madshi.net

high quality low level programming
http://forum.madshi.net/

Help About Winsock Hook

http://forum.madshi.net/viewtopic.php?f=7&t=84

Page 1 of 1

Help About Winsock Hook

Posted: Fri Jun 11, 2004 6:53 am
by weic
Hi all,
I konw someone can use madCodeHook to Hook Winsock sucessfully,
but I can't, :(
what's problem with my program? Here is my code, please help;

Code: Select all

library SockHook;

uses
  SysUtils,
  System,
  winsock2,
  windows,
  Messages,
  madCodeHook;

{$R *.res}

var
  RecvNext: function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
  SendNext: function (s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;

  WSASendNext: function (s:TSocket;lpBuffers:LPWSABUF;
                         dwBufferCount:dword;lpNumberOfBytesSent:LPDWORD;
                         dwFlags:DWORD;lpOverlapped:LPWSAOVERLAPPED;
                         lpCompletionROUTINE:LPWSAOVERLAPPED_COMPLETION_ROUTINE):integer;stdcall;
  WSARecvNext: function (s:TSocket;lpBuffers:LPWSABUF;
                         dwBufferCount:dword;lpNumberOfBytesSent:LPDWORD;
                         dwFlags:DWORD;lpOverlapped:LPWSAOVERLAPPED;
                         lpCompletionROUTINE:LPWSAOVERLAPPED_COMPLETION_ROUTINE):integer;stdcall;

  hParentWnd: THandle;


procedure SaveInfo(sMsg: String);
var
  ds: TCopyDataStruct;
begin
  ds.cbData := Length(sMsg) + 1;
  GetMem(ds.lpData,ds.cbData);
  StrCopy(ds.lpData,PChar(sMsg));
  if hParentWND <> 0 then
    SendMessage (hParentWND, WM_COPYDATA, 0,Cardinal(@ds));
  FreeMem(ds.lpData);
end;

procedure GetParentHWND(s: THandle);
begin
  hParentWND := s;
end;

function RecvCallback(s: TSocket; var Buf; len, flags: Integer) : Integer; stdcall;
begin
  result := RecvNext(s,Buf,len,flags);
  SaveInfo('Recv');
end;

function SendCallback(s: TSocket; var Buf; len, flags: Integer) : Integer; stdcall;
begin
  result := SendNext(s,Buf,len,flags);
  SaveInfo('Send');
end;

function WSASendHook(s:TSocket;lpBuffers:LPWSABUF;
          dwBufferCount:dword;lpNumberOfBytesSent:LPDWORD;
          dwFlags:DWORD;lpOverlapped:LPWSAOVERLAPPED;
          lpCompletionROUTINE:LPWSAOVERLAPPED_COMPLETION_ROUTINE):integer;stdcall;
begin
  WSASendHook:=WSASendNext(s,lpBuffers,dwBufferCount,
          lpNumberOfBytesSent,dwFlags,lpOverlapped,lpCompletionROUTINE);
  SaveInfo('WSASend');
end;

function WSARecvHook(s:TSocket;lpBuffers:LPWSABUF;
          dwBufferCount:dword;lpNumberOfBytesSent:LPDWORD;
          dwFlags:DWORD;lpOverlapped:LPWSAOVERLAPPED;
          lpCompletionROUTINE:LPWSAOVERLAPPED_COMPLETION_ROUTINE):integer;stdcall;
begin
  WSARecvHook:=WSARecvNext(s,lpBuffers,dwBufferCount,
          lpNumberOfBytesSent,dwFlags,lpOverlapped,lpCompletionROUTINE);
  SaveInfo('WSARecv');
end;


procedure DoHook;
begin
  HookAPI('ws2_32.dll', 'recv', @RecvCallback, @RecvNext);
  HookAPI('ws2_32.dll', 'send', @SendCallback, @SendNext);

  HookAPI('ws2_32.dll','WSASend',@WSASendHook,@WSASendNext);
  HookAPI('ws2_32.dll','WSARecv',@WSARecvHook,@WSARecvNext);

  SaveInfo('Hooking.....');
end;

exports
  GetParentHWND,DoHook;

begin
  DoHook;
end.
THK's :crazy:

Posted: Fri Jun 11, 2004 10:47 am
by madshi
The hooking probably works. But your message sending will not work. Look, each running process loads a totally independent copy of your hook dll. When you call "GetParentHwnd" you tell the hook dll copy which is loaded in your own process where to send the message to. But all the other dll copies still don't know that.

Basically I recommend to not export anything from the hook dll. It's not bad in itself. But not exporting anything will force you to do it right.

You can use SendIpcMessage and related functions to do the message sending. See documentation. Also see HookProcessTermination and PrinterMonitor demos.

try

Posted: Tue Jun 15, 2004 12:51 pm
by weic
thanks ,madshi.

I understand what you mean.I will try other ways, : )
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited