有一些應用環境下，比如：
某程序作者停止更新了，我們又沒有源碼，如果要繼續用程序，那就得用IP重定向功能了。

以前是可以用API HOOK和LSP來做的，現在的程序或者游戲好多都有保護，所以以前的方法不可行了，最好的辦法是用TDI及WFP驅動來實現IP重定向功能！

WFP及TDI攔截網絡數據，然后R3應用層來取得IP實現IP重定向功能。
最終就實把了把目標進程中的某個IP或者全部網絡數據，轉發到指定的IP上。

下載地址：https://download.csdn.net/download/qq1289671197/11870876

驅動加載部分：

bool InstDrvInit() {//// get the handle to sc manager//TCHAR buff[MAX_PATH];DWORD dwErrCode;LPTSTR lpErrMsg;g_schManager = OpenSCManager(NULL,NULL,SC_MANAGER_CREATE_SERVICE | SERVICE_START | SERVICE_STOP | DELETE | SC_MANAGER_ENUMERATE_SERVICE);if (g_schManager == NULL){InstDrvGetErrMsg(&dwErrCode, (LPTSTR)&lpErrMsg);wsprintf(buff, "[InstDrv]OpenSCManager failed(0x%4x)!%s", GetLastError(), lpErrMsg);SetDlgItemText(( g_hwndDlg, IDC_STATE, buff );return false;}return true; }bool InstDrvInstall(LPTSTR ServiceName,LPTSTR DriverPath) {// install the driverTCHAR buff[MAX_PATH];HANDLE hFile;SC_HANDLE schService;DWORD dwErrCode;LPTSTR lpErrMsg;hFile = CreateFile(DriverPath,GENERIC_READ,FILE_SHARE_READ | FILE_SHARE_WRITE,NULL,OPEN_EXISTING,0,0);if (hFile == INVALID_HANDLE_VALUE){SetDlgItemText(( g_hwndDlg, IDC_STATE, "[InstDrv]The file driverpath assigned do not exist!" );return false;}CloseHandle(hFile);schService = CreateService(g_schManager,ServiceName,ServiceName,SERVICE_START | SERVICE_STOP | DELETE,SERVICE_KERNEL_DRIVER,SERVICE_DEMAND_START,SERVICE_ERROR_NORMAL,DriverPath,0, 0, 0, 0, 0);if (schService == NULL){InstDrvGetErrMsg(&dwErrCode, (LPTSTR)&lpErrMsg);wsprintf(buff, "[InstDrv]CreateService failed(0x%4x)!%s", GetLastError(), lpErrMsg);SetDlgItemText(( g_hwndDlg, IDC_STATE, buff );return false;}CloseServiceHandle(schService);return true; }

驅動部分：

DriverEntry(IN PDRIVER_OBJECT driverObject,IN PUNICODE_STRING registryPath) {int i;NTSTATUS status;for (i = 0; i <= IRP_MJ_MAXIMUM_FUNCTION; i++){driverObject->MajorFunction[i] = (PDRIVER_DISPATCH)devctrl_dispatch;}driverObject->DriverUnload = driverUnload;do{status = devctrl_init(driverObject, registryPath);if (!NT_SUCCESS(status)){KdPrint((DPREFIX"devctrl_init failed, status=%x\n", status));break;}#ifdef _WPPTRACEWPP_SYSTEMCONTROL(driverObject);WPP_INIT_TRACING(devctrl_getDeviceObject(), registryPath); #endifstatus = rules_init();if (!NT_SUCCESS(status)){KdPrint((DPREFIX"rules_init failed, status=%x\n", status));break;}status = tcpctx_init();if (!NT_SUCCESS(status)){KdPrint((DPREFIX"tcpctx_init failed, status=%x\n", status));break;}status = udpctx_init();if (!NT_SUCCESS(status)){KdPrint((DPREFIX"udpctx_init failed, status=%x\n", status));break;}if (FwpmBfeStateGet() == FWPM_SERVICE_RUNNING){status = callouts_init(devctrl_getDeviceObject());if (!NT_SUCCESS(status)){KdPrint((DPREFIX"callouts_init failed, status=%x\n", status));break;}} else{status = FwpmBfeStateSubscribeChanges(devctrl_getDeviceObject(),bfeStateCallback,NULL,&g_bfeStateSunscribeHandle);if (!NT_SUCCESS(status)){KdPrint((DPREFIX"FwpmBfeStateSubscribeChanges failed, status=%x\n", status));break;}}} while (FALSE);if (!NT_SUCCESS(status)){cleanup();}return status; }

總結

以上是生活随笔為你收集整理的IP跳转,驱动级IP重定向,驱动级IP跳转,IP转向实现代码及流程!的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。