|
Hi, I'm trying to close connections using SetTcpEntry BUT it always returns 87!! the demo you provide works on my machine...
I can't figure out why
Can u help please?
I am using C# 2.0
:: YOU make history ::
|
|
|
|
|
use Uint32 in portNumber
((dwLocalPort >> 8) & 0xff) + ((dwLocalPort & 0xff) << 8)
:: YOU make history ::
|
|
|
|
|
I'm getting Invalid argument on WSAIoCtl in sniff.cpp in the create function, any ideas why this would be? Compiling with visual c++ 2003 on (and running on)windows 2000. Also is all you have to do to turn packet capture on enable the menu item? Thanks
|
|
|
|
|
Hi Guys,
I gave it a shot and decided to try and compile the project under Visual Studio .NET 2005 however the compiler spat up a number of errors. Has anyone ever managed to compile this project under VS 2005? If so could he/she offer any suggestions please?
Thanks,
D.
|
|
|
|
|
Compilation errors in questions ...
1>------ Build started: Project: ENetStatX, Configuration: Debug Win32 ------
1>Compiling...
1>StdAfx.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>Compiling...
1>UDPClass.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>.\UDPClass.cpp(40) : error C2248: 'CBase::m_hModuleUdp' : cannot access private member declared in class 'CBase'
1> d:\my documents\visual studio 2005\projects\enetstatx\Base.h(31) : see declaration of 'CBase::m_hModuleUdp'
1> d:\my documents\visual studio 2005\projects\enetstatx\Base.h(17) : see declaration of 'CBase'
1>TCPTable.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>.\TCPTable.cpp(40) : error C2248: 'CBase::m_hModuleTcp' : cannot access private member declared in class 'CBase'
1> d:\my documents\visual studio 2005\projects\enetstatx\Base.h(30) : see declaration of 'CBase::m_hModuleTcp'
1> d:\my documents\visual studio 2005\projects\enetstatx\Base.h(17) : see declaration of 'CBase'
1>TaskbarNotifier.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>.\Widget\TaskbarNotifier.cpp(504) : warning C4996: 'strcpy' was declared deprecated
1> C:\Program Files\Microsoft Visual Studio 8\VC\include\string.h(73) : see declaration of 'strcpy'
1> Message: 'This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_DEPRECATE. See online help for details.'
1>SystemTray.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>d:\my documents\visual studio 2005\projects\enetstatx\widget\SystemTray.h(50) : error C4430: missing type specifier - int assumed. Note: C++ does not support default-int
1>d:\my documents\visual studio 2005\projects\enetstatx\widget\SystemTray.h(50) : warning C4183: 'Create': missing return type; assumed to be a member function returning 'int'
1>SplitterBar.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>.\Widget\SplitterBar.cpp(22) : error C2440: 'static_cast' : cannot convert from 'UINT (__thiscall CSplitterBar::* )(CPoint)' to 'LRESULT (__thiscall CWnd::* )(CPoint)'
1> Cast from base to derived requires dynamic_cast or static_cast
1>SplashWnd.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>Sniff.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>Filter.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>ENetStatXDlg.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>d:\my documents\visual studio 2005\projects\enetstatx\Widget/SystemTray.h(50) : error C4430: missing type specifier - int assumed. Note: C++ does not support default-int
1>d:\my documents\visual studio 2005\projects\enetstatx\Widget/SystemTray.h(50) : warning C4183: 'Create': missing return type; assumed to be a member function returning 'int'
1>ENetStatX.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>d:\my documents\visual studio 2005\projects\enetstatx\Widget/SystemTray.h(50) : error C4430: missing type specifier - int assumed. Note: C++ does not support default-int
1>d:\my documents\visual studio 2005\projects\enetstatx\Widget/SystemTray.h(50) : warning C4183: 'Create': missing return type; assumed to be a member function returning 'int'
1>ConnContainer.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>.\ConnContainer.cpp(49) : warning C4018: '<' : signed/unsigned mismatch
1>.\ConnContainer.cpp(80) : warning C4018: '<' : signed/unsigned mismatch
1>.\ConnContainer.cpp(97) : warning C4018: '<' : signed/unsigned mismatch
1>Base.cpp
1> WINVER not defined. Defaulting to 0x0502 (Windows Server 2003)
1>Generating Code...
1>Build log was saved at "file://d:\My Documents\Visual Studio 2005\Projects\enetstatx\Debug\BuildLog.htm"
1>ENetStatX - 6 error(s), 7 warning(s)
========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ==========
|
|
|
|
|
Hi,
I like to know how to block or allow the packets so that it can act as a firewall.
Kindly help me.
Thanks and Regards
VSS
|
|
|
|
|
In windows 2k, xp, 2003, we can do this work easy, by using NTDDK
But in win98, this method is not ok.
I know have one way, but i havn't found solution (source code)
if u have, please show me!
Thanks very much!
|
|
|
|
|
Hmmm ... win98 ? ... I would like to know that too. You know what? Probably you can find some info regarding this issue on: http://rootkit.host.sk/ (see Open Ports) or http://www.rootkit.com/index.php
Good luck,
y0d4
"A pint of sweat, saves a gallon of blood."
- General George S. Patton (1885-1945)
|
|
|
|
|
I found JiurlPortHide
This program is good, but it's only for WinNT family, because it uses NTDDK (include ntdll.h in source), not for win98.
I'm researching solution by using LSP (Winsock 2 Layered Service Provider).
if u know more, please show me.
Thanks!
|
|
|
|
|
Hi,
I'm wondering why all items in sniff menu are grayed.
How activate it?
Friedhelm
|
|
|
|
|
Hi,
You can activate it only programmatically. This feature is not released because is not working properly and hence it uses raw sock which is not supported by default in xp sp2.
