英超

VB6中使用Winsock穿越各种代理的实现2

2019-09-11 09:55:59来源:励志吧0次阅读

可见,对于返回信息,只须判断第二字节是否为00.若为 00 连接成功,剩下的操作和直连一样,Winsock可直接用SendData 和 GetData 发送\接受数据.  下面介绍需要验证用户名/密码的socks5穿透

第一步还是发送三个字节,只是内容有变,展开来写为: 05 01 02

服务器返回信息也有所不同,正确的返回为 05 02

成功后发送用户/密码信息,请看RFC 说明:

Once the SOCKS V5 server has started, and the client has selected the

Username/Password Authentication protocol, the Username/Password

subnegotiation begins. This begins with the client producing a

Username/Password request:

+----+------+----------+------+----------+

VER | ULEN | UNAME | PLEN | PASSWD

+----+------+----------+------+----------+

1 | 1 | 1 to 255 | 1 | 1 to 255

+----+------+----------+------+----------+

The VER field contains the current version of the subnegotiation,

which is X'01'. The ULEN field contains the length of the UNAME field

that follows. The UNAME field contains the username as known to the

source operating system. The PLEN field contains the length of the

PASSWD field that follows. The PASSWD field contains the password

association with the given UNAME.

The server verifies the supplied UNAME and PASSWD, and sends the

following response:

+----+--------+

VER | STATUS

+----+--------+

1 | 1

+----+--------+

A STATUS field of X'00' indicates success. If the server returns a

`failure' (STATUS value other than X'00') status, it MUST close the

connection.

关于我是怎么把16进制码换成10进制的,请自己看程序

最后,接受服务器返回数据,看RFC:

+----+-----+-------+------+----------+----------+

VER | REP | RSV | ATYP | BND.ADDR | BND.PORT

+----+-----+-------+------+----------+----------+

1 | 1 | X'00' | 1 | Variable | 2

+----+-----+-------+------+----------+----------+

Where:

o VER protocol version: X'05' ------------ 固定 05

o REP Reply field:

o X'00' succeeded ------------ 若为 00 成功 其余可以都看成失败

o X'01' general SOCKS server failure

o X'02' connection not allowed by ruleset

o X'03' Network unreachable

o X'04' Host unreachable

o X'05' Connection refused

o X'06' TTL expired

o X'07' Command not supported

o X'08' Address type not supported

o X'09' to X'FF' unassigned

o RSV RESERVED

o ATYP address type of following address

o IP V4 address: X'01'

o DOMAINNAME: X'03'

o IP V6 address: X'04'

o BND.ADDR server bound address

o BND.PORT server bound port in network octet order

Fields marked RESERVED (RSV) must be set to X'00'.

可见,对于返回信息,只须判断第二字节是否为00.若为 00 连接成功,剩下的操作和直连一样,Winsock可直接用SendData 和 GetData 发送\接受数据.

下面介绍需要验证用户名/密码的socks5穿透

第一步还是发送三个字节,只是内容有变,展开来写为: 05 01 02

服务器返回信息也有所不同,正确的返回为 05 02

成功后发送用户/密码信息,请看RFC 说明:

Once the SOCKS V5 server has started, and the client has selected the

Username/Password Authentication protocol, the Username/Password

subnegotiation begins. This begins with the client producing a

Username/Password request:

+----+------+----------+------+----------+

VER | ULEN | UNAME | PLEN | PASSWD

+----+------+----------+------+----------+

1 | 1 | 1 to 255 | 1 | 1 to 255

+----+------+----------+------+----------+

The VER field contains the current version of the subnegotiation,

which is X'01'. The ULEN field contains the length of the UNAME field

that follows. The UNAME field contains the username as known to the

source operating system. The PLEN field contains the length of the

PASSWD field that follows. The PASSWD field contains the password

association with the given UNAME.

The server verifies the supplied UNAME and PASSWD, and sends the

following response:

+----+--------+

VER | STATUS

+----+--------+

1 | 1

+----+--------+

A STATUS field of X'00' indicates success. If the server returns a

`failure' (STATUS value other than X'00') status, it MUST close the

connection.

即 发送 01 + 用户名长度(一字节) + 转换成16进制码的用户名 + 密码长度(一字节) + 转换成16进制码的密码,关于如何把用户名和密码转换为10进制Byte数组,请自己看程序.

然后服务器返回两个字节的信息,只须判断第二字节,00 为成功,其余为失败.

剩下的步骤和无用户名密码校验是一样的,即

发送 05 01 00 01 + 目的地址(4字节) + 目的端口(2字节),目的地址和端口都是16进制码(不是字符串)。

例202.103.190.27 - 7201

则发送的信息为:05 01 00 01 CA 67 BE 1B 1C 21

(CA=202 67=103 BE=190 1B=27 1C21=7201)

关于我是怎么把16进制码换成10进制的,请自己看程序

最后接受服务器返回信息.对于返回信息,只须判断第二字节是否为00.若为 00 连接成功,剩下的操作和直连一样,Winsock可直接用SendData 和 GetData 发送\接受数据.

socks4的TCP穿透(事实上,socks4只支持TCP穿透)

无用户名/密码验证

请看 RFC 说明

1) CONNECT

The client connects to the SOCKS server and sends a CONNECT request when

it wants to establish a connection to an application server. The client

includes in the request packet the IP address and the port number of the

destination host, and userid, in the following format.

+----+----+----+----+----+----+----+----+----+----+....+----+

VN | CD | DSTPORT | DSTIP | USERID |NULL

+----+----+----+----+----+----+----+----+----+----+....+----+

1 1 2 4 variable 1

VN is the SOCKS protocol version number and should be 4. CD is the

SOCKS command code and should be 1 for CONNECT request. NULL is a byte

of all zero bits.

我们首先还是连接服务器,然后根据RFC的格式发送数据给服务器.由于是无用户密码验证,我们需要发送9个字节的数据,展开写为 04 01 + 目标端口(2字节) + 目标IP(4字节) + 00,奇怪的是,表中的USERID部分似乎是没有用的,我参照过大量的C++代码,代码中都没有体现该部分.

至于如何转换目标端口和IP为相应的Byte数组,请自己看示例程序.消息发出后,服务器会返回信息,格式如下:

+----+----+----+----+----+----+----+----+

VN | CD | DSTPORT | DSTIP

+----+----+----+----+----+----+----+----+

1 1 2 4

VN is the version of the reply code and should be 0. CD is the result

code with one of the following values:

90: request granted -------------- 成功

91: request rejected or failed -------------- 失败

92: request rejected becasue SOCKS server cannot connect to

identd on the client

93: request rejected because the client program and identd

report different user-ids

The remaining fields are ignored.

幼儿流鼻血是什么原因
阴部肿痛瘙痒怎么办
3个月宝宝咳嗽怎么办
小便结束有刺痛感啥原因
分享到: