I have tried ForceBindIP, but it has a significant downside – it doesn’t affect the children of the application I’m trying to bind, it only affects the application itself. It also can’t force an application to always run through a specified interface, it has to be run through
forcebindip.exe
every time. It becomes a problem with applications like League of Legends where the process tree looks like that:The launcher runs the patcher, the patcher run the client, etc. I can only affect the parent of all these processes in the tree, so the actual game is not bound to the interface I want, making this whole venture pointless.
Is there a more modern alternative to ForceBindIP for Windows 7? There are many questions similar to this one on this site, but they are mostly old. Maybe there is now a better way to solve this problem?
My current idea is to do the following:
Set up local 3proxy server bound to the desired interface.
Run the game through Proxifier or similar software configured to run through that local proxy.
I’m not sure if that will work, but even if it will, it seems like a sub-optimal solution. Do you guys have any better ideas?
Edit: My idea didn’t work 🙁
Edit 2: Basically, what I’m trying to achieve is bind a few applications to a regular interface, while VPN is running. The reason is that I need to connect through VPN most of the time, but some applications (such as games) don’t work properly this way, because of higher ping and other issues.
Solution:
###UpdateI’ve found that ForceBindIp in fact is passing parameters to the called executables. It just omits first parameter. So I’ve modified my script to use ForceBindIp.exe
instead of custom injector and now it looks like all issues with injectory
exceptions are gone and everything works.
Here is modified steps and BindIp.cmd
script:
Install ForceBindIp as usual
Put
BindIp.cmd
anywhere on your drive (e.g.C:BindIpBindIp.cmd
)
BindIp.cmd
script:
setlocal:: IP to bind toset IP=192.168.128.85:: Common variablesset RegIFEO=HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options%~nx1set Injector=ForceBindIp.exe:: ForceBindIp swallows first parameter passed to target exe,:: so we inject dummy parameter just before itset AllParams=%*set FirstParam=%1call set TargetParams=%%AllParams:*%FirstParam%=%FirstParam% Dummy%%:: Delete debugger for the target exe in registry,:: or we'll end in an endless loop of the batch filesreg delete "%RegIFEO%%" /v Debugger /f:: Start target exe via ForceBindIp%Injector% %IP% %TargetParams%:: Restore this script as debugger for the target exe in registryreg add "%RegIFEO%" /v Debugger /t REG_SZ /d "%~dpnx0" /f:: Debug, uncomment if neededrem pauseendlocal
Then follow steps 2-6 from below.
###Introduction[ForceBindIp][0] can’t automatically inject `BindIp.dll` to child processes and doesn’t pass parameters to the called executables. But I was able to circumvent this by using [Image File Execution Options in registry][1], batch script and [third-party dll injector][2]. Details are below.
###TheoryTo use BindIp.dll
without ForceBindIp.exe
we need to find out how they communicate (ForceBindIp.exe
has to pass IP-address to dll somehow).
I’ve used IDA free and found that ForceBindIp.exe
creates environment variable with name FORCEDIP
that holds IP-address and BindIp.dll
reads IP-address from this variable when it injected and executed in target process.
To detect target application launch, we can add a Debugger
key in the Image File Execution Options in registry for this executable:
Kernel32!CreateProcess when called without the DEBUG_PROCESS orDEBUG_ONLY_THIS_PROCESS creation flags, checks the registry to see ifIFEO has been set on the executable that it is launching. If yes, thenit simply prepends the debugger path to the executable name,effectively getting the executable to launch under the debugger.
The "Debugger" in our case, will be a batch script, that will set FORCEDIP
variable and launch the injectory dll-injector. Injectory then will start process, pass command-line arguments and inject BindIp.dll
.
###Practice
- Create folder somewhere (
C:BindIp
for example) and put those three files in it:
BindIp.dll
- injectory.x86.exe
BindIp.cmd
BindIp.cmd
script:
setlocal:: IP to bind to. This env.var is used by BindIp.dllset FORCEDIP=192.168.1.23:: Common variablesset RegIFEO=HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options%~nx1set Injector=%~dp0injectory.x86.exeset BindIpDll=%~dp0BindIp.dll:: Extract target's parameters, if anyset AllParams=%*set FirstParam=%1call set TargetParams=%%AllParams:*%FirstParam% =%%:: Delete debugger for the target exe in registry,:: or we'll end in an endless loop of the batch filesreg delete "%RegIFEO%%" /v Debugger /f:: Start target exe and inject BindIp.dllif not [%2] == [] ( :: If there were parameters for target exe, pass them on "%Injector%" --launch %1 --inject "%BindIpDll%" --args "%TargetParams%") else ( :: No parameters were specified "%Injector%" --launch %1 --inject "%BindIpDll%"):: Restore this script as debugger for the target exe in registryreg add "%RegIFEO%" /v Debugger /t REG_SZ /d "%~dpnx0" /f:: Debug, uncomment if neededrem pauseendlocal
- Create registry key (e.g.
LolClient.exe
) for target executable inHKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options
- Add String Value to this key:
- Name:
Debugger
- Value:
C:BindIpBindIp.cmd
Grant
Users
Full permissions on this key (the script will have to modify it at every launch). It should look like this:Set required IP-address in
BindIp.cmd
Repeat steps 3 and 4 for every executable you wish to bind (
rad_user_kernel.exe
,LolLauncher.exe
,LolPatcher.exe
, etc.).
Now, every time when you launch executable that has corresponding registry entry, the BindIp.cmd
script will launch instead and bind this program to desired IP-address.
###Conclusion
I’ve tested this on my laptop running Windows 8.1 x64 and was able to successfully bind various programs (AIMP 2, BersIRC, Opera 12.4) to Ethernet or WiFi adapter using this technique. Unfortunately BindIp.dll
is 32-bit, so it wouldn’t work with 64-bit processes.