DLL injection for browser alone - c++

I want to be able to type www.mydomain.com into my web browser but have the actual traffic go to something.mydomain.com. I thought to, maybe inject a dll into the process browser(firefox.exe). I tried to use some methods like hooking, dll injection using create remote thread etc. But, since I'm a newbie, especially when it comes to C++ or Assembly level languages, I coudn't understand much about it. The one's I could understand are no longer compatible with Win 7 or higherCould someone help me by directing me in the right path.
All I want is know how to intercept/manipulate an outgoing URL request from the browser. I found that TCP/IP first creates some socket using socket() function and then connect() function. I sthere a way to intercept that?
I want this to be easy, simple and compatible with windows XP to 10. If it's not easy I'm okay with building different codes for different versions. If the script is cross platform, it would be even more awesome.

I don't think what you want to do (or more precisely the way you want to do it) is possible without being the owner of the domain and setting a HTTP redirect on the server.
Modifying the hosts file or setting up your own DNS server and having the machine or its router use that to resolve DNS queries is really the only way but...
Dependant on the browser this may not be possible. Current versions of firefox and chrome implement dns prefetching which essentially means that they come preloaded with a bunch of popular dns entries for faster page loading times.

Related

block certain websites using C++

I am looking for a way to block certain websites using C++.
The agent is installed in the End-User, and if an unauthorized site is accessed, it must be redirected to an error page.
The hosts file is not used because the user can modify it arbitrarily.
Here is a list of possible searches.
(I prefer blocking through hooking rather than developing a network driver.)
Windows Filtering Platform
Send FIN packet to server using WinPCAP
DNS Query control
Browsers target IE, Chrome, and Edge.
What are the pros and cons of the above list?
Or, Is there any possible way other than the above list?
Since there is not enough development time, there is not much learning time.
If you know the API, documentation, or code snippets you can refer to, please respond.
Thankds.

c++ Windows automatically detect proxy settings

I have a C++ program which I want to use on my clients machines. However, some of my clients are behind proxies. Therefore, I want my program to automatically detect these proxies.
I have tried many solutions, such as reading the registry for the proxy settings, trying the Windows API's, etc.
However none of them have worked out well. E.g. the registry sometimes holds the url for the PAC-file and sometimes the actual proxy-address itself. Besides that, I haven't been able to find any username and password related to the proxy if it is set on the client machine (which some users say they have).
So, basically my question is:
How can I automatically determine the proxy settings of my clients in C++ so I can use the proxy-settings in my LibCurl requests later on regarding:
Proxy-address
Proxy-port
Proxy-User
Proxy-Password
I can't get it to work and I have been trying it for two weeks now without any improvement...
You can not read proxy setting in a generic way, since every application is free to store it in any way it wants. You should be able to read Internet Explorer proxy by using WinHttpGetIEProxyConfigForCurrentUser function, and it would also work for users browsers which use this setting, like Google Chrome.
How can I automatically determine the proxy settings of my clients in C++ so I can use the proxy-settings in my LibCurl requests?
libproxy is the answer!
Libproxy home page on GitHub
Libproxy repo on GitHub
It has these features according to the home page:
support for all major platforms: Windows, Mac and Linux/UNIX (see upcoming 0.4 release)
extremely small core footprint
no external dependencies within libproxy core (libproxy plugins may have dependencies)
only 3 functions in the stable-ish external API (1.0 will offer full stability)
dynamic adjustment to changing network topology
a standard way of dealing with proxy settings across all scenarios
a sublime sense of joy and accomplishment

