How to intercept winsock function like send,sendto, recv ,etc.

hi all,

i wrote a dll to intercept windows API, for other APIs that is in user32.dll or advapi32.dll, it works well, but when i want to intercept api in wsock32.dll or w2_32.dll, it doesn't work well, i mean i can only intercept some application which is using these function like send, but for others which are using "send", it can't intercept.

how to?

BTW, what i use is to change the IAT of every executable file images.
greensleeveAsked:
Who is Participating?
 
AxterConnect With a Mentor Commented:
There's more then one Send API function.
You need to capture the following API calls:

WSASend
WSASendTo

WSPSend
WSPSendTo

send
sendto
0
 
jhanceCommented:
Are you sure that these "other" applications are using send from these DLLs?  I think you'll find that there is more than one way to "network" in a Windows application.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.