Postby asterick » Wed Apr 21, 2004 1:28 am

I managed to get the program injected, and it appears to have attached fine, but any time I attempt to access namelen or *name in my hooked function, it causes a fault and crashes. it says buffer overrun.

Any help anyone could provide would be wonderful, here are the important bits:

Code: Select all
char CapturedData[0x10000];

typedef struct
   char ID;
   int Length;
   SOCKET Socket;
   char Name[14];

int (*connectNext)( SOCKET s, const struct sockaddr FAR *name, int namelen );
int connectHook( SOCKET s, const struct sockaddr FAR *name, int namelen )
   CONNECT *cData = (CONNECT*)(&CapturedData[CaptureLength += sizeof(CONNECT)]);
   int i;

   cData->Length = sizeof(CONNECT);
   cData->Socket = s;
                for(i=0;i<namelen;i++) ; // this crashes

   return connectNext( s, name, namelen ) ;

    HookAPI("ws2_32.dll", "connect",    connectHook,     (PVOID*) &connectNext);

Postby madshi » Wed Apr 21, 2004 8:04 am

It seems to me that you forgot using the WINAPI calling convention.
