unfortunately only w2k supports IP_HDRINC so to send raw packets under w9x one has to talk directly to the underlying layers.. question is which one? i could write a TDI client in ring0, is it also possible to use a LSP ? (like helper dll or whatever, can be used to hook winsock.dll), or any other ways that would be better? cheers..
Posted on 2001-02-12 23:08:00 by diediedie
Why do you want to send manual packets? Are you trying to write a program which sends annonymous packets? Just use Winsock, unless your attemting to hack.... then you'll have to dig deeper in layers, write your own driver or hook winsock... I read an article once on ANTI-packet bugger devices for quake servers. Apparently people would build servers to go between their computer and the network they were playing on, it would intercept all the quake packets and keep a log of where all the player in the game were then when you fired at a player it would "adjust" your shot by insert an extra packet to make it a perfect shot on the guy. People picked up on this quick and they started a whole war of anti-cheaters vs. cheaters... But essentially they would have to send a packet from the extra server as if it came from the first computer (by faking the packet headers). Anyhow I'm just rattling now... See ya, Ben
Posted on 2001-02-13 02:51:00 by cyberben
As far as I know, winsock is'nt reponsible for the construction of any IP packets.. its the transport driver (TDI). Talking directly to the transport driver in Ring 0 does'nt seem to help much either as the packets are constructed and sent to the NDIS driver after you pass the NDIS_BUFFER. So, the only 2 ways I could figure.. would be: 1.) Place a hook between TDI and the NDIS driver.. and modify the packets. 2.) Write your own cheap and nasty transport driver or IM and speak directly with NDIS. There clearly is'nt enough documentation in this area, the 98DDK keeps telling me to refer to Win2k documentation which does'nt match up. 'C' Header and masm include files such as tdi.inc/.h ndis.inc/.h refered to in the documentation don't come with the 98DDK. If anyone finds any interesting info on this subject.. please let me know. Kye. kbitossi@bigpond.net.au
Posted on 2001-02-13 08:32:00 by KyeMan
cyberben: i dont necessarly need raw packets for spoofing, just raw tcp, syn scanning in this case. ;] kyeman: but from what i know, vxd functions dont check parameters, thats done in the dll's, for example with vxd calls one can set pages above 7fffffffh to writeable whereas itfails with the api.. so i'll just try the TDI stuff 1st and if that dont work i'll go on to a NDIS ;) thanks anyway ;]
Posted on 2001-02-13 11:37:00 by diediedie