• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 565
  • Last Modified:

How to intercept winsock function like send,sendto, recv ,etc.

hi all,

i wrote a dll to intercept windows API, for other APIs that is in user32.dll or advapi32.dll, it works well, but when i want to intercept api in wsock32.dll or w2_32.dll, it doesn't work well, i mean i can only intercept some application which is using these function like send, but for others which are using "send", it can't intercept.

how to?

BTW, what i use is to change the IAT of every executable file images.
0
greensleeve
Asked:
greensleeve
1 Solution
 
jhanceCommented:
Are you sure that these "other" applications are using send from these DLLs?  I think you'll find that there is more than one way to "network" in a Windows application.
0
 
AxterCommented:
There's more then one Send API function.
You need to capture the following API calls:

WSASend
WSASendTo

WSPSend
WSPSendTo

send
sendto
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now