madshi.net

Yarek, Torcap only speaks SOCKS4 and unless your proxy speaks this it won't work. Wow, you're starting to confuse me now because most of the important questions i asked you yesterday didn't get a response. Please talk to me like I'm a child because I'm having the hardest time trying to make sense of...

Madshi, He didn't say whether he's using Delphi or BCB but if he's using Delphi he probably wondered because GetLocalTime is a procedure in Delphi and not a function in Delphi. Although procedures are semantically voided functions maybe it confused him, unless you had c coding experience one might c...

my lunch break is over, back to work :cry: by the way i failed to mention this before but if you've research different aspects of working with sockets what I think you're trying to do is actually write an application layer gateway, which is a tad bit different than a proxy. The differences are subtl...

as i said, i'll look into it later tonight or tomorrow evening when i have the time. I looked at the link you provided and that's a little bit different than what you're trying to do. If you're just wanting to hook winsock to redirect connections locally on your PC you certainly don't need to use SO...

I'll take a look at it tonight if I have time, if not tonight tomorrow evening. It looks like you're using some of appsniff's code in your project and I remember looking at that many months ago. I'll install indy x when i get a chance too, i currently don't have it installed. I have used INDY's TCPM...

or not, apparently Mathias disabled PM support for this forum. You can email me at an alternate address i own.

mov.eax.0x13@gmail.com

--Iconic

I don't need your proxy code, just your DLL source code to determine what's going on. I've already written plenty of winsock code to bounce connections so i'll be able to get a test going sometime in the next day or so, depending on how much time i have to spare. I'll PM you my email on this forum s...

After you proxy the connection successfully it's easy to check the recv buffer for data you would deem offensive, like the word "sex" in a URL. If that's all you're trying to do, meaning disallow visiting a website based on URL content you certainly do not need to hook winsock, there are m...

By the way, i still don't understand what you mean by this I tried to call the connectHookProc myself, but it seems when calling connectHookProc from sendHookProc does not make any effect ... Thanks again. but I think you should realize that for example, WSAConnect() and Connect() are not the same A...

tell me what you're trying to accomplish and maybe i can free up some time to help you, i've _successfully_ hooked winsock many times for various reasons. If you're just trying to monitor send/recv operations, relay a connection or whatever your reason is I need to know what you're attempting to do ...

I'll research it next week when my life isn't so busy, i'll start by killing of KPF and all dependencies, then checking the for the hooks in memory, maybe by cmp the disk images verse the memory images for modifications. I haven't determined their hooking method because I haven't bothered to investi...

I've just searched for my past email communication about Kerio. I think the situation is this: Kerio overwrites the first bytes of WinSock functions to hook the APIs. That's basically what madCodeHook does, too. Now madCodeHook realizes that the APIs are already hooked and installing just another h...

It's no problem to hook OpenProcess etc, because even if I use them nothing bad happens. Problems occur only if a hook callback function calls something which results in another call to the hooked API again and again (= endless recursion). But that can't happen with OpenProcess, because it's a very...

I meant to mention this the other day, but since I have the time now i suppose I'll mention it. I have never had any AV/Firewall problems with madcodehook until just recently. A few months ago I downloaded a free trial version of KPF (Kerio Personal Firewall) and ran it with default settings. After ...

You could try hooking OpenProcess or WriteProcessMemory or CreateRemoteThread - or any combination of them. Then there are native APIs which do the same tasks, which you could also (or instead) hook. Madshi. Doesn't madcodehook use these calls internally? If so, maybe it would be unwise to hook suc...