Welcome to r1ch.net

[ /stuff/forcebindip/]$

ForceBindIP - Bind any Windows application to a specific interface


2009-09-17: Version 1.2a released. Modified loader (ForceBindIP.exe) to work around numerous false positives from anti-virus products.

2005-10-29: Version 1.2 released. Support for delayed injection and additional intercepts.


ForceBindIP is a freeware Windows application that will inject itself into another application and alter how certain Windows Sockets calls are made, allowing you to force the other application to use a specific network interface / IP address. This is useful if you are in an environment with multiple interfaces and your application has no such option for binding to a specific interface.

ForceBindIP works in two stages - the loader, ForceBindIP.exe will load the target application in a suspended state. It will then inject a DLL (BindIP.dll) which loads WS2_32.DLL into memory and intercepts the bind(), connect(), sendto(), WSAConnect() and WSASendTo() functions, redirecting them to code in the DLL which verifies which interface they will be bound to and if not the one specified, (re)binds the socket. Once the function intercepts are complete, the target application is resumed. Note that some applications with anti-debugger / injection techniques may not work correctly when an injected DLL is present; for the vast majority of applications though this technique should work fine.

As of version 1.2, all known functions in WS2_32.DLL that either explicitly or implicitly bind to an interface are intercepted. Please note however that certain programs may still end up using the default interface if they implement connections that do not use the standard winsock functions.

Some programs that have been tested to work with ForceBindIP include DC++, uTorrent, Quake II, Quake III, Diablo II, StarCraft, Internet Explorer, Mozilla Firefox, Google Earth, Infantry, Real Player, Unreal Tournament 2004 (requires -i), Outlook 2000 (requires -i). Programs that do not work include GetRight (anti-debugger / forking techniques), WinCVS (forks cvs.exe)


ForceBindIP has no graphical interface. You must configure it like a command-line application. To run 'app.exe' and force it to bind to, you would run ForceBindIP as follows:

ForceBindIP c:\full\path\to\app.exe
Note that the full path is required; if the path contains spaces, it must be quoted. ForceBindIP can also take the GUID of an interface if for example the IP address is dynamic. To find out the GUID of your interface, run regedit and browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces. Find the interface which has the dynamic address and then copy the key name. You can then run ForceBindIP as follows:
ForceBindIP {4FA65F75-7A5F-4BCA-A3A2-59824B2F5CA0} c:\path\to\app.exe
Command line options for the target program may also appear after the path to the executable if needed.

Version 1.2 also provides an optional -i parameter. If you find your chosen application crashes on startup or exhibits other unexpected behaviour, try using -i, eg:

ForceBindIP -i c:\full\path\to\app.exe
This will cause the ForceBindIP loader to wait until the application has entered its message loop before injecting the interception DLL. Note however that any calls that the application makes to Winsock prior to the DLL being loaded will not have been bound to the chosen interface.


Due to the APIs required, ForceBindIP will only run on Windows NT/2000/XP/2003. It will not function on Win9x/WinME.

ForceBindIP-1.2a-Setup.exe (80 KiB). Graphical setup utility with uninstaller. Installs to system32 directory.

ForceBindIP-1.2a.zip (8 KiB). Manual installation, this is just a zip of the required files. Note that BindIP.dll MUST reside in windows\system32 for the program to function.


If you found ForceBindIP to be useful, please consider making a PayPal donation or a bitcoin donation. Thanks!

Valid XHTML 1.0!
Best viewed with a fully XHTML 1.0 / CSS2 compliant browser. View r1ch.net privacy statement. Please note that using certain types of download "accelerator" utilities that open more than one connection may result in your IP being blocked.