[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Use Madshi's MadCodeHook to Hook winsock2

Posted on 2003-11-28
4
Medium Priority
?
846 Views
Last Modified: 2012-06-21
Anyone know how to use Madshi's MadCodeHook to Hook winsock2's recv and send function?
please give me an example
Thanks a lot
sorry for my poor english...
0
Comment
Question by:xmichen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
Madshi earned 200 total points
ID: 9841873
The following code should work, I guess. I've not tested it, though. Just typed it in here without even test compiling. It's not that difficult, is it?

Regards, Madshi.


library HookWinSock2;

uses Windows, WinSock, madCodeHook;

var
  sendNext : function (socket: TSocket; buf: pointer; len, flags: integer) : integer; stdcall;
  recvNext : function (socket: TSocket; buf: pointer; len, flags: integer) : integer; stdcall;

function sendCallback(socket: TSocket; buf: pointer; len, flags: integer) : integer; stdcall;
begin
  result := sendNext(socket, buf, len, flags);
end;

function recvCallback(socket: TSocket; buf: pointer; len, flags: integer) : integer; stdcall;
begin
  result := recvNext(socket, buf, len, flags);
end;

begin
  HookAPI('ws2_32.dll', 'send', @sendCallback, @sendNext);
  HookAPI('ws2_32.dll', 'recv', @recvCallback, @recvNext);
end.
0
 

Author Comment

by:xmichen
ID: 9841951
I have wrote my code like this
And my dll is global hook
If other application send packet begin with $AA001410, that application sometime will be crash...

type
  SockBuf    = array[0..4095] of Byte;

var
  sendNext : function( s       : Integer;
               const buffer  : SockBuf;
               length  : Integer;
               flags   : Integer ):Integer; stdcall;
function sendCallback( s       : Integer;
               const buffer  : SockBuf;
               length  : Integer;
               flags   : Integer ):Integer; stdcall;
var
  i : Integer;
begin
  if (buffer[0] = $AA) AND (buffer[1] = $0)
     AND (buffer[2] = $14) AND (buffer[3] = $10) then
  begin
    for i:=0 to 10 do
    begin
     AccName := AccName + Chr(buffer[i + 16]);
    end;
  end;
  Result := sendNext(s, buffer, length, flags);
end;
0
 
LVL 20

Expert Comment

by:Madshi
ID: 9841960
Please check whether the buffer is assigned:

if @buffer <> nil then begin
  // all the other code here
end;

Does the solve the problem?
0
 

Author Comment

by:xmichen
ID: 9841970
Oh, I think that is the pocket less then 26 byte...
Thank madshi~~~
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever had your Delphi form/application just hanging while waiting for data to load? This is the article to read if you want to learn some things about adding threads for data loading in the background. First, I'll setup a general applica…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question