Winsock

c++ / delphi package - dll injection and api hooking
Post Reply
cooletta
Posts: 2
Joined: Tue Apr 27, 2004 3:40 pm

Winsock

Post by cooletta »

Would love to see examples of hooking Winsock. :?
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Some of my customers have successfully hooked WinSock functions, so it does work. I've no demo for it ready, though. My to do list tells me to write such a demo, cause the demand for that is quite high. But my to do list is quite full, so I can't promise a specific release date.
nildo
Posts: 249
Joined: Mon Mar 22, 2004 11:32 am
Contact:

Post by nildo »

Hi hi!
Well, I've succefully hooked WinSock functions. Its normal, use the same method of hooking any other function. But to writte an example of that is quite difficult because you need to transfer the data from your DLL to your EXE. But that data has no size limit, so you need to pass the Pointer of that buffer and use ReadProcessMemory to read that buffer from the target EXE. What else do you wanna know? Maybe I can help you...
cooletta
Posts: 2
Joined: Tue Apr 27, 2004 3:40 pm

Winsock hooking

Post by cooletta »

Nildo,
Thanks for the input. To be honest, I do not know C++ well enough to be trying to do this completely on my own. I have never hooked anything before. But if I had example code to look at, I might be able to pull it off eventually. As it is now, I don't know what questions to ask you.
STRASHARO
Posts: 5
Joined: Sun May 02, 2004 11:53 am
Contact:

Winsock

Post by STRASHARO »

Yeah,it will be nice to if someone posts examples for sendto() and recvfrom() hooking. :wink:
Have a nice day! :D
chet123
Posts: 1
Joined: Sun May 02, 2004 9:24 pm

inject dll to hook writeconsole in win xp ping app

Post by chet123 »

Hi, I have installed the madhook environment on my XP box. I am trying to dynamically inject a win32 hook on write console. The ping app is running while I am trying to do this. I keep getting a hook failed. Is the madhook lib capable of injecting into ping app while it is running?
Thanks
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

madCodeHook should be able to inject into it and hook APIs there. What part of your program fails? The injecting or the hooking? Does InjectLibrary or HookAPI return true or false?
nildo
Posts: 249
Joined: Mon Mar 22, 2004 11:32 am
Contact:

Post by nildo »

The DLL you need to hook is ws2_32.dll. THe functions are 'send', 'sendto', 'recv', recvfrom' (case sensitive)
Post Reply