Winsock (mainly recv function)
Winsock (mainly recv function)
I've read a bunch of text right now and I decided to ask here now .
Anyways, I've successfully coded a winsock hook for both the send() and recv() functions. I've managed to read both the sent and recieved data of an application through my hooking DLL. I've also managed to be able to send my own packets through ipc queue's which calls a function in the DLL file; as if the application is sending the packets itself.
I've now encountered a problem with the recv function: I'm trying to make the application recieve packets as if they were sent from the server. (I am aware that I can filter packets, but that is not what I want). But none of my tests worked.
So, basically I just need a little help or a push in the right direction
Thanks for any answers in advance;
If it is any help I'm doing this with Delphi 7 and of course madCodeHook
// Walkman
PS: I recently reinstalled my other computer, but every time I tried to use InjectLibrary on that computer (WinME) every system process caused an error and the computer had to be restarted. Any idea what causes this?
Anyways, I've successfully coded a winsock hook for both the send() and recv() functions. I've managed to read both the sent and recieved data of an application through my hooking DLL. I've also managed to be able to send my own packets through ipc queue's which calls a function in the DLL file; as if the application is sending the packets itself.
I've now encountered a problem with the recv function: I'm trying to make the application recieve packets as if they were sent from the server. (I am aware that I can filter packets, but that is not what I want). But none of my tests worked.
So, basically I just need a little help or a push in the right direction
Thanks for any answers in advance;
If it is any help I'm doing this with Delphi 7 and of course madCodeHook
// Walkman
PS: I recently reinstalled my other computer, but every time I tried to use InjectLibrary on that computer (WinME) every system process caused an error and the computer had to be restarted. Any idea what causes this?
No, the demos didn't work either. The first thing that happends is that kernel causes an error in <unknown> and then a chain reaction that eventually crashes the whole system.
(It worked before I formatted the computer; altho all drivers etc are back where they should be as before. But I must have missed something, otherwise this wouldn't have happened)
// Walkman
(It worked before I formatted the computer; altho all drivers etc are back where they should be as before. But I must have missed something, otherwise this wouldn't have happened)
// Walkman
Re: Winsock (mainly recv function)
Could you please explain how did you manage to do this?Walkman wrote:... I've also managed to be able to send my own packets through ipc queue's which calls a function in the DLL file; as if the application is sending the packets itself.
Thanks!
Of course. Create an IPC queue which points to an IPC handler. At the IPC handler you extract the "packet" from the IPC message. (Like, send an IPC message that looks like a packet in HEXadecimals).
After you've caught the packet and copied it then convert it to raw data format. I can help you with that loop if you want.
When you've done all that, just call the real Winsock Send function; but instead of calling with the normal "Buf" pointer, use your raw data you caught from the IPC Queue.
If this was unclear, tell me and I'll try to clarify
Edit:
Also, be sure you use the same socket number for YOUR send function as in the real one. A global variable might help you there
// Walkman
After you've caught the packet and copied it then convert it to raw data format. I can help you with that loop if you want.
When you've done all that, just call the real Winsock Send function; but instead of calling with the normal "Buf" pointer, use your raw data you caught from the IPC Queue.
If this was unclear, tell me and I'll try to clarify
Edit:
Also, be sure you use the same socket number for YOUR send function as in the real one. A global variable might help you there
// Walkman
Last edited by Walkman on Sun Feb 06, 2005 10:09 am, edited 1 time in total.
Thanks, it was perfectly clear, as I already tried something similar myself, but with no apparent success.
The thing is, the hooked application trough which I was trying to send the packet either didn't respond, and sometimes even crashed...
So if it is possible, I will keep trying! Thanks!
BTW, which application do you hook?
The thing is, the hooked application trough which I was trying to send the packet either didn't respond, and sometimes even crashed...
So if it is possible, I will keep trying! Thanks!
BTW, which application do you hook?
WSAGetLastError returns an error code 10035 (WSAEWOULDBLOCK ) and I got no idea why it does this, or how to get around it. It's quite late now so I'll hopefully find something on this later.
I think I found out the problem (just woke up) - I'm trying to recieve data on a socket which is not cleared. I'm thinking up several approaches now and if I can find something I'll tell you.
// Walkman
I think I found out the problem (just woke up) - I'm trying to recieve data on a socket which is not cleared. I'm thinking up several approaches now and if I can find something I'll tell you.
// Walkman