Winsock LSP

最新推荐文章于 2023-12-19 15:51:18 发布
最新推荐文章于 2023-12-19 15:51:18 发布
阅读量156 收藏 1
点赞数
文章标签: java python 网络
原文链接:https://my.oschina.net/u/2308739/blog/814227
版权

2019独角兽企业重金招聘Python工程师标准>>> hot3.png

http://www.komodia.com/lsp-sub

What is Winsock LSP?

LSP stands for Layered Service Provider. In order to understand how it works, we must understand how the Windows network operates: the highest entry point of Windows network is Winsock, which is a user-level network API. 99% of network applications use Winsock to communicate over the network (an example of an application that does not use Winsock is NetBIOS, which is more of a protocol, but uses TDI-based communication). All Winsock API calls are redirected to ws2_32.dll, the Winsock API handling DLL. From there, all calls go to the kernel, which routes the network calls to the relevant communication interfaces via a technology called NDIS. Winsock LSP is a technology that allows us to inject our code between the user network calls and the Winsock API, thus allowing us to inspect, modify, or block those network calls. Another aspect of LSP is its ability to allow for additional namespace resolves. However, this is rarely used and will not be covered here.

Using LSP, real life examples of Winsock LSP usage

Among its many uses, LSP can be used for the following common tasks:

  • Connection redirection – Redirecting a connection request to another address (Winsock HTTP redirection). For example: Internet Explorer asks to connect to our site, www.komodia.com. With the help of LSP the request can be altered to connect to another address, such as localhost or any arbitrarily chosen Internet address. This is mostly used to create email scanners, web anonymizers (redirecting the traffic to a 3rd party proxy server).
  • Content inspection and modification. The LSP can process, inspect, and modify all data sent to the client before it reaches the client. Ideal for content inspection and filtering.
  • HTTP Redirection – Used to block users from accessing certain web sites, mostly used inside A network filter.
  • Winsock tracing. LSP can be used to trace Winsock calls and debug Winsock applications.
  • Firewall. LSP can act as firewall (application and network level). This, however, is not recommended.
  • Stream sniffer – Unlike normal sniffers that needs to perform statefull inspection to build the TCP stream, Winsock LSP sniffs at the stream level without any need to perform such rebuild. You can check out our free stream HTTP/HTTPS sniffer.

转载于:https://my.oschina.net/u/2308739/blog/814227

weixin_34411563
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
WinSockLsp
05-13
WinSockLsp
winsock-LSP修复工具
03-05
可以用于修复染病毒后,导致的能上qq不能上网的问题
Winsock LSP导致无法上网(传说中的“浏览器劫持”)
01-24 3227
关于Winsock LSP“浏览器劫持”,中招者一直高居不下,由于其特殊性,直接删除而不恢复LSP的正常状态很可能会导致无法上网所以对其修复需慎重.        先说说什么是Winsock LSP“浏览器劫持”.Winsock LSP全称Windows Socket Layered Service Provider(分层服务提供商),它是Windows底层网络Socker通信需要经过的大门。
Winsock LSP劫持导致无法上网
Vincent_zhang1949的博客
04-29 3353
Winsock LSP劫持有时候会遇到这么一种情况,网络连接正常,IP地址、DNS地址配置正确,路由器也配置正常,但就是无法浏览网页、登录QQ,而且使用ping命令测试计算机连接Internet上的网站,测试结果显示计算机可以连接至Internet。但是不能上网,遇到这种情况极大可能是因为Winsock LSP劫持造成。 Winsock LSP(Windows Socket分层服务提供商)。所有使...
解决Winsock LSP导致无法上网
03-01
能上qq不能上网,运行脚本重启电脑即可。可以修复由于恶意程序、木马造成的网络连接配置损坏。
winsock service provider interface.rar_WINSOCK SPI_spi_spi lsp_w
09-23
在标题“winsock service provider interface.rar_WINSOCK SPI_spi_spi lsp_w”中,我们看到关键词“WINSOCK SPI”、“SPI”和“LSP”,这些都是与Winsock SPI相关的术语。WINSOCK SPI 是 Winsock 的服务提供者接口...
LSP修复工具
02-06
然而,有些恶意软件或者不良程序会非法篡改LSP链,导致WinSock2注册表键值的破坏,进而影响TCP/IP协议的正常工作,使用户出现无法上网或网络连接异常的问题。这时,就需要使用LSP修复工具来解决这类问题。 "金山LSP...
KomodiaLSP_LSP_winlsp_
10-02
This code sample illustrates a Winsock 2 layered service provider (LSP).An LSP is a method of inserting a layer between the Winsock 2 API andapplications. This is achieved by creating a DLL which ...
网络编程之编写LSP进行Winsock API监控拦截或LSP注入
htpidk的博客
07-06 1709
【1】工具介绍:用到的工具:VS2015 语言:C/C++ 需要系统提供的动态链接库:1、 sporder.dll //很多系统不自带着个dll,导致编译时缺少dll无法编译. (发布时必须将此dll放到程序目录) 本人只提供: WIN7 64位的sporder.dll :http://download.csdn.net/do...
komodialsp
10-20
lsp注册程序,注册lsp协议,可以截获ws2_32调用
winsock原理
David_jiang
04-09 2305
<br />       明确一点: windows创建套接字的目的是为了网络传输,实现数据的传输。  <br />      sockets套接字是通信的基石,是支持TCP/IP协议的网络通信的基本操作单元,可以将套接字看做不同主机间进程进行双向通信的端点。套接字分为两种不同的类型:流式套接字和数据报套接字。流式套接字具有有序性,面向连接;数据包套接字不保证可靠性和有序性。<br />任何从winsock函数对IP地址和端口号的引用和传送给winsock函数的ip地址和端口均是按照网络顺序组织的。套接字可
解决Winsock LSP导致无法上网的问题
Keivin
03-27 5918
关于Winsock LSP“浏览器劫持”,中招者一直高居不下,由于其特殊性,直接删除而不恢复LSP的正常状态很可能会导致无法上网所以对其修复需慎重。   先说说什么是Winsock LSP“浏览器劫持”.Winsock LSP全称Windows Socket Layered Service Provider(分层服务提供商),它是Windows底层网络Socker通信需要经过的大门。一些流氓
LSP 网络劫持(Layered Service Provider Hijacking)
最新发布
【Rainbow Network Technology co., LTD】
12-19 838
LSP 劫持(Layered Service Provider Hijacking)是一种计算机安全漏洞和攻击技术,通常与Windows操作系统相关。它涉及到网络协议栈中的层式服务提供程序(Layered Service Provider,LSP),这些提供程序用于修改、监视或过滤网络流量。LSP劫持是指攻击者通过操纵LSP,以在网络通信中插入恶意代码或进行网络监听,从而捕获敏感信息或执行恶意操作。
LSP入门
weixin_30502965的博客
03-27 1630
LSP是Layered Service Provider的缩写,是介于winsock和应用程序之间的一层。可以让我们实现数据的侦听、拦截和修改。LSP入门的最简单方式是自己编译一个例子运行一下:首先,安装一下windows sdk,win7版的下载页面:http://www.microsoft.com/en-us/download/details.aspx?id=18950 带X的是64位版。...
winsock2 lsp
11-20
Winsock2 LSP(Layered Service Provider,分层服务提供程序)是一种在Windows操作系统中实现网络通信和协议的技术。LSP允许开发人员在Winsock API(应用程序编程接口)之上创建附加的网络协议层。 Winsock2 LSP...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值