OPTIONS options) { + if (filterDNS && DNSHandler::IsDNS((PSOCKADDR_IN6)target)) + { + DNSHandler::CreateHandler(id, (PSOCKADDR_IN6)target, buffer, length, options); + return; + } + udpContextLock.lock(); if (udpContext.find(id) == udpContext.end()) { diff --git a/Redirector/EventHandler.h b/Redirector/EventHandler.h index 2548ad1e..f4bb637d 100644 --- a/Redirector/EventHandler.h +++ b/Redirector/EventHandler.h @@ -2,7 +2,6 @@ #ifndef EVENTHANDLER_H #define EVENTHANDLER_H #include "Based.h" - #include "SocksHelper.h" bool eh_init(); diff --git a/Redirector/Redirector.cpp b/Redirector/Redirector.cpp index e99df9f8..7ea60c1d 100644 --- a/Redirector/Redirector.cpp +++ b/Redirector/Redirector.cpp @@ -3,16 +3,23 @@ #include "IPEventHandler.h" #include "Utils.h" -extern BOOL filterLoopback; -extern BOOL filterIntranet; -extern BOOL filterICMP; -extern BOOL filterTCP; -extern BOOL filterUDP; +extern bool filterLoopback; +extern bool filterIntranet; +extern bool filterICMP; +extern bool filterTCP; +extern bool filterUDP; +extern bool filterDNS; + extern DWORD icmping; + +extern string dnsHost; +extern USHORT dnsPort; + extern wstring tgtHost; extern wstring tgtPort; extern string tgtUsername; extern string tgtPassword; + extern vector bypassList; extern vector handleList; @@ -69,9 +76,18 @@ extern "C" { case AIO_FILTERUDP: filterUDP = (wstring(value).find(L"false") == string::npos); break; + case AIO_FILTERDNS: + filterDNS = (wstring(value).find(L"false") == string::npos); + break; case AIO_ICMPING: icmping = atoi(ws2s(value).c_str()); break; + case AIO_DNSHOST: + dnsHost = ws2s(value); + break; + case AIO_DNSPORT: + dnsPort = (USHORT)atoi(ws2s(value).c_str()); + break; case AIO_TGTHOST: tgtHost = wstring(value); break; diff --git a/Redirector/Redirector.vcxproj b/Redirector/Redirector.vcxproj index cc3f99eb..5bf507b6 100644 --- a/Redirector/Redirector.vcxproj +++ b/Redirector/Redirector.vcxproj @@ -97,6 +97,7 @@ + @@ -105,6 +106,7 @@ + diff --git a/Redirector/Redirector.vcxproj.filters b/Redirector/Redirector.vcxproj.filters index ac2d8531..fe652d86 100644 --- a/Redirector/Redirector.vcxproj.filters +++ b/Redirector/Redirector.vcxproj.filters @@ -32,6 +32,9 @@ Source + + Source + @@ -52,5 +55,8 @@ Header + + Header + \ No newline at end of file diff --git a/Redirector/SocksHelper.cpp b/Redirector/SocksHelper.cpp index a618034f..a9a581e9 100644 --- a/Redirector/SocksHelper.cpp +++ b/Redirector/SocksHelper.cpp @@ -412,25 +412,28 @@ int SocksHelper::UDP::Read(PSOCKADDR_IN6 target, char* buffer, int length) return bufferLength; } - memset(target, 0, sizeof(SOCKADDR_IN6)); - if (buffer[3] == 0x01) + if (target != NULL) { - auto ipv4 = (PSOCKADDR_IN)target; - ipv4->sin_family = AF_INET; + memset(target, 0, sizeof(SOCKADDR_IN6)); + if (buffer[3] == 0x01) + { + auto ipv4 = (PSOCKADDR_IN)target; + ipv4->sin_family = AF_INET; - memcpy(&ipv4->sin_addr, buffer + 4, 4); - memcpy(&ipv4->sin_port, buffer + 8, 2); + memcpy(&ipv4->sin_addr, buffer + 4, 4); + memcpy(&ipv4->sin_port, buffer + 8, 2); - memcpy(buffer, buffer + 10, (ULONG64)bufferLength - 10); - } - else - { - target->sin6_family = AF_INET6; + memcpy(buffer, buffer + 10, (ULONG64)bufferLength - 10); + } + else + { + target->sin6_family = AF_INET6; - memcpy(&target->sin6_addr, buffer + 4, 16); - memcpy(&target->sin6_port, buffer + 20, 2); + memcpy(&target->sin6_addr, buffer + 4, 16); + memcpy(&target->sin6_port, buffer + 20, 2); - memcpy(buffer, buffer + 22, (ULONG64)bufferLength - 22); + memcpy(buffer, buffer + 22, (ULONG64)bufferLength - 22); + } } return bufferLength - (target->sin6_family == AF_INET ? 10 : 22); diff --git a/Redirector/TCPHandler.h b/Redirector/TCPHandler.h index 8536f7da..8c122441 100644 --- a/Redirector/TCPHandler.h +++ b/Redirector/TCPHandler.h @@ -2,7 +2,6 @@ #ifndef TCPHANDLER_H #define TCPHANDLER_H #include "Based.h" - #include "SocksHelper.h" namespace TCPHandler