打印本文 打印本文 关闭窗口 关闭窗口
VB 从零开始编外挂(八)
作者:武汉SEO闵涛  文章来源:敏韬网  点击数4664  更新时间:2009/4/23 15:37:32  文章录入:mintao  责任编辑:mintao

--------------------------------------------------------------------------------------------------------------------------------------------------------
做外挂的人都知道,目前有两种办法制作网络游戏外挂。一种是封包式另外一种是内存式!下面就给大家制作一个抓包器,来研究一下,网络游戏的数据!

--------------------------------------------------------------------------------------------------------------------------------------------------------

Private Sub Form_Load()
CountID = 0
ExitID = False
ListView1.ColumnHeaders.Add 1, , "源 IP", 1500
ListView1.ColumnHeaders.Add 2, , "源端口", 1500
ListView1.ColumnHeaders.Add 3, , "目标 IP", 1500
ListView1.ColumnHeaders.Add 4, , "目标端口", 1500
ListView1.ColumnHeaders.Add 5, , "协议", 1500
ListView1.ColumnHeaders.Add 6, , "时间", 1500
End Sub

Private Sub Form_Unload(Cancel As Integer)
Call WCleanup(s)
Unload Me
End Sub

Private Sub ListView1_Click()
Dim coun As Long
Dim sar As String, sar3 As String
Dim sar1 As String, sar2 As String

RichTextBox1.Text = ""                      ''''清除 RichTextBox1
Dim buffer() As Byte
buffer = str

If ListView1.SelectedItem Is Nothing Then   ''''如果 ListView1 控件没有数值则提示错误
    Exit Sub
End If


''''将 buffer 的值(即通过 Recibir 接收的数据包)转换为一定格式并在 RichTextBox1 控件下显示出来
For i = 0 To resarray(ListView1.SelectedItem.Index)
    coun = coun + 1
    If Len(Hex(buffer(i))) = 1 Then
        sar = "0" & Hex(buffer(i))
    Else
        sar = Hex(buffer(i))
    End If
    
    sar3 = sar3 & sar
    
    If Asc(Chr("&h" & Hex(buffer(i)))) < 32 Then
        sar1 = "."
    Else
        sar1 = Chr("&h" & Hex(buffer(i)))
    End If
    
    sar2 = sar2 & sar1
    RichTextBox1.Text = RichTextBox1.Text & sar & " "
    
    If coun = 15 Then
        RichTextBox1.Text = RichTextBox1.Text & " |" & sar2 & vbCrLf:
        coun = 0
        sar2 = ""
        sar3 = ""
    End If
Next i

If coun < 15 Then
    r = 44 - (coun * 3) + 1
    es = String(r, Chr(32))
    RichTextBox1.Text = RichTextBox1.Text & es & " |" & sar2
End If
End Sub

Private Sub M_Clear_Click()
ListView1.ListItems.Clear
RichTextBox1.Text = ""
End Sub

''''程序开始捕捉
Private Sub M_Start_Click()
ListView1.ListItems.Clear
RichTextBox1.Text = ""
Connecting ip(hostname), MsgHwnd            ''''开始截取封包
End Sub


Private Sub M_Stop_Click()
ExitID = True                               ''''停止截取封包
End Sub

Private Sub MsgHwnd_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single)
CountID = CountID + 1
Recibir s, 1
If ExitID = True Then
    Call WCleanup(s)
    ExitID = False
    MsgBox "退出", vbOKOnly, "数据封包截取"
End If
End Sub

模块:

