winsock hooking
Coooooll! I Did not know that!
Mathias, is there any way to realloc a memory for a pointer of another process? I am using OpenProcess + WriteProcessMemory to change the packets. How to change the length of this packet (buffer)? Because it can not be donne with SetString, because I change the Buffer directly to the original buffer of the Hooked-application
Thanks a lot !
Mathias, is there any way to realloc a memory for a pointer of another process? I am using OpenProcess + WriteProcessMemory to change the packets. How to change the length of this packet (buffer)? Because it can not be donne with SetString, because I change the Buffer directly to the original buffer of the Hooked-application
Thanks a lot !
Well, basically you can't. Sorry. When the application calls "recv" and gives in a buffer of a specific size there's no way to reliably increase the length of this buffer. You can change the length when hooking "send" (see my code), but not when hooking "receiv". The application who calls "recv" has allocated the buffer and short of changing the caller's asm code (which would be *very* hard) there's no way to change the buffer size.
Thank you!!madshi wrote:Well, basically you can't. Sorry. When the application calls "recv" and gives in a buffer of a specific size there's no way to reliably increase the length of this buffer. You can change the length when hooking "send" (see my code), but not when hooking "receiv". The application who calls "recv" has allocated the buffer and short of changing the caller's asm code (which would be *very* hard) there's no way to change the buffer size.
hi
hi
thank you all for all information that you have posted here.
@madhi
i have tried your code but it doesn't work ?
did you know why ?
what's happen whit your code ?
i have compiled it successfully but when i inject it i cannot send any data.
thank you for all help that you have done
@+
thank you all for all information that you have posted here.
@madhi
i have tried your code but it doesn't work ?
did you know why ?
what's happen whit your code ?
i have compiled it successfully but when i inject it i cannot send any data.
thank you for all help that you have done
@+
hi
hi
i have just replaced my sendhookproc by the code that your are posted
this is the code that i used
i have also try this code by adding just the result :=0
i have tried this two code buit it doesn't work
thank a lot
@+
i have just replaced my sendhookproc by the code that your are posted
this is the code that i used
Code: Select all
function SendCallback( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags);
end;
Code: Select all
function SendCallback( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
result:=0;
while true do begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags)
end
else
begin
Result := sendNextHook(s, Buf, len, flags);
end;
end;
thank a lot
@+
hi
helo
hi is my code
hi is my code
Code: Select all
library ws2hook;
{$IMAGEBASE $58000000}
uses
windows,madcodehook,winsock,madstrings;
{$R *.res}
var
sendNextHook: function(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function sendHookProc( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
result:=0;
while true do
begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags)
end
else
begin
Result := sendNextHook(s, Buf, len, flags);
end;
end;
begin
hookapi('ws2_32.dll','send', @sendHookProc, @sendNextHook);
hookapi('wsock32.dll','send', @sendHookProc, @sendNextHook);
end.
(1) The declaration of your callback function and of the nextHook function variable must always be 100% identical. It is not in your case. That's probably the reason for the problems.
(2) Don't use the same callback and nextHook variable for two different hooks, that doesn't work. If you have 2 hooks, you also need two callback functions and two nextHook variables.
(2) Don't use the same callback and nextHook variable for two different hooks, that doesn't work. If you have 2 hooks, you also need two callback functions and two nextHook variables.
hi
hi
madshi
i have noticed that the two winsock module use the same the parameter (variable).
for the send function.
both use this
in another case when i tested to log the winsock data insisde a text file.
i have hooked it like above with one callback for the two send function
and i have successfully logged their data on the same time (ws2_32.dll and wsock32.dll).
also in the send callback i have done one callback for both winsock module
and i have successufuly changed data.but in this case i have just changed data with another one which have the same lenght.
that's why i think that one callback for both different send function isn't the matter ? did you think that ?
that why i have used your code for test purpose
your code is here
in your code your have changed some variables.
you are used s1 instead of buf and also length instead of the real length.
are you noticed that ?
why are you not used the sizeof(s1) like you adviced to me and also nildo.
thank you again
hooking winsock is very hard
@+
madshi
i have noticed that the two winsock module use the same the parameter (variable).
for the send function.
both use this
Code: Select all
function send(s: TSocket; var Buf; len, flags: Integer);
i have hooked it like above with one callback for the two send function
and i have successfully logged their data on the same time (ws2_32.dll and wsock32.dll).
also in the send callback i have done one callback for both winsock module
and i have successufuly changed data.but in this case i have just changed data with another one which have the same lenght.
that's why i think that one callback for both different send function isn't the matter ? did you think that ?
in your code i seen that you have changed something on their variable(1) The declaration of your callback function and of the nextHook function variable must always be 100% identical. It is not in your case. That's probably the reason for the problems
that why i have used your code for test purpose
your code is here
Code: Select all
function SendCallback( s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
var s1 : string;
begin
SetString(s1, Buf, len);
ReplaceStr(s1, 'hello', 'reallycool');
result := sendNextHook(s, pointer(s1), length(s1), flags);
end;
you are used s1 instead of buf and also length instead of the real length.
are you noticed that ?
why are you not used the sizeof(s1) like you adviced to me and also nildo.
thank you again
hooking winsock is very hard
@+
Re: hi
It's probably not the cause of the problems you're having. But it's wrong nevertheless.legion wrote:i think that one callback for both different send function isn't the matter ? did you think that ?
You don't need to question my code, it's alright. Just read again what I wrote. Do you know what "declaration" means? "Declaration" is the calling convention and the number, names and types of the parameters.in your code your have changed some variables.(1) The declaration of your callback function and of the nextHook function variable must always be 100% identical. It is not in your case. That's probably the reason for the problems
you are used s1 instead of buf and also length instead of the real length.
are you noticed that ?
why are you not used the sizeof(s1) like you adviced to me and also nildo.
Code: Select all
var sendNextHook: function(s: TSocket; var Buf; len, flags: Integer): Integer; stdcall;
function sendHookProc (s: Integer; Buf: Pointer; len, flags: Integer): Integer; stdcall;
No, it's not. The mistakes you made are not hooking related, nor are they WinSock related. You are making simple normal programming mistakes.hooking winsock is very hard