1
我想學習鉤子,並且只想鉤住.exe的send/recv函數。C++ hooking ws2_32.dll recv
我建設項目作爲一個.dll文件,然後將其注入到.EXE
現在我的問題是我堅持。
我能夠順利地找到地址recv函數,接下來我想查看通過接收數據包..
小指南請在下一步做什麼.. 這是我的.cpp
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include "dll.h"
#include <Winsock.h>
#pragma warning(disable:4996)
#pragma comment (lib,"ws2_32.lib")
typedef int(*WINAPI oldsend)(SOCKET s, const char* buf, int len, int flags);
void Proc_Attach()
{
DWORD dwProtect;
HINSTANCE hLib = LoadLibrary(L"WS2_32.dll");
DWORD OldFuncAddr = (DWORD)GetProcAddress(hLib, "recv");
WCHAR szTest[100]; // WCHAR is the same as wchar_t
// swprintf_s is the same as sprintf_s for wide characters
swprintf_s(szTest, 100, L"%d", OldFuncAddr); // use L"" prefix for wide chars
MessageBox(0, szTest, L"A", MB_ICONINFORMATION);
//MessageBox(0, L" Process Attached!\n", L"Hi", MB_ICONINFORMATION);
}
BOOL APIENTRY DllMain(HINSTANCE hInst /* Library instance handle. */,
DWORD reason /* Reason this function is being called. */,
LPVOID reserved /* Not used. */)
{
switch (reason)
{
case DLL_PROCESS_ATTACH:
Proc_Attach();
break;
case DLL_PROCESS_DETACH:
break;
case DLL_THREAD_ATTACH:
break;
case DLL_THREAD_DETACH:
break;
}
return TRUE;
}
頭文件
#pragma once
#ifndef _DLL_H_
#define _DLL_H_
#if BUILDING_DLL
# define DLLIMPORT __declspec (dllexport)
#else /* Not BUILDING_DLL */
# define DLLIMPORT __declspec (dllimport)
#endif /* Not BUILDING_DLL */
DLLIMPORT void Proc_Attach(void);
#endif /* _DLL_H_ */