#include <iptypes.h>
#include <tdiinfo.h>
#include <tcpioctl.h>
NTSTATUS QueryTcp()
{
NTSTATUS status;
#ifndef _WIN64
struct TCP_REQUEST_QUERY_INFORMATION_EX_WOW
{
TDIObjectID ID; // object ID to query.
ULONG pad; // ! for wow64 only - Context must be aligned on 8 byte in 64bit windows
uchar Context[CONTEXT_SIZE]; // multi-request context. Zeroed
};
PVOID Wow;
status = NtQueryInformationProcess(NtCurrentProcess(), ProcessWow64Information, &Wow, sizeof(Wow), 0);
if (0 > status)
{
return status;
}
#endif
static const UNICODE_STRING ObjectName = RTL_CONSTANT_STRING(L"\\device\\tcp");
static const OBJECT_ATTRIBUTES oa = { sizeof(oa), 0, const_cast<PUNICODE_STRING>(&ObjectName), OBJ_CASE_INSENSITIVE };
HANDLE hFile;
IO_STATUS_BLOCK iosb;
status = NtOpenFile(&hFile, SYNCHRONIZE,
const_cast<POBJECT_ATTRIBUTES>(&oa), &iosb, FILE_SHARE_VALID_FLAGS, FILE_SYNCHRONOUS_IO_NONALERT);
if (0 <= status)
{
PVOID InputBuffer;
ULONG InputBufferLength;
TDIObjectID* pID;
PVOID Context;
#ifndef _WIN64
if (Wow)
{
TCP_REQUEST_QUERY_INFORMATION_EX_WOW req = {
{ { GENERIC_ENTITY }, INFO_CLASS_GENERIC, INFO_TYPE_PROVIDER, ENTITY_LIST_ID }
};
InputBuffer = &req, InputBufferLength = sizeof(req), pID = &req.ID, Context = req.Context;
}
else
#endif
{
TCP_REQUEST_QUERY_INFORMATION_EX req = {
{ { GENERIC_ENTITY }, INFO_CLASS_GENERIC, INFO_TYPE_PROVIDER, ENTITY_LIST_ID }
};
InputBuffer = &req, InputBufferLength = sizeof(req), pID = &req.ID, Context = req.Context;
}
union {
PVOID buf;
TDIEntityID* pEntity;
};
volatile static UCHAR guz;
PVOID stack = alloca(guz);
ULONG cbAllocated = 0, cbNeed = 8 * sizeof(TDIEntityID);
do
{
if (cbAllocated < cbNeed)
{
cbAllocated = RtlPointerToOffset(buf = alloca(cbNeed - cbAllocated), stack);
}
// 1. Enumerate TDI Entities (INFO_CLASS_GENERIC, INFO_TYPE_PROVIDER, ENTITY_LIST_ID)
if (0 <= (status = NtDeviceIoControlFile(hFile, 0, 0, 0, &iosb,
IOCTL_TCP_QUERY_INFORMATION_EX, InputBuffer, InputBufferLength, buf, cbAllocated)))
{
if (ULONG n = (ULONG)iosb.Information / sizeof(TDIEntityID))
{
NTSTATUS s;
union {
ULONG type;
IPSNMPInfo snmp;
IFEntry ife;
IPInterfaceInfo ii;
BYTE iii_addr[sizeof(IPInterfaceInfo) + MAX_PHYSADDR_SIZE];
BYTE if_descr[sizeof(IFEntry) + MAX_ADAPTER_DESCRIPTION_LENGTH];
};
cbAllocated = 0;
stack = buf;
PVOID pv = 0;
do
{
DbgPrint("***{ %08x, %08x }\n", pEntity->tei_entity, pEntity->tei_instance);
// set Specific Entity.
pID->toi_entity = *pEntity;
switch (pEntity->tei_entity)
{
case IF_ENTITY:
//3. Obtain MIB-II Information about an Interface Entity.