Remotely control application settings

I have a solution that acts as client service and does some background work. This application requires some settings (that are read from an xml file) to be done at installation time and which are periodically revised. For convenience (as this service is installed on multiple machines) I wanted to control these settings remotely from a central server application. This works fine if the server and client are inside the LAN but I would like to control these settings even if the client is outside the network or the server is behind a firewall. What could be the solutions to do this?
Clearly, the solution depends on exactly what you want to achieve. But if I understand it right, the reason you have "problems" with a firewall is that you simply access the file that contains the XML over the network using standard network file access. Which is typically (for good reason) blocked by the firewall.
So, the solution then would be to use a standard protocol and a "non-standard service". For example, if the machine is allowed incomming HTTP requests, you could use HTTP-based post messages to update the XML content, either send the entire file as a file upload, or make up your own remote access protocol. If HTTP is not allowed, then you have to look at what other "holes" there are in the firewall, and do something similar with another of the "holes".
The other, less obscure solution, is of course to simply use a remote-desktop or secure shell connection to remotely access the machine. Of course, again, assuming this sort of connection is allowed.
There is no magical "bypass firewall" solution - you have to work within the rules of the firewall in some way.

Wait for certain website to be accessed

My objective is to have an event that is triggered when a website is accessed.
Now, maybe through the window title, or the text in the window. Or maybe even reading a URL.
As of now I am aware of FindWindow (class,title);
However all attempts to put this line of code into a loop and it's exit condition being when the window appears have been fruitless.
Any assistance would be very helpful.
That's not possible. At least if I understood you correctly.
You want to register a callback when ANY software on your machine accesses a specific website?
Just imagine a browser uses SSL, there is no way to detect this by listening to the traffic or something similar.
However, if you want to be notified about all connections to a specific IP, then you could use sniffing mechanisms of your kernel or even redirect all traffic to this IP to a proxy you have set up with iptables or similar.
Windows has a sniffing library called WinPCap, on linux you could use tcpdump.
Though, more information about your problem would be nice.
Looking for window titles can be a bit problematic. I don't know how much control you have over the desktop, but you might consider building an addon for Firefox (or the equivalent in IE) to look for this particular site.
https://developer.mozilla.org/En/Extensions/Firefox
You might also consider building a simple local proxy server (depending on what you are doing) that looks for this site and performs some action. You would have to make sure all the browsers on the machine point to this local proxy to get it working correctly. See the link below for some discussion on a custom proxy server:
How to create a simple proxy in C#?

How do you block selected applications from accessing the internet (C++, Win32)

I want to have an application or service that is running that, on some schedule, can disable access to the internet for all applications except for specific ones.
I'm trying to create a filter that can be turned on or off under programmatic control. Not just IP addresses and ports, but I want to be able to block specific applications as well, much like Zone Alarm and other software firewalls let you block.
For example, iexplore.exe, skype.exe, firefox.exe, aim.exe. But still need to allow other applications to connect as needed.
It has to work on Vista as well as XP, but I kind of expect that the method will be different on each of those platforms.
Basically, the filter has to tie the network communication back to the executable that is making the request and then allow or deny it.
Update:
On Vista at least, it looks like I want to use filters in the ALE layers of the WFP.
On XP, I'm still looking for the best way to do it. Do I really need to be writing device drivers and dealing with kernel stuff? I'm just a lowly application developer. Kill me now.
Update 2:
Currently looking at the PfCreateInterface and related Pf* API's for pre-Vista systems.
You can change both Vista and XP's firewall policies dynamically using the INetFwAuthorizedApplications interface from the Windows Firewall API.
Also see this question.
You'll have to write a device driver that filters traffic based on the executable requesting the traffic.
by limiting its access to internet using firewall. go to firewall setting advanced tab (win 7)
and do that
I'm not sure, but I think you'd need to do it by getting the program to run as a user that has limited permissions, the question is, can you make a user account that stops such things?
You'll need to redirect all (or at least many) calls to the WinSock API functions of any running program to your own replacement functions. That means getting into the memory of each running program and hijacking those functions, which is an... interesting... exercise. :-)
That might be enough of a pointer to get you started, or at least to suggest some more specific questions to ask.
Could you move aside (ie rename) the system's winsock DLL and replace it with your own ?
Yours should provide the same API, but check the the process name of incoming requests... return an error code to blocked applications and forward the calls from allowed apps onto the real DLL.