MSNC:File transfer 拒絕檔案傳送的程序

讀了相關資訊也從google 找資料,但是對 MSNSLP(P2P protocol)的描述多半語焉不詳,尤其是File Transfer,或許是自己的理解能力不好,只得自己SNIFFER,以下是整個拒絕檔案傳送的過程,試了一下;已正常可運行,我順便參考查看了某個msn的函式,發現他的做法不對;反而會造成client 不斷的請求(INVITE)

ps.以下相關msn帳號為測試帳號,並不會用來接收資訊

====Recv====
MSG xue.luke@hotmail.com ?? 1344\r\n
MIME-Version: 1.0\r\n
Content-Type: application/x-msnmsgrp2p\r\n
P2P-Dest: luke0@livemail.tw\r\n
\r\n
(00-00-00-00) (EF-64-8B-13) (00-00-00-00-00-00-00-00)
(2C-05-00-00-00-00-00-00) (B2-04-00-00) (00-00-00-00)
(3C-75-7B-23) (00-00-00-00) (00-00-00-00-00-00-00-00)
INVITE MSNMSGR:luke0@livemail.tw MSNSLP/1.0\r\n
To: \r\n
From: \r\n
Via: MSNSLP/1.0/TLP ;branch={9D589759-6F32-4136-BE3C-6CA353A20907}\r\n
CSeq: 0 \r\n
Call-ID: {8673FEF1-6E96-449D-AF21-8AD10E58630C}\r\n
Max-Forwards: 0\r\n
Content-Type: application/x-msnmsgr-sessionreqbody\r\n
Content-Length: 989\r\n
\r\n
EUF-GUID: {5D3E02AB-6190-11D3-BBBB-00C04F795683}\r\n
SessionID: 662509335\r\n
SChannelState: 0\r\n
Capabilities-Flags: 1\r\n
AppID: 2\r\n
Context: fgIAAAMAAAACAAAAAAAAAAEAAABiAGkAbgBhAHIAeQBfAGIAdQBpAGwAZABfADEALgAwAC4AMwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\  Hide Hide 512 Recvb AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
(00-00-00-00)

====Recv====
MSG xue.luke@hotmail.com ?? 264\r\n
MIME-Version: 1.0\r\n
Content-Type: application/x-msnmsgrp2p\r\n
P2P-Dest: luke0@livemail.tw\r\n
\r\n
(00-00-00-00) (EF-64-8B-13) (B2-04-00-00-00-00-00-00)
(2C-05-00-00-00-00-00-00) (7A-00-00-00) (00-00-00-00)
(3C-75-7B-23) (00-00-00-00) (00-00-00-00-00-00-00-00)
AAAAAAAAAAAAAAAAAAAAAAAAA/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=\r\n\r\n
00 (00-00-00-00)


====Send====
MSG 81 D 145\r\n
MIME-Version: 1.0\r\n
Content-Type: application/x-msnmsgrp2p\r\n
P2P-Dest: xue.luke@hotmail.com\r\n
\r\n
(00-00-00-00) (5A-C9-9C-1E) (00-00-00-00-00-00-00-00)
(00-00-00-00-00-00-00-00) (00-00-00-00) (02-00-00-00)
(EF-64-8B-13) (3C-75-7B-23) (2C-05-00-00-00-00-00-00)
(00-00-00-00)


====Recv====
ACK 81\r\n

====Send====
MSG 82 D 524\r\n
MIME-Version: 1.0\r\n
Content-Type: application/x-msnmsgrp2p\r\n
P2P-Dest: xue.luke@hotmail.com\r\n
\r\n
(00-00-00-00) (5B-C9-9C-1E) (00-00-00-00-00-00-00-00)
(7B-01-00-00-00-00-00-00) (7B-01-00-00) (00-00-00-00)
(47-A4-7E-27) (00-00-00-00) (00-00-00-00-00-00-00-00)
MSNSLP/1.0 603 Decline\r\n
To: \r\n
From: \r\n
Via: MSNSLP/1.0/TLP ;branch={9D589759-6F32-4136-BE3C-6CA353A20907}\r\n
CSeq: 1 \r\n
Call-ID: {8673FEF1-6E96-449D-AF21-8AD10E58630C}\r\n
Max-Forwards: 0\r\n
Content-Type: application/x-msnmsgr-sessionreqbody\r\n
Content-Length: 66\r\n
\r\n
SessionID: 662509335\r\n
SChannelState: 0\r\n
Capabilities-Flags: 1\r\n\r\n
00 (00-00-00-00)


====Recv====
ACK 82\r\n

====Recv====
MSG xue.luke@hotmail.com ?? 142\r\n
MIME-Version: 1.0\r\n
Content-Type: application/x-msnmsgrp2p\r\n
P2P-Dest: luke0@livemail.tw\r\n

(00-00-00-00) (F0-64-8B-13) (00-00-00-00-00-00-00-00)
(00-00-00-00-00-00-00-00) (00-00-00-00) (02-00-00-00)
(5B-C9-9C-1E) (47-A4-7E-27) (7B-01-00-00-00-00-00-00)
(00-00-00-00)

3 則留言:

1234 提到...

您好,请问您这个拒绝MSN传输文件的程序是怎么做的啊?构造拒绝包?能不能在客户端就直接禁止MSN发送文件呢?我现在只能够通过windows过滤驱动drop掉含有5D3E02AB-6190-11D3-BBBB-00C04F795683的数据包,这样在windows live messenger 8.5版本下是可行的,但是在windows live messenger9.0下如果通过NAT转换的话,即两台主机都是同一个LAN中的主机的情况下,两台主机是直接通过tcp连接传输文件的,而这些数据包中没有5D3E02AB-6190-11D3-BBBB-00C04F795683特征码,请问怎么能够过滤这种情况下的数据包呢?还是直接构造拒绝包比较简单,我的email是sdhzdmzzl#sina.com,期待您的回复,谢谢。

喂~程式 提到...

也許最簡單的方式是你可以拒絕開放某些tcp/udp 的port 來阻擋,wlm9 透過p2p(tcp/udp)直接溝通,否則你可讓msn在ns時過濾邀請的程序,以上建議給您參考

喂~程式 提到...

不過如果你從NS下手,trandid 就要不斷的修改,因為;你阻擋了封包傳遞,必須自行去控制TRANSID