Hello,
I have the following question:
I wrote an app which hooks Winsock DLLs and when I tried to catch traffic sent to IIS I got nothing...now my opinion is that IIS is not using winsock...in that case, for those who came across this problem, do you have any idea how to catch IIS traffic (or any other service doing network business)
cheers
denis
PS: madshi, you rock dude...madCodeHooking is awesome
Hooking services
You did use "SYSTEM_PROCESSES" when calling InjectLibrary, didn't you?
I've no idea what IIS is using. Which WinSock version are you hooking? WinSock 1 or WinSock 2 or both? For some WinSock APIs there are 4 variations, I believe. WinSock 1 normal, Winsock 1 Async, WinSock 2 normal and WinSock 2 Async. Are you hooking all of them?
I've no idea what IIS is using. Which WinSock version are you hooking? WinSock 1 or WinSock 2 or both? For some WinSock APIs there are 4 variations, I believe. WinSock 1 normal, Winsock 1 Async, WinSock 2 normal and WinSock 2 Async. Are you hooking all of them?
>>You did use "SYSTEM_PROCESSES" when calling InjectLibrary, didn't you?
Of course
I hook wsock32.dll, w_s32.dll i guess it's both winsock versions.
now that you mentioned Async...I don't hook WSAxxxxxx group at all so I think I should look into it a little maybe this is where the trick is... after all IIS from M$ isn't it and the WSxxx set is M$'s contribution to winsock
Thank's I'll get busy soon.
>>I've no idea what IIS is using. Which WinSock version are you hooking? WinSock 1 or WinSock 2 or both? For some WinSock APIs there are 4 variations, I believe. WinSock 1 normal, Winsock 1 Async, WinSock 2 normal and WinSock 2 Async. Are you hooking all of them?
One more question:
If I want to sell my app which I make with madCollection I understand I need a developer's license (150$) right?
If yes, what do I get with it and where do I send the check
Of course
I hook wsock32.dll, w_s32.dll i guess it's both winsock versions.
now that you mentioned Async...I don't hook WSAxxxxxx group at all so I think I should look into it a little maybe this is where the trick is... after all IIS from M$ isn't it and the WSxxx set is M$'s contribution to winsock
Thank's I'll get busy soon.
>>I've no idea what IIS is using. Which WinSock version are you hooking? WinSock 1 or WinSock 2 or both? For some WinSock APIs there are 4 variations, I believe. WinSock 1 normal, Winsock 1 Async, WinSock 2 normal and WinSock 2 Async. Are you hooking all of them?
One more question:
If I want to sell my app which I make with madCollection I understand I need a developer's license (150$) right?
If yes, what do I get with it and where do I send the check
If you use/need the whole collection, then it's USD 150, that's right. If you use/need madCodeHook only, then it's USD 75.denisb wrote:If I want to sell my app which I make with madCollection I understand I need a developer's license (150$) right?
You get the right to sell your app which you make with madCollection!denisb wrote:If yes, what do I get with it
Also you get some of madCollection's source code (but not all).
whole madCollection:denisb wrote:where do I send the check
http://shareit1.element5.com/programs.h ... tid=136924
madCodeHook only:
http://shareit1.element5.com/programs.h ... tid=135407