It was left as an open feature.
"A pint of sweat, saves a gallon of blood."
- General George S. Patton (1885-1945)
|
|
|
|
|
Hi i am wondering how to be notified
immediately that the connection to internet has been lost.
EG cable unplugged within IsNewConnection
|
|
|
|
|
well you can add in full path instead of just showing which exe is running Just an idea
|
|
|
|
|
I must list process and port on win98, you can show me how to do that?
Thanks very much!
|
|
|
|
|
In the Source Zip File EnetstatX_src.zip (65.079 Bytes) is not a path /res with *.bmp and *.ico files. Please can you update?
thanks
|
|
|
|
|
oops ... you can find it in the other location http://www.codeproject.com/internet/EnetstatX/EnetstatX_demo.zip
"A pint of sweat, saves a gallon of blood."
- General George S. Patton (1885-1945)
|
|
|
|
|
Gathering TCP & UDP connection:
AllocateAndGetTcpExTableFromStack is supported beginning with nt kernel version 5.x as follow:
-> winxp-5.1.2600-sp1
-> w2k3server-5.2-3790, "http://24.229.94.2/tables/exports/iphlpapi_exports.html[^]"
If you would like to run EnetstatX on win2000 you should replace:
AllocateAndGetTcpExTableFromStack with AllocateAndGetTcpTableFromStack e.q. GetTcpTable. The drawback is "no pid - process id for * tcp connection" ;(
&
AllocateAndGetUdpExTableFromStack with AllocateAndGetUdpTableFromStack e.q. GetUdpTable. The drawback is "no pid - process id for * udp connection" ;(
In this chapter we can have a different approach given by:
http://rootkit.host.sk/knowhow/hidingen.txt[^]-> 10 Ports
-> 10.1 Netstat, OpPorts on WinXP, FPort on WinXP
-> 10.2 OpPorts on Win2k and NT4, FPort on Win2k
___________________________________________________________________________________________
Packet filtering:
PfCreateInterface, PfAddFiltersToInterface,PfBindInterfaceToIPAddress, ... are supported for:
-> winme-4.90.3000
-> win2k-sp1-5.00.2195
-> winxp-5.1.2600-sp1
-> w2k3server-5.2-3790, "http://24.229.94.2/tables/exports/iphlpapi_exports.html[^]"
___________________________________________________________________________________________
Process Icon:
Replace GetProcessImageFileName which is only available in XP with
EnumProcessModules & GetModuleFileNameEx, http://www.codeproject.com/useritems/EnetstatX.asp?msg=846777#xx846777xx[^], thanks to Gabriel 2
"A pint of sweat, saves a gallon of blood."
- General George S. Patton (1885-1945)
|
|
|
|
|
Hi y0da
great work, changes got the program to come up with some errors:
in: DWORD CTCPTable::GetTableEx(void)
Module:
File: i386\chkesp.c
line: 42
the value of esp was not properly saved across a function call. this is usually a result of a function declared with one calling convention with a function pointer declared with a different calling convention.
if you keep pressing the igonre, the application will come up, but
|
|
|
|
|
I have the same issue with my application. If someone has a solution, please post.
Thanks!
|
|
|
|
|
Hi y0da,
Thank you for the quick answer of my "/res Problem". I believe many of us have Win2k. It was very nice, if you can make a Version for WinXp or/and Win2k.
Best regards NielsR
|
|
|
|
|
The function "AllocateAndGetTcoTableFromStack" can only get PMIB_TCPTABLE, not PMIB_TCPTABLE_EX, so we can't get the process info related with the tcp port on Win2k using this method. Simply replace AllocateAndGetTcpExTableFromStack with AllocateAndGetTcpTableFromStack will not work , you should change the type of variant m_pBuffTcpTableEx from PMIB_TCPTABLE_EX to PMIB_TCPTABLE, All MIB_TCPROW_EX to MIB_TCPROW etc. But you can't get the processid info however. So i think it is nonsense to change the codes to run on Win2k. If you want get the result as this program on WinXP, you can use the method of FPort used. The source code of FPort can be finded by the link http://www.cnzz.cn/downloadsoft/1902/7.aspx.
|
|
|
|
|
Hi...
I'm trying to download this software but i have an error, can you email it to me please?
silence at sdf dot lonestar dot org.
Thans for this reply and thanks for your post.
Byron H.
|
|
|
|
|
GPF's in:
TCPTable.cpp
if (CBase::m_hModuleTcp != NULL)
{
//gathering info
(CBase::m_pGetTcpTableEx) ( &m_pBuffTcpTableEx,
TRUE, //sorted list
GetProcessHeap(),
0,
2);
}
anyone solve this issue ???, stumped to where he initialized pGetTcpTableEx
TIA
Johnny
|
|
|
|
|
I tried compiling this program but got an error right off the bat. The compiler can't find FilterDefs.h. I do have an October 2001 SDK (about when my MSDN ran out) installed with VC6 (plus the latest service pack). Do I need something newer?
So then I tried running just the release version and got an error that the procedure entry point GetProcessImageFileNameA could not be located in PSAPI.DLL. Reading one of the posts below, it appears to be because I am running Win2K. I would like to apply the mod suggested in the message but can't compile as noted above.
Any ideas on how to procede?
Thanks,
Paul
|
|
|
|
|
I solved my problem by just commenting out that #include directive. I also needed to add enum eDirection { in, out } to get it to compile. I applied the fix from the message below regarding the alternate GetProcessImageFileName approach and the program can (almost) start up. I get a crash in CTCPTable::GetTableEx because although m_hModuleTcp is valid, m_pGetTcpTableEx is NULL. I guess when you stated that only WinXP is supported, you meant it. Any suggestions on how to get this to work on Windows 2000?
|
|
|
|