Jump to content
Tuts 4 You

How to hook recv function

MarcosL

By MarcosL
in Programming and Coding

Recommended Posts

MarcosL

MarcosL

Posted
Posted

i m trying catch buffer of de recv function, but i not have success.

I used C/C++ Code :


#pragma comment(lib, "detoured.lib")
#pragma comment(lib, "detours.lib")
#pragma comment(lib, "Ws2_32.lib")
#undef UNICODE
#include <cstdio>
#include <Winsock2.h>
#include <ws2tcpip.h>
#include <windows.h>
#include "detours.h" //*IMPORTANT: Look at path if compiler error
//Prototypes
int (WINAPI *pSend)(SOCKET s, const char* buf, int len, int flags) = send;
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags);
int (WINAPI *pRecv)(SOCKET s, char* buf, int len, int flags) = recv;
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags);
//Log files
FILE* pSendLogFile;
FILE* pRecvLogFile;
INT APIENTRY DllMain(HMODULE hDLL, DWORD Reason, LPVOID Reserved)
{
switch(Reason)
{
case DLL_PROCESS_ATTACH: //Do standard detouring
  DisableThreadLibraryCalls(hDLL);
  DetourTransactionBegin();
  DetourUpdateThread(GetCurrentThread());
  DetourAttach(&(PVOID&)pSend, MySend);
  if(DetourTransactionCommit() == NO_ERROR)
   OutputDebugString("send() detoured successfully");
  DetourTransactionBegin();
  DetourUpdateThread(GetCurrentThread());
  DetourAttach(&(PVOID&)pRecv, MyRecv);
  if(DetourTransactionCommit() == NO_ERROR)
   OutputDebugString("recv() detoured successfully");
  break;
case DLL_PROCESS_DETACH:
  DetourTransactionBegin(); //Detach
	    DetourUpdateThread(GetCurrentThread());
  DetourDetach(&(PVOID&)pSend, MySend);
  DetourTransactionCommit();
  DetourTransactionBegin();
	    DetourUpdateThread(GetCurrentThread());
  DetourDetach(&(PVOID&)pRecv, MyRecv);
  DetourTransactionCommit();
  break;
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
  break;
}
return TRUE;
}
//Open file, write contents, close it
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags)
{
fopen_s(&pSendLogFile, "C:\\SendLog.txt", "a+");
fprintf(pSendLogFile, "%s\n", buf);
fclose(pSendLogFile);
return pSend(s, buf, len, flags);
}
int WINAPI MyRecv(SOCKET s, char* buf, int len, int flags)
{
fopen_s(&pRecvLogFile, "C:\\RecvLog.txt", "a+");
fprintf(pRecvLogFile, "%s\n", buf);
fclose(pRecvLogFile);
return pRecv(s, buf, len, flags);
}

but i not have success.

ragdog

ragdog

Posted
Posted

I hope it help
/>http://skilinium.com/blog/?p=742

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go to topic listing
×
×
  • Create New...