Solved

Snooping on winsock calls

Posted on 1998-04-04
1
320 Views
Last Modified: 2013-12-03
I want to intercept another application's calls to various winsock functions.  Specifically I want to know what is being communicated between the client and server.  So ideally I'd like to be able to see the parameters to the send and receive functions for a given application.  It is important to note I did not write the application I want to snoop on.  It is a win32 program.  But I need to learn how it communicates so my app can be compatible.  I have no idea how to do this.  Any ideas?

A program able to do this would be just as helpful.  but so far the only program I can find to do this is TracePlus95.  I do not have a spare $150.
0
Comment
Question by:LukeSkywalker
1 Comment
 
LVL 4

Accepted Solution

by:
tflai earned 200 total points
ID: 1412536
There are several ways that can be done to intersect TCP/UDP communication:
1.  DLL replacement on WINSOCK32.DLL.  Easy but may not be a safe way to do it:  http://www.macam98.ac.il/vmis/wspy.htm
2.  DLL injection technique using Win32 Debugger mechanism.  Take a look at the product provided at:  http://www.win-tech.com/toolkit.htm
3.  Hook MSTCP at VxD level using TDI-client interface.  There is an example provided in VToolsD called HOOKTDI:  http://www.vireo.com
4.  Write a network snooper using a promiscuous NDIS protocol driver that binds to all the adapters.  Difficult as you have to filter out all the different packet headers, DIX, 802.3, etc.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show how to use the Ribbon IDs Tool Window to assign the built-in Office icons to a ribbon button.  This tool will help us to find the OfficeImageId that corresponds to our desired built-in Office icon. The tool is part of…
This article describes a technique for converting RTF (Rich Text Format) data to HTML and provides C++ source that does it all in just a few lines of code. Although RTF is coming to be considered a "legacy" format, it is still in common use... po…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
A short film showing how OnPage and Connectwise integration works.

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now