Hooking Winsock Again(sorry if this has already been covered

c++ / delphi package - dll injection and api hooking
Post Reply
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Hooking Winsock Again(sorry if this has already been covered

Post by mic »

the program sends data fine but...
what i would like to do is to hook winsock and recieve incoming data from the game and place it into a byte array, what code would i need

thx, in advance

Code: Select all

//CODE FOR LOADER

program CaveBot;

uses

Windows,
Sysutils,
madCodeHook;

var

StartInfo: TStartupInfo;
ProcInfo: TProcessInformation;

begin
ZeroMemory(@StartInfo, SizeOf(TStartupInfo));
ZeroMemory(@ProcInfo, SizeOf(TProcessInformation));
StartInfo.dwFlags := STARTF_USESHOWWINDOW;
StartInfo.wShowWindow := SW_SHOW;
CreateProcessEx(PChar(ExtractFilePath(paramstr(0)) + '\tibia.exe'), nil, nil, nil, False, 0, nil, nil, StartInfo, ProcInfo, PChar(ExtractFilePath(paramstr(0)) + '\CaveBot.dll'));
end.

Code: Select all

//DLL

library Project1;

uses
  Windows,
  Winsock,
  madCodeHook,
  Math,
  Forms,
  Classes,
  SysUtils,
  Unit1 in 'Unit1.pas' {Form1};

var
  Form1: TForm1;
  Application: TApplication;

const
  szTargetExe: string = 'tibia.exe';
  szTargetClass: string = 'TibiaClient';

function IsTibiaWindow(Window: HWND): boolean;
var
  PID: dword;
begin
  GetWindowThreadProcessId(Window, @PID);
  Result := GetCurrentProcessId = PID;
end;

function HighOrderBitSet (theWord: Word): Boolean;
const
  HighOrderBit = 15;
type
  BitSet = set of 0..15;
begin
  HighOrderBitSet := (HighOrderBit in BitSet(theWord));
end;

procedure Main;
begin
  Application := TApplication.Create(nil);
  Form1 := TForm1.Create(Application);
  Form1.Show;
  while True do
  begin
    Application.ProcessMessages;
    if IsTibiaWindow(GetForegroundWindow) then
    begin
      if HighOrderBitSet(Word(GetKeyState(VK_CONTROL))) then
      begin
        if HighOrderBitSet(Word(GetKeyState(VK_F12))) then
        begin
          if Form1.Visible then
            Form1.Hide
          else
            Form1.Show;
          Sleep(200);
        end;
      end;
    end;
    Sleep(1);
  end;
end;

procedure EntryPoint(Reason: dword); stdcall;
var
  TID: dword;
begin
  if Reason = DLL_PROCESS_ATTACH then
  begin
    CreateThread(nil, 0, @Main, nil, 0, TID);
  end;
end;

begin
  DLLProc := @EntryPoint;
  EntryPoint(DLL_PROCESS_ATTACH);
end.


unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, Math, Winsock, madCodeHook, ExtCtrls, StdCtrls;

var
  Form1: TForm1;
  DataSocket: TSocket;
  sendNextHook: function(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;

  const
  szTargetExe: string = 'tibia.exe';
  szTargetClass: string = 'TibiaClient';

implementation

{$R *.dfm}

function sendHookProc(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
begin
  DataSocket := s;
  Result := sendNextHook(s, Buf, len, flags);
end;

procedure CastSpell(Spell: string);
var
  Buffer: array [0..255] of byte;
begin
  Buffer[0] := byte(Length(Spell) + 4);
  Buffer[1] := $00;
  Buffer[2] := $96;
  Buffer[3] := $01;
  Buffer[4] := Length(Spell);
  Buffer[5] := $00;
  CopyMemory(@Buffer[6], @Spell[1], Length(Spell));
  sendNextHook(DataSocket, Buffer, Length(Spell) + 6, 0);
end;

procedure TForm1.FormCreate(Sender: TObject);
begin
  DataSocket := 0;
  HookCode(@send, @sendHookProc, @sendNextHook);
end;

end.
nildo
Posts: 249
Joined: Mon Mar 22, 2004 11:32 am
Contact:

Post by nildo »

Sorry, but you are trying to put your application inside your DLL. THis is not acceptable by a Hook DLL, you should never use VCL into a Hook DLL.
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

what should i do then. ive just learnt delphi like in a day so im not that great

but what i really need to know is how to get the incoming data
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

I guess you need to hook recv / WSARecv, but maybe I misunderstood you? For sure you shouldn't use the VCL in a hook dll, as nildo said.
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

Code: Select all

function recvHookProc(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
var
  AsciiBuffer: string;
begin
  //call the real winsock function
  Result := recvNextHook(s, Buf, len, flags);
  //convert data to readable ascii suitable for logging
  AsciiBuffer := ConvertDataToAscii(@Buf, Result);

  edit1.text := edit1.text + '#13#10' + AsciiBuffer; [b]<---- WAT IS WRONG WITH THIS, HOW DO I ADD THE INCOMING DATA TO A TEXTBOX[/b]

end;

and what do u mean by vcl? and why is it wrong to put it in the dll? and how would i put it somewhere else?
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

The VCL is the "visual component library". All that you can do with the object inspector, the units "Classes", "Forms", "Controls" and that stuff are VCL. Check the size of your DLL, it should be quite big. A good size for a typical madCodeHook hook dll is < 100kb.

You shouldn't use the VCL is a hook dll, because it blows up the DLL size very much and because it's not thread safe. A hook DLL should do only what is absolutely necessary and not more, because the to-be-hooked application was not programmed with hook DLLs in mind. Your hook DLL must not break anything.

Look at the printer monitor demo to see who a hook DLL can output information.
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

im confused :( so i should move the form stuff to the loader?

if i do that how do i use the send and recieve hook parts in the loader?
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

can u plz just reformat my code with what i should have in the dll, and what i should have in the loader, and then can u show me how to use the dll functions in the loader?
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

You shouldn't do that "edit1" stuff in your dll. Instead use SendIpcMessage to send a message to your application. The application can then write that into the memo.

And you can't directly call the dll functions from your loader application. You need to understand that a copy of your dll is loaded into each and every running process. So you could call the functions of the dll which is loaded in your own loader process. But that would not have any effect on any other dll copy.
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

i understand what u mean but im not a delphi programmer

can u just reformat the code (so the loader has the form and calls the dll functions) i dont really understand delphi

thx in advance
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

I'm really sorry, but I don't have the time for that.

What language are you usually using? madCodeHook can also be used from C(++), if that makes life easier for you.
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

i use vb normally :(
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

so is it actually difficult to reformat it?
madshi
Site Admin
Posts: 10754
Joined: Sun Mar 21, 2004 5:25 pm

Post by madshi »

It's more than reformatting. The DLLs (I mean the DLL copies) need to send the information to the application and the application needs to receive and display it. The printer monitor demo really contains all that. Studying that should really get you going (I think).
mic
Posts: 11
Joined: Mon May 31, 2004 12:04 pm

Post by mic »

ok thx ill have a look :)

sorry to bother u its just that im only learning delphi to hook a game and make a bot but since i come from a vb background i thought it would be easier to learn delphi than cpp and im only just beginning to learn
Post Reply