How to Hook Winsock Api ,

Situation:

Need to intercept the Connect APIs on Windows NT and replace it with my own function, being called
from a DLL, and then have my program call the "old" API function to complete the process.

Connect -> 192.1.1.254

replace to

if (Connect == '192.1.1.254')
{
  Connect == ' 192.1.1.10'
}


Good luck!  Let me know if you have any questions.  I would like VC++6.0 source code...  Thanks!

kk2kAsked:
Who is Participating?
 
MadshiCommented:
Here is a demo that shows you how to hook the well known API "WinExec". You should be able to easily change it to the winsock "Connect" API(s). Do this stuff in a little dll. Then just call "InjectLibrary(otherProcessHandle, 'c:\fullPatj\yourHooking.dll')" in a little launcher application. That's it. Relatively easy, don't you agree?

This demo is directly from the Demo folder of my package. I'm sorry, but I don't have the time to give you full sources for you "Connect" hooking thing. It would cost me too much time...

Regards, Madshi.


// demonstrate how madCodeHook can hook (almost) any API under any win32 OS
// a madCodeHook is normally only process wide
// look at the systemAPI demo for infos about system wide hooks
// (note, that you can even hook so-called shared system APIs under win9x)

#include <windows.h>
#include "madCodeHookLib.h"

// variable for the "next hook", which we then call in the callback function
// it must have *exactly* the same parameters and calling convention as the
// original function
// besides, it's also the parameter that you need to undo the code hook again
UINT (WINAPI *WinExecNextHook)(LPCSTR lpCmdLine, UINT uCmdShow);

// this function is our hook callback function, which will receive
// all calls to the original SomeFunc function, as soon as we've hooked it
// the hook function must have *exactly* the same parameters and calling
// convention as the original function
UINT WINAPI WinExecHookProc(LPCSTR lpCmdLine, UINT uCmdShow)
{
  UINT result;

  // check the input parameters and ask whether the call should be executed
  if (MessageBox(0, lpCmdLine, "Execute?", MB_YESNO | MB_ICONQUESTION) == IDYES)
  {
    // now call the original function, but in minimized form (just for fun :-)
    result = WinExecNextHook(lpCmdLine, SW_SHOWMINIMIZED);
  } else
    // if we didn't execute the call, we should at least return a valid value
    result = ERROR_FILE_NOT_FOUND;
  return result;
}

int pascal WinMain(HINSTANCE hCurInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
{
  // we install our hook on the API...
  // alternatively to the call below you can also use this one:
  // HookAPI('kernel32.dll', 'WinExec', @WinExecHookProc, @WinExecNextHook);
  HookCode(WinExec, WinExecHookProc, (PVOID*) &WinExecNextHook);
  // now call the original (but hooked) API
  // as a result of the hook the user will receive our messageBox etc
  WinExec("notepad.exe", SW_SHOWNORMAL);
  // *PLEASE* be cautious when you hook APIs in win9x that are in the shared area
  // e.g. kernel32.dll and user32.dll are in the shared area
  // each dll with GetModuleHandle >= $80000000 is in the shared area
  // with madCodeHook you can hook such "shared APIs" like any other
  // but if you don't unhook them, rests of your hooks will remain installed
  // even after your application closes
  // that doesn't impact system stability, but it's not good for performance
  // (under winNT/2000 you don't need to care about unhooking)
  UnhookCode((PVOID*) &WinExecNextHook);

  return 0;
}
0
 
MadshiCommented:
Do you need this system wide or only for a specific process? Do you need to do this programatically or would perhaps installing a proxy (or something like that) solve the problem, too?
0
 
kk2kAuthor Commented:
Just only for a specific process.

0
Cloud Class® Course: Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

 
MadshiCommented:
Then you might want to look at my package "madCodeHookLib" (free for non-commercial purpose). With this package you can inject a self-written dll into the specific process. Then in the dll you can hook the connect APIs, again using my package.

Here is the online documentation. It is for the Delphi version of my package, but a C++ package is also available.

http://help.madshi.net/Data/madCodeHook.htm

Here is a demo, which shows all the basic framework you need:

http://help.madshi.net/Data/HookingNotepad.htm

Regards, Madshi.
0
 
kk2kAuthor Commented:
Hi,Madshi
 
  Can you use your package write some functions  for me


Connect -> 192.1.1.254

replace to

if (Connect == '192.1.1.254')
{
 Connect == ' 192.1.1.10'
}

VC code ~~  thanks~

0
 
kk2kAuthor Commented:
Hi,Madshi
 
  Can you use your package write some functions  for me


Connect -> 192.1.1.254

replace to

if (Connect == '192.1.1.254')
{
 Connect == ' 192.1.1.10'
}

VC code ~~  thanks~

0
 
MadshiCommented:
I'm sorry. First of all I'm a Delphi programmer. Second, I've not the time to do all the work for you...   :-/   There are also C++ demos in the demo folder. If you dig a bit, you'll be able to do it yourself, I think...
0
 
jhanceCommented:
Here's another great source of information:

http://www.codeguru.com/system/apihook.html

Not only is the article itself excellent, but an example application is supplied and there are references to just about every item written on this topic.
0
 
kk2kAuthor Commented:
I want some demo c++ code for my example
0
 
jhanceCommented:
It really would help if you would READ THE COMMENTS offered here to help you:


Here's another great source of information:

http://www.codeguru.com/system/apihook.html

Not only is the article itself excellent, but AN EXAMPLE APPLICATION IS SUPPLIED and there are references
to just about every item written on this topic.
0
 
MadshiCommented:
The article & source code mentioned by jhance is really a good one. However, I don't like the API hooking method used there, namely Import Table Patching. It's really not the best method. Well, but it's good enough in a lot of situations, so you will have to try out, whether you catch all needed API calls with this method or not.
0
 
jhanceCommented:
The nicest thing about the article is the collection of references.  All the different techniques have their own advantages and disadvantatges.
0
 
MadshiCommented:
Let me just add a comment to one part of that article:

>> Injecting DLL by using CreateRemoteThread() API function. Well, this is my favorite one. Unfortunately it is supported only by NT and Windows 2K operating systems.

Win9x does have a CreateRemoteThread like function, it's just not exported from kernel32. My package is able to access this internal function...   :-)
0
 
kk2kAuthor Commented:
OK, but not have source file for my Question .

To: jhance
   you havn't Detail for my Question.

To: Madshi

   i am VC programmer. i don't Use Delphi . but you madCodeHookLib is good tool .
   can you get me some source for vc ?

   i will accept comment as answer in tomorrow.
0
 
nildoCommented:
What messages are avaliabled on the Socket APIs ?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.