Need help creating IPC queue inside a DLL

c++ / delphi package - dll injection and api hooking
Post Reply
xHeaps
Posts: 17
Joined: Mon Oct 18, 2004 12:21 am

Need help creating IPC queue inside a DLL

Post by xHeaps »

Hi all.

I'm trying to follow Walkmans' suggestion (viewtopic.php?t=384) and create the IPC queue. My main goal is to pass the DLL some raw data, so it will be sent via the hooked application. Unfortunately, I have some difficulties to do so. Would anyone be kind enough (Walkman? :P) to show me exactly how to do this?

I'm trying to modify the AppSniff code a bit in order to do this. What I want to do is, let's say, if hooked application is IE, and a certain packet is received, the IE will send my custom packet. So far, no success :(

Basically (and please correct me if I'm wrong here), I want to create the IPC queue inside the sendHook function of the DLL, and then inside the application SendIPCMessage to the DLL, so it will, in turn, send my data via the hook. Is this the right way to do it?

Anyone?
Top
madshi
Site Admin
Posts: 10764
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

Why do you want to do that? Sounds a bit fishy to me. Hopefully it's all legal?

Using CreateIpcQueue in a hook dll is possible, but not really that much recommended, cause it creates secondary threads, which makes later unloading of the dll difficult.
Top
xHeaps
Posts: 17
Joined: Mon Oct 18, 2004 12:21 am

Post by xHeaps »

Don't worry, Mathias, all legal. I wouldn't dream of doing something illegal with your wonderful code...

When I asked my question, it was 3am, and I wasn't thinking clearly. I think it's should be the CreateIPCQueue inside an application, and I should use SendIPCMessage from the DLL to the application, and wait for the answer... Right?
Top
madshi
Site Admin
Posts: 10764
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

xHeaps wrote:I think it's should be the CreateIPCQueue inside an application, and I should use SendIPCMessage from the DLL to the application, and wait for the answer... Right?
If that does what you need, then it's a good solution.
Top
Walkman
Posts: 8
Joined: Fri Jan 28, 2005 3:25 pm

Post by Walkman »

It depends now on how your hooks are "written". I'll post you my sample code :)

Remember, you need to have a working hook before using this, otherwise it wont work :P

(Don't yell at me for doing mistakes etc, it's quite early(late) and I'm sick :confused:

Code: Select all

First start by declaring "DataSocket" as a TSocket.

Code: Select all

For the hook part. This is how my hook callback function looks like.
function sendHookCallback(s: TSocket; Buf: pointer; len, flags: Integer): Integer; stdcall;
begin
 // Just define the socket so we can send data through the same socket...
  DataSocket := s;

  Result := sendNextHook(s, Buf, len, flags);
end;
Create the IPC Queue

Code: Select all

CreateIPCQueueEx(pChar('SendPacket'), SendPacket, 1);
Create the callback function for the IPC Queue.
This is just an ordinary handler for the IPC Messages it will recieve!

Code: Select all

procedure SendPacket(name       : pchar;
                        messageBuf : pointer; messageLen : dword;
                        answerBuf  : pointer; answerLen  : dword); stdcall;
var 
    msg: string;
    Buffer: array [0..255] of byte;
    i, len: integer;
begin

  // Copy the message from IPCMessage into a string
  // this will make it easy to read
  // It will come out EXACTLY the way we send it from our APP
  msg := Copy(pchar(messageBuf), 1, messageLen);

  // This gets the length but packet sized length
  len:=ceil(Length(msg)/2);

  // Loop to put msg in the send buffer...
  for i:=0 to len-1 do
  begin
    // Convert it to data for us to send
    Buffer[i]:=strtoint('$'+Copy(msg,i*2+1,2));
  end;

  // Send the buffer data with our hook
  // This is the REAL winsock function which we hooked
  sendNextHook(DataSocket, @Buffer, len, 0);
end;
After all of this, sending an IPC message like:
SendIPCMessage(pChar('SendPacket'), pChar('0100656565'), 10);

Should work sending your own packet:crazy:

// Walkman

If it is unclear let me know, I'll try help a bit more. But as I mentioned, I'm ill and tired :sceptic:
Top
xHeaps
Posts: 17
Joined: Mon Oct 18, 2004 12:21 am

Post by xHeaps »

Thanks so much Walkman, but unfortunately, I'm doing something wrong. I just can't get it to work.

I've placed the code inside the hook DLL, in the send callback function, and I used the CreateIPCQueue in the DLL, however I can't seem to get the sending working from the app. I get nothing sent. What is it I'm doing wrong? :sceptic:
Top
Walkman
Posts: 8
Joined: Fri Jan 28, 2005 3:25 pm

Post by Walkman »

I'll write you a tutorial DLL if you want, where you can see how it should be made.

If you just want to figure it out yourself; make sure you have the DataSocket initialized (to save the socket you must first make sure at least ONE packet has been sent before sending your own)

Otherwise you can use WSAGetLastError function (search on google and read about it on MSDN). It'll return an integer which is your error-code. Find what that error number is, fix it 8)

PS; What app are you hooking? :o

// Walkman
Top
Post Reply

Return to “madCodeHook”