Page 4 of 5
Posted: Fri Jun 04, 2004 6:25 am
by madshi
Doesn't matter. The dynamic string can hold #0 characters without any problems. SetString doesn't look for #0 characters, either, instead we give in the length of the buffer. So: No problems with #0 chars!
Posted: Fri Jun 04, 2004 11:01 am
by nildo
Coooooll! I Did not know that!
Mathias, is there any way to realloc a memory for a pointer of another process? I am using OpenProcess + WriteProcessMemory to change the packets. How to change the length of this packet (buffer)? Because it can not be donne with SetString, because I change the Buffer directly to the original buffer of the Hooked-application
Thanks a lot !
Posted: Fri Jun 04, 2004 11:24 am
by madshi
Well, basically you can't. Sorry. When the application calls "recv" and gives in a buffer of a specific size there's no way to reliably increase the length of this buffer. You can change the length when hooking "send" (see my code), but not when hooking "receiv". The application who calls "recv" has allocated the buffer and short of changing the caller's asm code (which would be *very* hard) there's no way to change the buffer size.
Posted: Fri Jun 04, 2004 11:44 am
by nildo
madshi wrote:Well, basically you can't. Sorry. When the application calls "recv" and gives in a buffer of a specific size there's no way to reliably increase the length of this buffer. You can change the length when hooking "send" (see my code), but not when hooking "receiv". The application who calls "recv" has allocated the buffer and short of changing the caller's asm code (which would be *very* hard) there's no way to change the buffer size.
Thank you!!
hi
Posted: Fri Jun 04, 2004 6:45 pm
by legion
hi
thank you all for all information that you have posted here.
@madhi
i have tried your code but it doesn't work ?
did you know why ?
what's happen whit your code ?
i have compiled it successfully but when i inject it i cannot send any data.
thank you for all help that you have done
@+
Posted: Fri Jun 04, 2004 8:53 pm
by madshi
Let us see the whole dll code.
hi
Posted: Sat Jun 05, 2004 4:08 pm
by legion
hi
i have just replaced my sendhookproc by the code that your are posted
this is the code that i used
Code: Select all
function SendCallback( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags);
end;
i have also try this code by adding just the result :=0
Code: Select all
function SendCallback( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
result:=0;
while true do begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags)
end
else
begin
Result := sendNextHook(s, Buf, len, flags);
end;
end;
i have tried this two code buit it doesn't work
thank a lot
@+
Posted: Sat Jun 05, 2004 4:48 pm
by madshi
What do you mean with "it doesn't work"? What happens? Do you get crashes?
hi
Posted: Sat Jun 05, 2004 5:13 pm
by legion
hi
when i send data my dll hook crash.
i cannot also send any data when i inject my hook dll.
my dll contain just the code that i have currently posted above.
the code that you posted
@+
Posted: Sat Jun 05, 2004 5:16 pm
by madshi
Could you please post the *whole* dll code?
hi
Posted: Sat Jun 05, 2004 10:05 pm
by legion
helo
hi is my code
Code: Select all
library ws2hook;
{$IMAGEBASE $58000000}
uses
windows,madcodehook,winsock,madstrings;
{$R *.res}
var
sendNextHook: function(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function sendHookProc( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
result:=0;
while true do
begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags)
end
else
begin
Result := sendNextHook(s, Buf, len, flags);
end;
end;
begin
hookapi('ws2_32.dll','send', @sendHookProc, @sendNextHook);
hookapi('wsock32.dll','send', @sendHookProc, @sendNextHook);
end.
Posted: Sun Jun 06, 2004 7:43 am
by madshi
(1) The declaration of your callback function and of the nextHook function variable must always be 100% identical. It is not in your case. That's probably the reason for the problems.
(2) Don't use the same callback and nextHook variable for two different hooks, that doesn't work. If you have 2 hooks, you also need two callback functions and two nextHook variables.
hi
Posted: Sun Jun 06, 2004 11:02 am
by legion
hi
madshi
i have noticed that the two winsock module use the same the parameter (variable).
for the send function.
both use this
Code: Select all
function send(s: TSocket; var Buf; len, flags: Integer);
in another case when i tested to log the winsock data insisde a text file.
i have hooked it like above with one callback for the two send function
and i have successfully logged their data on the same time (ws2_32.dll and wsock32.dll).
also in the send callback i have done one callback for both winsock module
and i have successufuly changed data.but in this case i have just changed data with another one which have the same lenght.
that's why i think that one callback for both different send function isn't the matter ? did you think that ?
(1) The declaration of your callback function and of the nextHook function variable must always be 100% identical. It is not in your case. That's probably the reason for the problems
in your code i seen that you have changed something on their variable
that why i have used your code for test purpose
your code is here
Code: Select all
function SendCallback( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags);
end;
in your code your have changed some variables.
you are used s1 instead of buf and also length instead of the real length.
are you noticed that ?
why are you not used the sizeof(s1) like you adviced to me and also nildo.
thank you again
hooking winsock is very hard
@+
Re: hi
Posted: Sun Jun 06, 2004 12:04 pm
by madshi
legion wrote:i think that one callback for both different send function isn't the matter ? did you think that ?
It's probably not the cause of the problems you're having. But it's wrong nevertheless.
(1) The declaration of your callback function and of the nextHook function variable must always be 100% identical. It is not in your case. That's probably the reason for the problems
in your code your have changed some variables.
you are used s1 instead of buf and also length instead of the real length.
are you noticed that ?
why are you not used the sizeof(s1) like you adviced to me and also nildo.
You don't need to question my code, it's alright. Just read again what I wrote. Do you know what "declaration" means? "Declaration" is the calling convention and the number, names and types of the parameters.
Code: Select all
var sendNextHook: function(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function sendHookProc (s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
Do you see that? There are differences and there
MUST NOT BE any differences.
hooking winsock is very hard
No, it's not. The mistakes you made are not hooking related, nor are they WinSock related. You are making simple normal programming mistakes.
Posted: Mon Jun 07, 2004 12:09 pm
by nildo
One more thing:
Do not hook wsock32.dll, you will get no results, since this DLL calls ws2_32.dll functions. So hook only ws2_32.dll