pID->toi_id = IF_MIB_STATS_ID;
pID->toi_class = INFO_CLASS_PROTOCOL;
s = NtDeviceIoControlFile(hFile, 0, 0, 0, &iosb,
IOCTL_TCP_QUERY_INFORMATION_EX,
InputBuffer, InputBufferLength, if_descr, sizeof(if_descr));
DbgPrint("#%u type=%u mtu=%u %.*S\n", ife.if_index, ife.if_type, ife.if_mtu,
ife.if_descrlen / sizeof(WCHAR), ife.if_descr);
break;
case CO_NL_ENTITY:
case CL_NL_ENTITY:
//4. Obtain MIB-II Information about a Particular IP Entity.
pID->toi_id = IP_MIB_STATS_ID;
pID->toi_class = INFO_CLASS_PROTOCOL;
s = NtDeviceIoControlFile(hFile, 0, 0, 0, &iosb,
IOCTL_TCP_QUERY_INFORMATION_EX,
InputBuffer, InputBufferLength, &snmp, sizeof(snmp));
if (0 <= s)
{
if (snmp.ipsi_numaddr)
{
cbNeed = snmp.ipsi_numaddr * sizeof(IPAddrEntry);
if (cbAllocated < cbNeed)
{
cbAllocated = RtlPointerToOffset(pv = alloca(cbNeed - cbAllocated), stack);
}
// 5. Obtain Address Information about a Particular IP Entity
pID->toi_id = IP_MIB_ADDRTABLE_ENTRY_ID;
s = NtDeviceIoControlFile(hFile, 0, 0, 0, &iosb,
IOCTL_TCP_QUERY_INFORMATION_EX,
InputBuffer, InputBufferLength, pv, cbAllocated);
if (0 <= s)
{
IPAddrEntry* pAddr = (IPAddrEntry*)pv;
// 6. Obtain Interface Information about a Particular IP Address.
pID->toi_id = IP_INTFC_INFO_ID;
do
{
char sz[16], mask[16];
RtlIpv4AddressToStringA(&pAddr->iae_addr, sz);
RtlIpv4AddressToStringA(&pAddr->iae_mask, mask);
DbgPrint("[%s/%s]\n", sz, mask);
// 6. Obtain Interface Information about a Particular IP Address.
memcpy(Context, &pAddr->iae_addr, sizeof(pAddr->iae_addr));
s = NtDeviceIoControlFile(hFile, 0, 0, 0, &iosb,
IOCTL_TCP_QUERY_INFORMATION_EX,
InputBuffer, InputBufferLength, &ii, sizeof(iii_addr));
if (0 <= s)
{
if (ii.iii_addrlength)
{
DbgPrint("addr=");
PBYTE pb = ii.iii_addr;
do
{
DbgPrint("%02x", *pb++);
} while (--ii.iii_addrlength);
DbgPrint("\n");
}
}
} while (pAddr++, --snmp.ipsi_numaddr);
}
}
}
break;
case CO_TL_ENTITY:
case CL_TL_ENTITY:
//2. Obtain Type Information about a Specific TL Entity.
pID->toi_id = ENTITY_TYPE_ID;
pID->toi_class = INFO_CLASS_GENERIC;
s = NtDeviceIoControlFile(hFile, 0, 0, 0, &iosb,
IOCTL_TCP_QUERY_INFORMATION_EX,
InputBuffer, InputBufferLength, &type, sizeof(type));
if (0 <= s)
{
DbgPrint("type=%x\n", type);
}
break;
default:continue;
}
if (0 > s)
{
DbgPrint("error=%x { %08x, %08x }\n", s, pEntity->tei_entity, pEntity->tei_instance);
}
} while (pEntity++, --n);
}
}
cbNeed += 8 * sizeof(TDIEntityID);
} while (status == STATUS_BUFFER_OVERFLOW || status == STATUS_BUFFER_TOO_SMALL);
NtClose(hFile);
}
return status;
}