Option Explicit

''''WSAstartup 用来判断 Windows 所支持的 Winsock 版本,也就是初始化 Winsock DLL,其中第一个参数为你所想需要的Winsock版本!低字节为主版本,高字节为副版本!由于目前Winsock有两个版本:1.1和2.2,因此该参数可以是0x101或0x202;第二个参数是一个WSADATA结构,用于接收函数的返回信息!WSAStartup函数调用成功会返回0,否则返回非0值!
''''WSACleanup 用来关闭 Winsock,与 WSAstartup 一起使用,即 WSAstartup 也可以看为启动 Winsock
''''gethostbyname 用来返回一个关于主机信息的结构的指针
Public Declare Function WSAstartup Lib "wsock32.dll" Alias "WSAStartup" (ByVal wVersionRequired As Integer, ByRef lpWSAData As WSAdata) As Long
Public Declare Function WsACleanup Lib "wsock32.dll" Alias "WSACleanup" () As Long
Public Declare Sub CopyMemory Lib "kernel32.dll" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal length As Long)
Public Declare Function lstrlen Lib "kernel32.dll" Alias "lstrlenA" (ByVal lpString As Any) As Long
Public Declare Function lstrcpy Lib "kernel32.dll" Alias "lstrcpyA" (ByVal lpString1 As Any, ByVal lpString2 As Any) As Long
Public Declare Function inet_ntoa Lib "wsock32.dll" (ByVal addr As Long) As Long
Public Declare Function gethostname Lib "wsock32.dll" (ByVal name As String, ByVal namelen As Long) As Long
Public Declare Function gethostbyname Lib "wsock32.dll" (ByVal name As String) As Long
Public Declare Function closesocket Lib "wsock32.dll" (ByVal s As Long) As Long
Public Declare Function recv Lib "wsock32.dll" (ByVal s As Long, buf As Any, ByVal buflen As Long, ByVal flags As Long) As Long
Public Declare Function socket Lib "wsock32.dll" (ByVal af As Long, ByVal s_type As Long, ByVal protocol As Long) As Long
Public Declare Function WSAAsyncSelect Lib "wsock32.dll" (ByVal s As Long, ByVal hWnd As Long, ByVal wMsg As Long, ByVal lEvent As Long) As Long
Public Declare Function WSAIoctl Lib "ws2_32.dll" (ByVal s As Long, ByVal dwIoControlCode As Long, lpvInBuffer As Any, ByVal cbInBuffer As Long, lpvOutBuffer As Any, ByVal cbOutBuffer As Long, lpcbBytesReturned As Long, lpOverlapped As Long, lpCompletionRoutine As Long) As Long
Public Declare Function inet_addr Lib "wsock32.dll" (ByVal cp As String) As Long
Public Declare Function bind Lib "wsock32.dll" (ByVal s As Integer, addr As sockaddr, ByVal namelen As Integer) As Integer
Public Declare Function ntohs Lib "wsock32.dll" (ByVal netshort As Long) As Integer


Public Type WSAdata
    wVersion As Integer
    wHighVersion As Integer
    szDescription As String * 255
    szSystemStatus As String * 128
    iMaxSockets As Integer
    iMaxUdpDg As Integer
    lpVendorInfo As Long
End Type


''''sock 地址结构
Public Type sockaddr
    sin_family As Integer
    sin_port As Integer
    sin_addr As Long
    sin_zero As String * 8
End Type

Public Type HOSTENT
    h_name As Long
    h_aliases As Long
    h_addrtype As Integer
    h_length As Integer
    h_addr_list As Long
End Type

    
    
''''ip 头结构
Public Type ipheader
    lenver As Byte
    tos As Byte
    len As Integer
    ident As Integer
    flags As Integer
    ttl As Byte
    proto As Byte
    checksum As Integer
    sourceIP As Long
    destIP As Long
End Type


''''TCP 头结构
Public Type tcp_hdr
    th_sport As Integer
    th_dport As Integer
    th_seq As Long
    th_ack As Long
    th_lenres As Byte
    th_flag As Byte
    th_win As Integer
    th_sum As Integer
    th_urp As Integer
End Type


''''UDP 头结构
Public Type udp_hdr
    th_sport As Integer
    th_dport As Integer
    th_len As Integer
    th_sum As Integer
End Type


''''ICMP 头结构
Public

[1] [2] [3] [4] [5] [6]  下一页

打印本文 打印本文 关闭窗口 关闭窗口